Bahasa Kebijakan Rego: Mesin di Balik Aturan Kepatuhan Newton
Saat pertama kali saya melihat disebutkannya Rego di dokumentasi Newton Protocol, saya hampir saja melewatinya. Bahasa kebijakan. Kedengarannya kering. Kedengarannya seperti sesuatu yang Anda baca sekali dan langsung Anda lupakan. Lalu saya memeriksanya dengan saksama dan menyadari bahwa itu sebenarnya salah satu pilihan teknis yang lebih menarik yang dibuat Newton, dan memahami hal itu mengubah cara Anda berpikir tentang kemampuan sebenarnya dari lapisan kepatuhan Newton. Apa itu Rego dan dari mana asalnya: Rego bukan sesuatu yang Newton ciptakan. Itu adalah bahasa kebijakan deklaratif open source yang dikembangkan oleh Styra dan digunakan secara luas dalam perangkat lunak perusahaan melalui sebuah proyek bernama Open Policy Agent, atau OPA. Jika Anda sudah pernah bekerja di infrastruktur cloud, keamanan Kubernetes, atau sistem kontrol akses perusahaan, ada kemungkinan yang cukup besar Anda sudah pernah menemukan Rego—meski tanpa mengetahui namanya.
Attestasi BLS adalah salah satu istilah yang terdengar menakutkan sampai seseorang menjelaskan apa sebenarnya itu. Jadi izinkan saya mencoba.
Ketika jaringan operator Newton Protocol mengevaluasi sebuah transaksi terhadap suatu kebijakan—memeriksa apakah transaksi lolos dari layar sanksi, memenuhi batas pengeluaran, memenuhi aturan risiko—dibutuhkan sesuatu yang membuktikan bahwa evaluasi tersebut benar-benar terjadi dan dilakukan dengan benar. Bukti tersebut adalah attestasi.
BLS adalah singkatan dari Boneh-Lynn-Shacham. Ini adalah skema tanda tangan kriptografis. Yang membuatnya sangat berguna untuk Newton adalah beberapa operator dapat masing-masing menandatangani hasil evaluasi yang sama, dan tanda tangan tersebut dapat digabungkan menjadi satu bukti yang ringkas. Jadi alih-alih jaringan mengatakan, "percaya saja, kami sudah memeriksa ini," ia menghasilkan satu tanda tangan yang dapat diverifikasi yang bisa dipastikan siapa pun berasal dari jumlah operator yang diperlukan yang bekerja dengan jujur.
Mengapa ini penting secara praktis? Karena berarti buktinya bersifat tanpa kepercayaan. Anda tidak perlu percaya ucapan Newton bahwa pengecekan kepatuhan dijalankan. Anda tidak perlu mempercayai operator mana pun secara individual. Anda memverifikasi attestasi BLS secara matematis dan hasilnya benar atau tidak. Tidak ada ruang abu-abu di mana seseorang bisa memalsukannya dengan meyakinkan.
Untuk hal seperti kepatuhan terhadap sanksi atau penegakan batas pengeluaran, di mana taruhannya nyata dan kebutuhan akan bukti yang dapat diverifikasi memang benar-benar ada, ini adalah alat kriptografis yang tepat.
Mainnet Beta sudah berjalan. Setiap evaluasi kebijakan saat ini menghasilkan salah satunya.
Siapa yang Memberi Otorisasi kepada AI? Jawaban Newton Protocol terhadap Risiko Agen Onchain
Izinkan saya bertanya sesuatu yang menurut saya sebagian besar orang yang membangun di bidang ini diam-diam sedang menghindarinya. Saat sebuah agen AI mengeksekusi transaksi onchain, siapa yang sebenarnya mengatakan bahwa ia bisa melakukan itu? Bukan dalam arti yang abstrak. Dalam arti yang nyata, teknis, dan dapat dibuktikan. Mekanisme apa yang ada yang mengatakan bahwa agen ini diberi wewenang untuk melakukan langkah ini, pada saat ini, dengan jumlah ini? Dan jika agen melakukan sesuatu di luar batas tersebut, apa yang sebenarnya disiapkan untuk menghentikannya sebelum dana dipindahkan? Saat ini, untuk sebagian besar deployment agen onchain, jawaban yang jujur adalah: hampir tidak ada yang berarti.
There's a conversation happening loudly in crypto right now about AI agents. How powerful they'll be. How much they'll automate. How many things they'll do faster and better than humans.
What's not being discussed loudly enough is what happens when those agents go wrong.
And I don't mean wrong in a science fiction sense. I mean wrong in a very boring, very expensive, very real sense. An agent operating outside the parameters anyone actually authorized. An agent making decisions based on bad data. An agent that gets compromised and starts executing transactions nobody approved. A treasury agent that moves funds it was never supposed to touch.
These aren't hypothetical risks. Early forms of autonomous onchain agents already exist. The infrastructure to catch their mistakes largely doesn't.
Here's the specific problem. AI agents don't use frontends. They call contracts directly. Which means every security measure that lives at the interface level — every compliance check, every fraud filter, every access control built into an application — simply doesn't apply to them.
