How the Newton Protocol is creating a "shared reality"?
The night before, I sat down to eat with a friend who works as a Data Engineer. The story began with a very everyday problem. He told me that one time the company’s revenue dashboard showed three different numbers. The Finance team opens a dashboard. The Sales team opens another dashboard. Revisit the executive board and review a consolidated report. The funny part is that all three of them pull data from the same system. I asked: "So which number is correct?"
Most authorization systems only know how to give one answer: yes or no. Newton Protocol made me think about something different. In one of its policy examples, exceeding a spending limit does not only produce allow = false. The policy can also return a cap, exposing the maximum value that would be accepted for the same transaction. At first, this looks like a small implementation detail. But the more I looked at it, the more it felt like a different philosophy of authorization. A binary rejection ends the interaction. The system refuses the request and leaves the caller to decide what happens next. Returning a constraint is different. Instead of only saying "you cannot do this", the policy also reveals the boundary that separates an acceptable action from an unacceptable one. That difference may not matter much for software that simply retries failed requests. It could matter a lot for autonomous AI agents. As agents become more capable, rejection is no longer just an error. It becomes feedback. A spending cap tells an agent exactly how far it exceeded the acceptable range. Instead of repeating the same mistake or waiting for human intervention, a sufficiently capable agent could generate a new transaction that already satisfies the policy. This is why I think Newton Protocol may be preparing for Self-correcting AI Agents. @NewtonProtocol is not trying to make AI agents smarter. Instead, it is shaping the environment those agents interact with. Policies stop being static permission gates and begin acting as structured feedback that increasingly autonomous agents can learn to respond to. That could become a much bigger architectural shift than it first appears. Today's AI agents often stop when a policy says "no". Tomorrow's agents may treat a returned cap as guidance for the next attempt instead of the end of the current one. If that happens, the challenge for Newton Protocol will no longer be rejecting bad transactions, but designing policy outputs like cap that increasingly capable agents can keep learning from. $NEWT #Newt
One detail in GRVT's WebSocket design caught my attention. sequence_number only has meaning within a single WebSocket connection. If the number jumps, it only tells your connection that data has been missed. It says nothing about any other client connected to GRVT. That becomes more interesting when developers build execution engines or quantitative trading systems on top of GRVT's APIs. Every integration maintains its own market state. Detecting missing updates, requesting a fresh snapshot and deciding when that state is valid again are all responsibilities handled inside the integration. GRVT distributes market events, but it does not decide whether a trading system has reconstructed its market state correctly. That changes where market state is owned. Instead of maintaining one authoritative state for every connected system, GRVT leaves each integration responsible for maintaining its own. Different trading systems may consume the same market events while holding different local states because each follows a different recovery policy after detecting a gap. The architecture naturally moves toward State Ownership. Owning market state also means owning the engineering decisions behind it. Every team can optimize synchronization, recovery and validation around its own workflow instead of inheriting a single model from the exchange. GRVT only needs to deliver consistent market events. How those events become a trusted market state is intentionally left to each integration. By making sequence_number local to each WebSocket connection, GRVT leaves market state to every API integration instead of treating it as part of the exchange itself. As more trading systems connect through GRVT's APIs, State Ownership allows the exchange to stay focused on distributing market events instead of expanding into application-specific state management. The challenge is continuing to serve increasingly diverse trading workflows without gradually taking ownership of the application logic that belongs to each integration. $LAB @grvt_io #grvt
Newton Protocol is delaying permissionless in exchange for what?
Last Friday week, around 7 p.m., I went to eat Teochew hot pot with a few friends at a restaurant on Phan Xích Long Street, Nguyen Du. The place was quite crowded, so the dishes came out slower than usual. While we waited, I asked the manager: Why don't you take on more customers? Your restaurant still has a few tables available, doesn't it? He smiled and replied: "Sure, we can take on more. But if the kitchen starts to get overloaded, the food comes out slowly, the service gets messy, and the quality is no longer stable. Then I'm not just losing one table of customers—I lose the ability to control the entire service shift."
