Last month my friend Lao Zhou did something stupid. There was a chunk of USDC in his wallet. He meant to transfer it from Binance into ETH, but somehow he copied a contract address from a phishing website somewhere. When MetaMask popped up, he didn’t look closely either—he just clicked confirm with one slip of the finger. Three seconds later, the money was gone. It wasn’t a hack; he had authorized a malicious contract himself. The other party transferred all the USDC from his wallet away.

Afterwards he told me: If only someone could have stopped me back then.

I told him there’s nobody on-chain to stop you—the contract only understands instructions, not people.

I’ve been thinking about this for a long time. In Web2, we’re already used to all kinds of risk controls: verifying large transfers from bank cards, requiring a second confirmation for payments on unfamiliar websites, freezing credit card transactions when something looks abnormal. But on-chain, all these protections are gone. Smart contract logic is simple: if you call this function, I execute it. It doesn’t care whether the transaction is reasonable, whether it’s truly your intent, or whether it exceeds the limits you set.

This is actually the biggest problem in the on-chain world: execution is too free.

Especially now that there are more and more AI Agents: they can automatically cross-chain, trade automatically, and manage funds automatically. Execution speeds are getting faster, and the window for things to go wrong is getting shorter too. In the past, we did things manually, so we could at least glance at it ourselves. Now it’s all automated scripts running—one authorization mistake could drain an entire treasury in just a few seconds. If traditional contract rules are hard-coded, you can’t change them. Want to add dynamic risk control? Either you cram it into the contract, making it extremely complex and prone to vulnerabilities, or you hand it to a centralized server—which is no different from going back to traditional finance.

So when the community first started pushing @NewtonProtocol , I didn’t really take it seriously at first. The name sounded like a new chain, and it also rode the AI narrative. I thought, “Here we go again—another hot project.” But after reading the documentation, I realized what it’s doing is completely different from what I imagined.

It’s not there to help you do transactions—it blocks those transactions that shouldn’t happen in the first place, keeping them out at the door.

Just like Zhou’s authorization memo: if you run it in Newton’s system, his Policy probably already has per-transaction limits set—for example, it can’t exceed a certain amount. It might also block authorizations if a strange contract address isn’t on the whitelist. In that case, the transaction never even reaches the execution step; it gets stuck at the authorization verification stage right away.

Newton’s approach is to fully extract the authorization step from the application layer and smart contract layer, and turn it into an independent protocol-level layer. There are three core parts: Task, Policy, and AVS. Task compresses vague instructions issued by users or Agents into verifiable execution units, preventing the system from failing to converge due to semantic divergence. Policy is a dynamic strategy engine. Users can customize rules at any time—per-transaction limits, contract whitelists, time window restrictions, function-calling permissions—how you want to tune it is up to you, without redeploying a contract every time you change something. AVS is built on EigenLayer for decentralized verification. Multiple nodes reach consensus on the matching results between Task and Policy, and output trusted execution permissions via BLS aggregated signatures.

When these three layers stack together, they solve three fundamental problems that are most likely to make the system collapse: uncontrollable semantics, non-evolvable permissions, and authorization that easily becomes centralized.

Recently I’ve repeatedly taken Mainnet Beta apart several times. The more I look, the more it feels like it isn’t stacking features—it’s filling gaps. In the past, on-chain defaulted to “if you can execute, then execute,” and only after something went wrong would you assign responsibility. Now it changes to: you must first obtain a verifiable authorization proof before you can execute. The source of trust moves from the execution result itself to the authorization process.

For ordinary users and developers, the most straightforward experience is VaultKit. It directly plugs real funds into this authorization system, so that Policy, Task, and AVS can undergo stress testing in real money environments—not just simulated data on testnets. Do AI Agents want to operate automatically? First, pass the rule checks of the strategy engine, generate on-chain verifiable credentials, and then execute. The whole process preserves decentralization while adding a controllable security boundary.

$NEWT Tokens are not merely governance tokens—they’re the cost-and-security binding layer for the entire authorization network. Verification requires ongoing costs: node staking, compute settlement, and cross-chain fees all consume $NEWT. The total supply is fixed at 1 billion with no additional issuance, forming a fairly clear economic closed loop. As long as authorization demand continues to exist, $NEWT has a foundational value anchor.

Of course, any new infrastructure is worth observing calmly during the Mainnet Beta stage. The key areas that need the most attention right now are: Task processing efficiency under large-scale requests, state management after complex combinations of Policies, AVS’s consistency and latency performance in real networks, and the growth in the actual number of authorization requests on the network. These are the core metrics to test whether the architecture truly holds up.

My personal take on Newton is: it has hit a real, long-standing problem. When AI Agents and automated strategies are massively deployed on-chain, rule checks before execution must be standardized at the protocol level. The direction is right, and the technical path is fairly solid. From what I can see, it’s more like infrastructure “make-up” for something Web3 has been missing, rather than a short-term narrative concept.

As for how the price moves, I never make random guesses. In the crypto world, it ultimately comes down to real-world adoption and network effects. If DeFi, stablecoin payments, and AI automation truly take off in the future, the importance of the pre-authorization layer will become increasingly prominent.

I’m still continuing to observe, and I also suggest that friends interested in this space should go read the docs and run testnets themselves—don’t just listen to the community shilling. Truly reliable projects can stand up to having their architecture repeatedly taken apart and examined. $NEWT—my current impression is that it’s worth looking at a few more times. (This article is a platform task and does not constitute any investment advice.)

#Newt