Newton Protocol is the most credible answer I've found to this problem. Policy enforcement at the contract level means an agent's transaction gets checked against defined rules before it executes. Not flagged after the damage is done. Stopped before it happens.
Mainnet Beta is live. The infrastructure exists right now.
The Back Door Every Smart Contract Has — And How Newton Closes It
I want to describe something that I think most people in DeFi understand intellectually but haven't fully sat with in terms of what it actually means. Every smart contract has a back door. Not a bug. Not a poorly written function. Not something that slipped through an audit. A structural characteristic of how smart contracts work that creates a gap in almost every security and compliance system built around them. Here's what I mean: When a protocol builds security measures — sanctions screening, fraud detection, compliance checks, access controls — those measures almost always live at the frontend or application layer. The website checks your wallet before letting you proceed. The interface validates your inputs before submitting a transaction. The compliance API gets called before anything hits the chain. Thi works fine for users who interact through the official interface. Which is a smaller and smaller percentage of actual DeFi activity every year. Bots don't use frontends. Aggregators route transactions directly to contracts without touching an interface. Arbitrage systems call contracts programmatically thousands of times a day. And increasingly AI agents execute transactions autonomously without any human ever seeing a confirmation screen. All of these bypass every security measure that lives at the frontend level. They walk straight through the back door — directly to the contract — and the contract has no way of knowing or caring that it was supposed to check something first. Why this is worse than it sounds: I've thought about this a lot and the more I do the more uncomfortable it makes me about how DeFi security actually works in practice. Think about sanctions compliance specifically. A protocol builds a sanctions screening system. They integrate a compliance API. They block sanctioned wallets at the UI level. They feel good about their compliance posture. But a sanctioned entity that knows what they're doing doesn't use the UI. They call the contract directly. And the contract has no idea a sanctions check was supposed to happen. The transaction goes through. The protocol has technically violated sanctions compliance despite having built a compliance system. The legal exposure here is real. "We had a frontend filter" is not a defense that satisfies regulators when funds moved from a sanctioned wallet through your protocol. Think about spend limits in DAO treasuries. A governance vote establishes spending controls. Everyone agrees to honor them. But anyone with technical knowledge can call the treasury contract directly and exceed those limits. The "controls" don't technically exist at the enforcement level. They exist at the social agreement level, which is a completely different thing. Think about fraud detection. You build anomaly detection into your application layer. You flag suspicious patterns. You block wallets associated with known exploiters. None of that applies to someone hitting your contract directly from a fresh wallet with a carefully constructed transaction. Every security measure that lives above the contract level has this same vulnerability. The back door is always there. The question is whether anyone is blocking it. What Newton actually does: When I understood Newton Protocol's approach properly this is the thing that made it click for me. They're not building a better frontend filter. They're not building a smarter API check. They're closing the back door itself. Newton operates as an authorization layer at the contract level. Before a transaction executes — before, not after — it gets evaluated against a policy. That policy might be a sanctions check, a spend limit, a fraud rule, a counterparty requirement, a risk threshold. Whatever the developer defines. The evaluation runs through Newton's decentralized operator network, backed by EigenLayer restaking so there's real economic weight behind every honest evaluation. The result comes back as a BLS attestation — cryptographic proof the check ran correctly. The contract acts on that attestation. The critical thing is where this fires. At the contract level. In the transaction execution flow. Not at the frontend. Not in an API called before submission. Inside the transaction itself, before settlement. That means a bot calling directly gets evaluated. An aggregator routing through gets evaluated. An AI agent executing autonomously gets evaluated. The back door doesn't work anymore because the check isn't at the door. It's at the destination. The privacy piece matters here too: One concern I've seen raised about onchain compliance is that checking transactions at the contract level means exposing personal data publicly. If your sanctions check leaves a record onchain, doesn't that mean personal information becomes a permanent public record? Newton handles this specifically. What goes onchain is never the raw personal data. It's a cryptographic hash — a fingerprint that proves the check happened and what the result was without revealing anything underneath it. The evaluation runs offchain. The attestation that proves it ran is what becomes the permanent record. You get contract-level enforcement without a public data exposure problem. Both things are true simultaneously because of how the cryptography works. What this means with Mainnet Beta live: VaultKit, which shipped with Newton's Mainnet Beta, is the SDK that lets developers actually implement this. Write a policy. Deploy it. Have it enforced on every transaction your contract receives regardless of origin. The RedStone integration means policies checking price thresholds or collateral values are running against live, verified, tamper-resistant data rather than something that can be manipulated mid-transaction. This is production infrastructure right now. Not a proposed solution. Not a roadmap item. Something developers can integrate today. The back door that every smart contract has isn't inevitable. It's just been unaddressed until now. Newton is addressing it. @NewtonProtocol $NEWT #Newt
There's a number I keep coming back to when I think about what Newton Protocol is actually trying to unlock.
Trillions of dollars. Sitting in institutional capital — pension funds, sovereign wealth funds, regulated asset managers — that has been watching DeFi for years without meaningfully showing up.