When deploying a Policy using the CLI on the Newton Protocol, the final policy_params must be transformed into Flat JSON that matches the params_schema.json. If you keep it as Nested JSON, Schema Validation will fail and the Policy will not be able to pass evaluation. What I find noteworthy is that the CLI continues to work with Nested JSON throughout the workflow. Only when the Policy is evaluated is it required that all data appear as Flat JSON. In my view, this is not a requirement for the CLI. It is a requirement for the Policy layer. Before entering the Policy, every representation must be converted into the same form. Translation costs still exist, but they only appear at the boundary of the system. After that point, the Policy layer no longer needs to care whether the data comes from the CLI or any other integration. The only thing left is whether the data matches the published schema. That is also when Serialization Neutrality begins to take shape. What is kept neutral is not how each tool serializes the data, but how the Policy layer receives it. Any representation differences must be eliminated before evaluation starts. Therefore, each new integration only needs to handle its own serialization, instead of forcing the Policy layer to adapt to yet another representation. At this stage, the challenge for the Newton Protocol is not in supporting more tools. The challenge is to continue maintaining Serialization Neutrality as the ecosystem grows. If one integration is allowed to cross the boundary with its own distinct representation, the Policy layer will gradually have to understand many different representations, and Serialization Neutrality will lose its original meaning. $B $BEAT $NEWT #Newt @NewtonProtocol
A few days ago, I noticed an interesting detail while exploring GRVT. Different API keys can be assigned different permissions. Some are allowed to place orders. Others can transfer assets. Others are limited to read-only access. No single key is expected to do everything. Instead of treating permissions as a convenience feature, GRVT uses them to separate authority before any operation begins. Every new capability on GRVT does not automatically become available to every API key. Trading, funding, withdrawals and account management each remain behind separate permission scopes. As a result, every credential carries only the authority it was explicitly given, instead of inheriting every capability attached to the account. That changes what happens when a credential is compromised. The incident is confined to the permission scope of that specific key rather than expanding across the entire account. Adding new API capabilities therefore does not automatically increase the consequence of an existing compromise, because newly introduced authority remains isolated from credentials that never received it. This is where Blast Radius Reduction starts to emerge. Once authority is allowed to grow through independent permission scopes instead of accumulating behind the same credential, the platform can continue expanding without forcing risk to grow in the same way. New capabilities increase what GRVT can do, while each permission boundary continues to contain the consequences of its own compromise. Looking back, those API permissions no longer feel like a developer convenience. They reveal how GRVT expects the platform to evolve. As more APIs, products and workflows are introduced, authority does not have to converge into a single credential. If that principle continues to hold, Blast Radius Reduction will scale together with GRVT, allowing @grvt_io to expand without every new capability becoming another shared source of risk. $TAG $LAB #grvt
Is the Newton Protocol changing the cost to join the ecosystem?
Last Saturday night, around 6 p.m., I and a few friends went to eat seafood at a restaurant on Vo Van Kiet Street. The table ordered quite a lot of dishes, including a plate of grilled oysters with scallion oil. While waiting for the food, I asked the shop owner: "Every day you have to prepare so many oysters like this. What if today you sell less?" He smiled and pointed toward the processing area. "The hardest part is importing the goods and doing the preliminary processing. Once that’s done, selling another plate isn’t really that costly."