And here's the thing that frustrates me about how this usually gets discussed. People frame it as institutions being slow or conservative or not understanding crypto well enough. That's not really what's happening. Some of these entities understand the technology just fine. The problem isn't comprehension. The problem is that participating requires compliance infrastructure that simply doesn't exist at the protocol level in most of DeFi.
Think about what a regulated institution actually needs. Sanctions screening that fires on every transaction, not just the ones coming through a frontend that any bot can bypass. Spend controls that are technically enforced rather than written into a governance doc people agree to honor. Audit trails that an external auditor can verify independently. Risk checks running against data that can't be gamed inside a single block.
Without those things the compliance obligations these institutions operate under make DeFi participation legally impossible regardless of how attractive the yields are. So the capital stays out. Year after year. "Institutions are coming" becomes a running joke.
Newton Protocol is building the infrastructure that actually changes that equation. Quietly. Without much fanfare.
Newton Mainnet Beta Sudah Live — Inilah Artinya yang Sebenarnya
Mari saya mulai dengan sesuatu yang menurut saya perlu dikatakan. Saya sudah cukup lama berkecimpung di kripto untuk benar-benar bersikap sinis terhadap pengumuman mainnet. Istilah "mainnet" sudah diregangkan sejauh itu melampaui makna aslinya sehingga hampir tidak terasa lagi. Proyek mengumumkan mainnet yang pada dasarnya adalah testnet versi glamor. Mereka meluncur dengan gebyar lalu berjalan pelan-pelan tanpa benar-benar digunakan. Mereka merilis produk "mainnet" yang bekerja sempurna dalam kondisi yang terkontrol dan langsung kewalahan saat tekanan nyata pertama kali menghantamnya. Jadi saat saya memberi tahu Anda bahwa Newton Protocol's Mainnet Beta sudah live dan menurut saya itu penting, saya ingin mendukungnya dengan hal-hal yang spesifik. Bukan berdasarkan insting. Bukan spekulasi harga token. Detail nyata tentang apa yang dirilis, apa yang dilakukannya, dan mengapa transisi ke produksi itu signifikan untuk proyek tertentu ini.
Sebelum saya benar-benar memahami Newton Protocol, saya menghabiskan waktu terlalu lama karena kebingungan dengan istilah-istilah yang membuat konsep sederhana terdengar rumit. Jadi, ini yang seharusnya sudah diberitahukan kepada saya sejak awal.
Satu — smart contract tidak bisa melihat dunia nyata. Mereka mengeksekusi kode, tetapi sama sekali tidak punya konteks tentang siapa yang mengirim transaksi atau apakah transaksi itu seharusnya diizinkan. Itulah masalah inti yang diselesaikan Newton.
Dua — filter frontend bukan keamanan yang nyata. Memblokir wallet di level situs web berarti tidak ada artinya bagi siapa pun yang memanggil kontrak secara langsung. Bot, agregator, dan agen AI melakukannya terus-menerus.
Tiga — "compliance terdesentralisasi" bukanlah sebuah kontradiksi. Newton menegakkan aturan melalui jaringan operator terdesentralisasi yang didukung oleh restaking EigenLayer, bukan perusahaan tersentralisasi yang harus Anda percaya.
Empat — data pribadi Anda tidak pernah masuk ke onchain. Newton hanya menempatkan hash kriptografis di onchain. Bukti kepatuhan bersifat publik. Informasi aktual Anda tidak. Kedua hal ini benar secara bersamaan.
Lima — ini bukan lagi sekadar teori. Newton Mainnet Beta sudah live. VaultKit SDK sudah tersedia. Integrasi RedStone price feeds sudah masuk. Kebijakan nyata sedang diterapkan pada transaksi nyata sekarang.
Saya berubah dari bingung menjadi benar-benar terkesan setelah kelima hal ini “nyambung”. Proyek ini jadi jauh lebih masuk akal ketika Anda sudah memiliki model mental yang tepat sejak awal.
The Quiet Infrastructure Layer That Could Make DeFi Institutionally Safe
The most important things being built in crypto are almost never the loudest ones. I've been around this space long enough to notice the pattern. The projects that end up actually mattering, the ones that become the foundation everything else gets built on, are usually the ones nobody is screaming about on social media. They're quiet. Unglamorous. Infrastructure-y in a way that doesn't make for exciting price charts or viral threads. Newton Protocol feels like one of those projects to me. And I want to explain why I think that without it sounding like hype, because I'm genuinely trying to think through what's real here rather than what sounds good. Let me say the thing nobody says directly: DeFi is not safe for institutions right now. Not in the way institutions actually need it to be. I want to be careful here because that statement can get misread. I'm not saying the technology doesn't work. It does. I'm not saying smart contracts are fundamentally broken. They're not. I'm saying that the compliance infrastructure regulated entities require as a baseline condition of participation — not a nice-to-have, an actual legal requirement — doesn't exist at the protocol level in most of DeFi today. Sanctions screening that lives on a frontend any bot can bypass. Spend limits written into governance documents that anyone comfortable calling a contract directly can ignore. Audit trails that exist in mutable internal logs rather than permanent onchain records. Risk checks running against price data that can be gamed in a single block. None of that passes basic institutional due diligence. And institutions know it. Which is why the same "institutions are coming" headlines keep running year after year without the capital actually arriving at the scale people predict. The infrastructure that would let them come hasn't been there. What actually needs to exist: I've thought about this from the institutional side a lot and I want to get specific because vague talk about "institutional grade" infrastructure has become meaningless from overuse. What a regulated institution actually needs is sanctions screening that fires on every transaction. Not just the ones coming through an official frontend. Every transaction. Direct contract calls, bot interactions, aggregator routes, AI agent executions, all of it. The compliance check can't have a bypass lane. Speed controls that are technically enforced rather than socially agreed upon. If someone with basic technical knowledge can override a limit by calling a contract directly, that limit doesn't legally exist from a controls perspective. Full stop. Audit trails that a third party can verify independently. Not records the institution itself produced. Cryptographic proof generated by a decentralized network that nobody controls and nobody can quietly edit after the fact. And all of this without plastering personal data across a public blockchain permanently, because that creates a whole separate set of regulatory problems. Newton's architecture actually addresses all of these things and I don't say that lightly because I've been looking for something that does for a while. Why the EigenLayer piece matters more than people realize: When you're building a compliance layer there's a question that has to be answered honestly: who's doing the verification and why should anyone trust them? A new validator set with no track record and minimal stake doesn't work here. When real compliance decisions with real legal weight depend on what operators say, those operators need genuine skin in the game. Significant, painful, real economic skin in the game. Newton's operators are backed by EigenLayer restaking. These are people already securing Ethereum, extending that same staked ETH to run Newton's policy evaluations. The penalties for dishonest behavior are real. You're not being asked to trust some new unproven mechanism. You're leaning on the same economic security model that secures the most battle-tested smart contract platform that exists. In a risk committee meeting at an institution that distinction is the difference between "interesting" and "we can actually work with this." The RedStone piece that doesn't get mentioned enough Newton's integration with RedStone means policy evaluations can reference live, verified, tamper-resistant price data. This sounds technical but the practical implication is simple. A risk rule is only meaningful if the data it's checking against is accurate. A collateral requirement checked against a price feed someone can manipulate in a flash loan isn't risk management. It's the appearance of risk management. Newton's policy checks now run against data that can't be gamed mid-transaction. That matters enormously for the credibility of any compliance system built on top of it. What Mainnet Beta actually represents: I keep emphasizing that Mainnet Beta is live because I think people are underweighting what that shift means. There's an enormous difference between "we're building this" and "this exists and is running." VaultKit is out. Developers can write and deploy real enforceable policies today using a real SDK against real infrastructure. The compliance layer isn't a concept being workshopped. It's in production. That's the moment that matters. Not the announcement. Not the roadmap. The thing actually running. The honest version of why this matters: Here's what I actually think is happening quietly right now. The compliance infrastructure layer for DeFi is being built. Without much fanfare. Without viral threads or celebrity endorsements. And when institutional capital eventually arrives at actual scale in this space, it's going to flow through the protocols that have this infrastructure in place. Because institutions will require it. Not because a regulator forced anyone's hand. Because the institutions themselves can't participate without it. The protocols that built this early will have an advantage that's genuinely hard to replicate quickly. You can't bolt a credible compliance layer onto a protocol overnight. The architecture has to be designed for it from the start. Newton is doing that work right now. Mainnet Beta is the proof it's real. That's the quiet thing I think matters more than most of what's loud in crypto at this moment. @NewtonProtocol $NEWT #Newt
Ada sebuah frasa yang sering dilemparkan dalam kripto hingga hampir kehilangan makna: "trustless."
Tapi saya ingin menerapkannya pada sesuatu yang spesifik yang menurut saya benar-benar layak diberi label tersebut. Cara Newton Protocol menangani verifikasi.
Berikut ketegangan yang ada dalam setiap sistem kepatuhan. Untuk memverifikasi sesuatu tentang seseorang atau sebuah transaksi, Anda butuh informasi. Namun pada saat Anda mengumpulkan dan menyimpan informasi tentang orang, Anda telah menciptakan masalah pengawasan. Siapa yang memegang data itu? Siapa yang bisa mengaksesnya? Apa yang terjadi jika mereka dipaksa untuk menyerahkannya?
Kebanyakan solusi kepatuhan hanya menerima ketegangan ini dan memilih salah satu pihak. Entah Anda memverifikasi dengan benar dan membuka data, atau Anda melindungi privasi dan tidak bisa memverifikasi dengan benar.
Newton tidak menerima kompromi itu, dan cara mereka menghindarinya adalah hal yang benar-benar menarik bagi saya.
Yang terjadi di onchain bukanlah data pribadi yang sebenarnya. Itu adalah hash kriptografis — sidik jari yang membuktikan verifikasi telah terjadi dan seperti apa hasilnya, tanpa mengungkap apa pun yang berada di baliknya. Evaluasinya berjalan di luar rantai (offchain) melalui jaringan operator terdesentralisasi milik Newton. Sertifikasinya, yaitu bukti bahwa pengecekan berjalan dengan benar, itulah yang menjadi catatan permanen.