When using a Policy Pack in the Newton Protocol, developers don’t need to build or deploy a Data Oracle themselves. The Data Oracle has already been deployed. What’s left is simply referencing the PolicyData Address, configuring the necessary Parameters, and then starting to write the Policy. With this workflow, I think the Newton Protocol is changing the type of Cost that developers have to pay. If you build the entire Data Oracle yourself, every update or Maintenance takes away some of the time you could have spent improving Decisions. Every hour spent on Maintenance means less time to try new Ideas. Policy Packs reverse that. When the Infrastructure is already maintained, Maintenance is no longer a burden that each developer has to repeat. The time is returned for designing Policies, adjusting Business Logic, and trying out new Decisions. The biggest Cost no longer lies in operating Infrastructure, but shifts to figuring out how to interpret the Data better. That’s also when Opportunity Cost begins to change. An hour not spent on Maintenance means an extra hour to try a Policy, verify an Assumption, or optimize a Decision. The value of Policy Packs isn’t just about reducing workload—it’s about shifting time toward activities that create more meaningful differences. From that perspective, I see that Newton Protocol isn’t only providing ready-made Policy Packs. It’s also moving the developer’s Opportunity Cost away from repetitive work so they can focus on Innovation. If more and more builders begin from a shared layer of Infrastructure, the advantage of @NewtonProtocol s will gradually accumulate in the quality of Decisions, because more resources are being transferred from Maintenance to Innovation #Newt $SKL $LAB $NEWT
What keeps the value of Data Oracles in the Newton Protocol increasing over time?
Last Sunday night, around 7 o’clock, I stopped by a rice shop on Nguyen Duy Street. I ordered a serving of crispy roast pork with crackling, and I noticed the chef wasn’t preparing everything at the same time. The meat has been roasted beforehand. The sauce is scooped from another pot. Pickles, vegetables, and dipping sauce are also taken from separate trays. Only when the customer places an order are all of them put onto the same plate.
Learn about Chaining Multiple Data Oracles in Newton Protocol’s docs; I was quite surprised by what Data Oracles never do. Each Data Oracle only returns Facts such as risk_score, is_collapsed, or tvl_drawdown. They do not conclude whether a transaction should be Allowed or Denied. That part is left to the Rego Policy. This is not just a separation of responsibilities. It also shows that Newton Protocol separates Fact from Judgment. When a Fact is no longer tied to a fixed Judgment, the same risk_score can be interpreted by many Policies according to entirely different criteria. One policy considers 60 to be safe enough to Allow, while another only accepts values of 80 and above. The Fact remains the same; only the Judgment changes. So a Fact no longer ends its role after being used for the first time. When another Policy is introduced, that same Fact is again interpreted under a new standard to produce a different Decision, without needing to collect the data again from scratch. The value of a Fact also no longer stops after its first use. Each new Policy opens up an additional context for the old Fact to keep generating value. This separation between Fact and Judgment is what created a Fact Appreciation Mechanism. What I find most interesting is that Newton Protocol does not try to make Data Oracles generate more Facts. @NewtonProtocol ensures that each Fact continues to produce value after it has been created. As the ecosystem adds more Policies, old Facts are continuously interpreted under new standards. If this process keeps repeating, the Fact Appreciation Mechanism will cause the value of the data to grow along with the development of the entire ecosystem, rather than stopping after the first use. #Newt $EVAA $NEWT
What experiences is the Newton Protocol creating for developers?
Last night, I had dinner with Oanh—a wealthy lady who was running a seafood restaurant. Oanh told me that they changed a few dishes on the menu every week. I’m quite surprised. "Doesn’t this frequency of changes worry customers and make it hard for them to follow?" Oanh shook her head. "I don’t change the whole menu. I just try one new dish each time. If the customer doesn’t like it, then we just get rid of it. The cost of trying once is small enough that I have no reason to be afraid to try again."
Before deploying a policy, the Newton Protocol requires going through three steps: Unit Testing for the Rego Policy, testing each WASM Oracle individually, and only then simulating the entire policy with real-world data. These three steps are not merely checking each component in isolation. Instead, they are arranged to continuously narrow down what is still unknown about a decision. After each round of validation, the scope of what must wait until deployment to be confirmed keeps shrinking. Typically, deployment is the most important moment to know whether a decision works as expected. Even after many rounds of testing, production is still where many teams accept learning what they couldn’t know beforehand. With the Newton Protocol, however, most of that process happens right during development. The Rego Policy, WASM Oracle, and data are combined to simulate the entire decision before deployment occurs. That leads me to think the Newton Protocol is moving toward a Pre-validated Deployment architecture. At that point, deployment mainly becomes the step to release a decision that has already been validated, rather than the place where the system continues to learn whether that decision is right or wrong. What I find especially notable is that the Newton Protocol seems to be changing the role of Deployment. When Deployment is no longer where Validation is created, it’s also no longer where the system learns whether a decision is correct or incorrect. Perhaps that’s what Pre-validated Deployment architecture really means. Not a more complete testing process, but an architectural principle that shifts Validation activities away from Production. I’m quite curious whether this will just be a choice by the Newton Protocol, or whether it will gradually become how many software systems are built in the future? $EVAA $NEWT #Newt @NewtonProtocol
Why does the Newton Protocol agree to make deployments more complicated every time?