Jadi Anda mendapatkan verifiabilitas penuh. Paparan data nol. Dua hal sekaligus.
Itu bukan sekadar janji. Itu cara kriptografinya dirancang. Janji bisa dilanggar. Matematika tidak berdusta.
Why Onchain Compliance Will Define DeFi's Next Decade — And Newton's Role In It
Let me tell you what I actually think is holding DeFi back. Not what the polished takes say. What I genuinely believe after spending a lot of time reading, thinking, and trying to reconcile the gap between what crypto promises and what it's delivered so far. It's not the technology. The technology is honestly incredible and gets better every year. It's not liquidity. It's not user experience, though that still needs work. It's not even regulatory uncertainty, though that gets cited constantly. It's the absence of one specific capability. The ability to verify that a transaction should be allowed — in a trustless, decentralized, cryptographically provable way — before it executes. Not at the website level. Not through a centralized API. At the contract level, in a form anyone can independently verify, in a way that applies regardless of how the transaction originates. That capability doesn't exist in most of DeFi right now. And I think its absence explains more about why certain users and certain capital haven't arrived than almost anything else people talk about. The thing I keep thinking about: There's a category of money that has been watching DeFi for years and not participating. I'm not talking about retail investors who haven't found the right onramp. I'm talking about institutions with legal compliance obligations. Pension funds. Asset managers. Regulated entities of various kinds whose participation would represent capital flows that dwarf everything currently in DeFi. These aren't people who think blockchain is a scam. Some of them are genuinely interested. I've read enough about institutional crypto sentiment to know that curiosity is real. The problem isn't interest. The problem is that participating requires meeting compliance obligations that DeFi's infrastructure simply doesn't support. A regulated institution can't enter a system where the only sanctions screening is a website filter anyone can bypass. Can't use a treasury management protocol where spend limits are a gentleman's agreement rather than a technical enforcement. Can't produce audit trails that satisfy regulators when the only evidence is internal logs they generated themselves. So they stay out. And the argument that they'll come eventually without the infrastructure changing is one I've grown increasingly skeptical of. They'll come when the infrastructure lets them come. Not before. Why I find the compliance conversation frustrating in crypto: I want to be honest about something. Whenever compliance comes up in crypto circles there's this immediate defensive reaction from a certain group of people. Like even mentioning the word is a betrayal of the cypherpunk founding spirit or something. I understand where that comes from. The history of financial regulation is full of compliance requirements that protected incumbent institutions more than actual users. That's real and worth being skeptical about. But I think conflating "compliance" with "centralized control" is genuinely confused thinking. The question isn't whether rules should exist. Rules already exist. Sanctions lists are real. Spend limits in DAOs are real. Risk thresholds for DeFi protocols are real. The question is whether those rules get enforced in a trustless, verifiable, decentralized way or through centralized intermediaries that recreate exactly the structures blockchain was supposed to move away from. Newton's answer to that question is what actually got my attention. What Newton is building and why it's different: When I got into the actual architecture — not the marketing language, the actual how-it-works — a few things stood out that I hadn't seen combined this way before. The policy evaluation runs through a decentralized operator network backed by EigenLayer restaking. You're not trusting a new company's word. You're leaning on operators who have real ETH staked and face real penalties for dishonest behavior. The same economic security model that secures Ethereum is what's making Newton's compliance decisions credible. Every evaluation produces a BLS attestation. A cryptographic proof that the check ran correctly and what the result was. That proof sits onchain permanently. A regulator can verify it. An auditor can verify it. A counterparty can verify it. Nobody has to take anyone's word for anything. Personal data never touches the public chain. Only hashes and commitments go onchain. Which means you get verifiable proof compliance happened without creating a permanent public record of everyone's personal information. Both things are true simultaneously and that genuinely matters. And it's chain-agnostic. Which means the compliance layer follows a protocol across networks rather than getting rebuilt each time someone deploys somewhere new. Each of those things individually is useful. Together they add up to something that actually fits inside a decentralized system rather than being grafted onto the outside of one in a way that undermines the point. The infrastructure layer nobody prioritized: Here's something I find genuinely puzzling when I look back at DeFi's development. Every capability the space fundamentally needed eventually got built as proper infrastructure. Programmable execution. Decentralized price feeds. Scale through Layer 2s. Stable units of account. The ecosystem kept identifying missing pieces and building them. Compliance infrastructure was always on the list and somehow kept not getting built. I think part of it is that the people who most understood the need were outside the crypto ecosystem and the people inside the ecosystem were the most resistant to thinking about it. That mismatch created a gap that persisted for years. Newton is the most serious attempt I've found to actually close it. And Mainnet Beta being live is the thing that shifted my view from "interesting project" to "this matters." VaultKit is out. RedStone's verified price feeds are integrated into the policy layer. Real operators with real stake are running real policy evaluations on real transactions right now. The shift from concept to production is the one that actually matters and it's happened. What I think this means for the next ten years: I'll be honest that ten year predictions in crypto are usually embarrassing in hindsight. Things move in directions nobody anticipated and timelines are almost always wrong. But I feel reasonably confident about the directional thesis here regardless of timing. The pressures pushing toward onchain compliance infrastructure are real and they're getting stronger not weaker. Regulatory scrutiny is increasing globally. AI agents are becoming genuine participants in DeFi and they need policy boundaries that actually hold. The capital that hasn't arrived needs a reason to arrive and "trust us" isn't that reason. All of those threads lead to the same place. A compliance layer that works the way blockchain infrastructure should work — decentralized, verifiable, trustless, permanent — becomes table stakes for what DeFi needs to become. Newton is building it right now. I think that's worth paying close attention to. @NewtonProtocol $NEWT #Newt
There's a pattern I've noticed with serious infrastructure projects in crypto.
The more impressive the underlying technology, the more painful it usually is to actually build with it. Like somewhere along the way the team got so deep into the hard cryptographic problems that developer experience became an afterthought. Documentation is sparse. Abstractions are leaky. You end up needing to understand the internals just to get a basic integration working.
I went into Newton Protocol's SDK expecting exactly this. Decentralized operator network, EigenLayer restaking, BLS attestations, Rego policy language — all of that sounds like something that would take a week to wire up properly with three browser tabs open the whole time.
Genuinely wasn't the case and that surprised me.
The SDK extends a standard viem wallet client. If you've written modern Ethereum code recently you already know viem. The pattern is immediately familiar. You're not learning a new mental model, you're adding capability onto something you've probably already used.
The main function you're actually calling is simulateTask. Describe your transaction intent, pass your policy details, get back a result with a boolean at the end. Allowed or not. One await call abstracting a lot of serious distributed infrastructure underneath.
VaultKit is where the depth opens up — real enforceable policies for vaults, spend limits, sanctions checks, counterparty rules. But even there the experience felt more thoughtful than I expected.
The technical barrier is low. The interesting work is figuring out what rules your protocol actually needs.
Newton Protocol SDK Quickstart: Cek Kebijakan Pertama Anda dalam 5 Menit
Saya akan terus terang soal reaksi pertama saya ketika mulai melihat Newton Protocol dari sudut pandang developer. Saya mengira itu akan menjadi rumit. Maksudku, benar-benar rumit. Sebuah policy engine yang terdesentralisasi berjalan di EigenLayer, attestation BLS, dan pembuktian kriptografis di berbagai chain — ketika kamu mencantumkan semua komponen yang bergerak seperti itu, otakmu langsung mulai bersiap untuk proyek integrasi berdurasi seminggu dengan tiga tab dokumentasi berbeda terbuka dan sebuah pertanyaan di Stack Overflow yang setengah dibuat.
Ini adalah masalah yang tidak cukup dibahas dalam percakapan multi-chain.
Kepatuhan tidak peduli chain mana yang Anda gunakan. Dompet yang disanksi tetap disanksi di Ethereum, di Base, di Arbitrum, di mana pun. Batas pengeluaran yang ada untuk sebuah treasury tidak akan hilang hanya karena transaksi tersebut merutekan melalui jaringan yang berbeda. Aturan adalah aturan, apa pun chain tempat eksekusinya terjadi.
Namun, sebagian besar infrastruktur kepatuhan dibangun secara chain-per-chain. Artinya, di dunia di mana aktivitas DeFi yang serius tersebar di puluhan jaringan, Anda pada dasarnya membangun ulang lapisan kepatuhan dari awal setiap kali memperluas ke chain baru. Itu tidak skalabel, dan jujur saja menciptakan celah yang bisa dieksploitasi oleh pelaku beritikad buruk hanya dengan merutekan melalui chain tempat pengecekan Anda belum berjalan.
Newton Protocol dibangun sejak awal agar bersifat chain-agnostic. Mesin kebijakan, jaringan operator, model atestasi — dirancang untuk bekerja di berbagai jaringan yang kompatibel dengan EVM tanpa perlu membangun ulang lapisan kepatuhan setiap kali. Ethereum, Base, Arbitrum sudah didukung. Rantai non-EVM masuk dalam roadmap.
Yang artinya secara praktis adalah satu kerangka kebijakan yang konsisten yang mengikuti protokol Anda ke mana pun protokol itu berada, bukan kepatuhan yang terpecah dan berbeda-beda bergantung pada chain.
Di dunia DeFi multi-chain yang benar-benar nyata, ini bukan sekadar fitur yang bagus. Ini adalah sebuah kebutuhan.
EigenLayer AVS Dijelaskan Melalui Studi Kasus Penggunaan Dunia Nyata Newton Protocol
Aku akan jujur padamu. Beberapa kali pertama aku membaca tentang EigenLayer, aku paham kata-katanya satu per satu, tapi belum paham apa artinya dalam praktik. Restaking. Layanan yang Divalidasi Secara Aktif. Keamanan bersama. Semuanya terdengar masuk akal secara teoretis, tetapi terasa abstrak dengan cara yang membuatnya sulit untuk benar-benar peduli. Itu adalah salah satu konsep yang terus membuatku mengangguk, tanpa benar-benar mencerna isinya. Yang akhirnya membuatnya terasa jelas bagiku adalah memahami Newton Protocol. Bukan karena Newton menjelaskan EigenLayer lebih baik daripada siapa pun. Tapi karena Newton adalah salah satu contoh nyata yang paling jelas tentang mengapa EigenLayer itu ada dan masalah apa yang sebenarnya sedang diselesaikannya.
There's a concept I keep coming back to when I think about why crypto adoption has been slower than everyone predicted.
It's not the technology. The technology has been moving fast. Smart contracts, oracles, Layer 2s — each one unlocked things that genuinely couldn't exist without it. The stack has been filling in piece by piece for years.
But there's always been this one gap sitting quietly in the middle of everything. Something I didn't have clean language for until recently. The question of whether a transaction should actually be allowed to happen — answered in a verifiable, decentralized way, before execution, not after — that capability just didn't exist as a proper infrastructure layer.
Policy engines are that missing piece. And I think most people in this space are only beginning to understand how fundamental they're going to become.
When I think about where Newton fits in all of this it's not just as a compliance tool for regulated institutions, though it serves that purpose. It's as the layer the entire Web3 trust stack was quietly assuming would exist someday. The piece that gives smart contracts actual context about the world around them. That lets them enforce rules and prove those rules were checked, regardless of who or what sent the transaction.
Every other layer got built assuming this would come eventually.
Newton is what finally makes it real.
Mainnet Beta is live and I think we're just starting to understand what that unlocks.
Newton vs. Kepatuhan Berbasis API Tradisional: Mengapa Desentralisasi Menang
Saya ingin memulai dengan bersikap adil terhadap model tradisional karena saya pikir model itu pantas mendapatkannya sebelum saya menjelaskan mengapa saya telah beralih dari anggapan bahwa model tersebut berfungsi untuk DeFi. Kepatuhan berbasis API masuk akal sepenuhnya ketika itu dirancang. Anda menghubungkan sistem Anda ke layanan terpusat yang memelihara daftar sanksi dan basis data KYC, Anda memanggil API itu sebelum memproses apa pun, lalu Anda bertindak berdasarkan hasilnya. Bank melakukan ini. Pemroses pembayaran melakukan ini. Ini adalah buku pedoman yang sudah mapan, dan dalam keuangan tradisional, di mana titik akses dikendalikan dan pihak lawan dikenal, ini sebagian besar masih berjalan.
Let me tell you what actually bothers me about how most DeFi protocols handle sanctions screening.
They put a filter on the website. Check the wallet against a list before the user gets to confirm anything. If it matches, block it. And everyone kind of nods along like that's a real compliance solution.
But here's the thing I kept thinking about. That filter lives on the frontend. And the frontend is optional. Anyone who knows what they're doing can skip it entirely and call the contract directly. Bots do this without even thinking about it. Aggregators route through contracts constantly without touching a single UI. So your sanctions check, the one you built and feel good about, simply doesn't fire for a huge chunk of real-world transaction volume.
I'm not being dramatic when I say the legal exposure here is uncomfortable. A protocol that processes transactions from sanctioned wallets because its only screening mechanism was a website form is in a difficult position if that ever gets scrutinized. "We had a frontend filter" is not a satisfying answer to a regulator.
What Newton Protocol does differently is move that check to where it actually matters — the contract level, inside the transaction itself. The policy fires before anything settles. Doesn't matter if it came from a frontend, a bot, an aggregator, or an AI agent. The evaluation runs. The attestation proves it ran. The sanctioned wallet doesn't get through.
That's what real sanctions screening looks like. Mainnet Beta is live.
Enterprise-Grade Compliance Meets DeFi: Newton's Play for Regulated Finance
I want to say something that took me a while to actually articulate properly. The reason institutions haven't flooded into DeFi isn't volatility. It isn't liquidity concerns or smart contract risk or even regulatory gray areas, though all of those get cited constantly. The real reason, the one I think gets glossed over, is much simpler. Institutions couldn't enter DeFi without abandoning the compliance infrastructure their entire operation is built on. And that's not a tradeoff any regulated entity can make. I've been thinking about this from the institutional perspective lately and it changes how you see the whole landscape. What compliance actually looks like from the inside: When people in crypto say "institutions need compliance" they usually mean it in a vague, hand-wavy way. But I think it's worth being specific because the specifics are what make Newton's approach actually interesting. A regulated financial institution needs sanctions screening that fires on every single transaction automatically, not a frontend filter that any technically competent person can route around in five minutes. If an auditor asks "how do you ensure sanctioned counterparties can't transact with your protocol" and the answer is "we block them on the website," that conversation ends badly. They need spending controls that are technically enforced, not written into a governance document that people agree to honor. In a real compliance framework, a control that can be bypassed by calling a contract directly doesn't legally exist. Full stop. They need audit trails that someone other than themselves generated. A compliance record you produce internally has limited evidentiary value. A cryptographic proof produced by a decentralized network that any third party can independently verify is a fundamentally different category of evidence. That distinction matters enormously when regulators come asking questions. And they need risk checks running against accurate, real-time data that can't be gamed mid-transaction. A collateral requirement checked against a price feed someone can manipulate in a single block isn't risk management. It's the appearance of risk management, which is actually worse than nothing because it creates false confidence. DeFi for most of its history has delivered none of these things at the protocol level. Which explains, more than anything else, why "institutions are coming" has been a headline for five years without the underlying reality materializing at scale. Why Newton's approach is genuinely different: When I got into the details of how Newton actually works, the thing that struck me most was that they built this for the compliance requirements first rather than trying to retrofit compliance onto an existing architecture. The policy engine lets developers write rules in Rego, which is a proper declarative policy language that already gets used in enterprise environments. This isn't some crypto-native DSL that a compliance officer has never seen. It's a language built for exactly this kind of rule-based evaluation and institutions will recognize it. Those rules get evaluated by a decentralized operator network secured through EigenLayer restaking before any transaction settles. The result is a BLS attestation — a cryptographic proof that the evaluation happened and what the conclusion was. That proof lives onchain. The personal data behind it doesn't, because Newton puts only hashes and commitments onchain rather than raw identifying information. Think about what that means practically. A regulator can verify compliance happened. An auditor can verify the check ran correctly. A counterparty can verify the evaluation result before settling their side of a trade. And none of that verification requires exposing anyone's personal data publicly because the proof is cryptographic rather than documentary. The EigenLayer foundation is specifically what I think makes this land differently in an institutional risk conversation. You're not asking a compliance committee to trust a new consensus mechanism they've never heard of. You're pointing them at a system backed by Ethereum restaking — the same economic security model that secures the most battle-tested smart contract platform in existence. That's a very different conversation to have in a risk committee room. The RedStone piece deserves more attention than it's getting: I keep coming back to the RedStone integration when I think about the institutional angle because it solves a problem that I think gets underestimated. A lot of enterprise compliance requirements involve thresholds tied to market data. Collateral ratios. Position limits relative to asset values. Risk parameters that need to update as prices move. In traditional finance these checks run against Bloomberg or Reuters feeds with serious infrastructure behind them. Newton's policy engine can now reference RedStone's live, verified price feeds directly in evaluations. So a collateral requirement isn't checking against data that can be manipulated in a flash loan. It's checking against tamper-resistant, real-time market data. That's the quality of data infrastructure compliance checks in regulated finance actually need to be credible. What I actually think this means: Here's my honest read on where this goes. There's a version of DeFi's future where institutional participation remains limited because the compliance gap never gets properly closed. Protocols keep promising "we'll add compliance features" and institutions keep evaluating and walking away because the infrastructure isn't actually there. And there's a version where someone builds the compliance layer that makes real institutional participation possible without forcing DeFi to centralize or hand control back to intermediaries. Where the proof of compliance is cryptographic and decentralized and verifiable by anyone, and the personal data behind it stays protected, and the enforcement fires at the contract level regardless of transaction origin. Newton is the most serious attempt I've seen to build toward that second version. Not because they have the best marketing or the biggest airdrop. Because the actual technical architecture addresses the specific requirements that regulated institutions actually have, in a way that doesn't compromise what makes DeFi worth entering in the first place. Mainnet Beta is live. This isn't a whitepaper conversation anymore. Following @NewtonProtocol closely as this develops. $NEWT #Newt @NewtonProtocol
AI agent di DeFi membuatku bersemangat sekaligus gugup, dan kupikir itu justru reaksi yang tepat.
Bagian yang bersemangat jelas. Program otonom yang bisa melakukan rebalans portofolio, mengelola posisi treasury, menjalankan pemungutan suara governance, menangani strategi yield—semuanya tanpa seseorang harus secara manual mengklik konfirmasi setiap kali. Itu benar-benar kuat, dan peningkatan efisiensinya nyata.
Bagian yang gugup adalah yang membuatku tetap terjaga. Karena agen AI yang beroperasi onchain tanpa pagar pengaman yang memadai bukan sekadar mengambil keputusan lebih cepat daripada manusia. Ia bisa membuat keputusan yang berpotensi sangat bencana lebih cepat daripada manusia. Agen yang terkompromi, model yang halusinasi, agen yang bertindak di luar apa pun yang sebenarnya disetujui—ini bukan lagi risiko yang bersifat hipotetis. Ini adalah jenis masalah yang bisa menguras treasury sebelum siapa pun menyadari ada sesuatu yang berjalan salah.
Inilah mengapa timing Newton Protocol terasa penting bagiku. Lapisan kebijakan yang sedang dibangun Newton berada di antara maksud sebuah agen dan eksekusi yang sebenarnya. Sebelum transaksi apa pun tersettlement, transaksinya diperiksa terhadap aturan yang sengaja ditetapkan—apa yang agen ini diizinkan lakukan, seberapa banyak ia boleh memindahkan dana, dan dengan siapa ia dapat bertransaksi. Jika melanggar batas itu, transaksi tidak akan dijalankan. Tidak ditandai untuk ditinjau. Tidak jadi.
Dengan Mainnet Beta yang sudah berjalan, penegakan itu nyata sekarang, bukan sekadar teori.
AI agent bisa aman untuk DeFi. Tapi hanya jika infrastruktur yang tepat ada di sekelilingnya. @NewtonProtocol $NEWT #Newt