At 2 a.m. last night, I was sitting and drinking late with a friend who’s working as a DevOps engineer at a software company. The conversation happened to drift into the deployment process. I asked: "Why does your company make you reconfigure a whole bunch of credentials with secrets every time you deploy? Wouldn’t it be faster to keep the old ones intact?" He smiled. "It’s fast, sure. But if something is kept around for too long, sooner or later no one will remember why it still exists."
The other day, I was watching the Writing Data Oracles section of the Newton Protocol and came across something quite interesting: if an HTTP Fetch fails, the Data Oracle must not ignore the error or return default data. Instead, the Oracle returns a namespaced error so that the Rego Policy can immediately deny the Decision. It seems the Newton Protocol is changing the role of failure during Decision creation. A failure is no longer just information for the Developer to read after the system has finished running. The moment the Data Oracle returns a namespaced error, that failed status becomes part of the data that the Rego Policy must evaluate. The Decision isn’t halted because the system encountered an error; it’s halted because the system has just received a new signal. I suddenly realized the Newton Protocol is choosing a Fail-Closed Architecture. This architecture doesn’t try to hide what isn’t known yet in order to keep executing. Instead, it expands the concept of Evidence. Not only successfully collected data has value. The fact that the Data Oracle cannot confirm a piece of information also becomes a form of Evidence that the Rego Policy must evaluate. Once failure is treated as Evidence, a Decision no longer has the right to ignore it. A Decision can’t keep going just because the remaining data looks reasonable. It must reflect all the Evidence the system currently has, including what cannot be confirmed. If the Evidence isn’t sufficient to support a conclusion, the Decision is not allowed to “fill in the missing parts” by assuming. From that perspective, Newton Protocol’s Fail-Closed Architecture is no longer just a failure-handling mechanism. It forces every Decision to be truthful to the Evidence we truly have, rather than the Evidence the system wishes it had. #Newt $LAB $TRIA $NEWT @NewtonProtocol
Newton Protocol inherited, but not everyone can see it
8 p.m. yesterday, at a small café on Thiền Quang Street, I sat down to chat with Trinh—an extremely seasoned HR professional. We talked about hiring people. I asked: "If there are two candidates—one has a lot of Certificates, and the other has worked for many years at a well-known company but has almost no certificates to show—who would you choose?" Trinh answered right away. "I will choose the second person." I was quite surprised, so I asked further.
The Newton Protocol was developed by Magic Labs, the team behind many products that meet Enterprise Standards such as SOC 2 Type II and ISO 27001. These Enterprise Standards require an organization to have a sufficiently rigorous Development Process to manage Change, assess Risk, and ensure that every Decision can be traced throughout the entire Development Lifecycle. More importantly, that Development Process must not only serve a single Release. It must be consistent enough to continue being used across multiple Releases, regardless of how the Product evolves. In my view, when the Magic Labs team works for years under the same Development Process, that Process stops being just an internal workflow. It becomes the default way for the team to approach problems and make decisions. That is also why I believe that when developing the Newton Protocol, what Magic Labs brought along was not the Enterprise Standards, but a Process-First Mindset. With that mindset, each Release of the Newton Protocol can still be very different because it must solve new problems. But all changes originate from the same Decision Framework, the same way of evaluating Risk, and the same Engineering Process. That consistency does not lie in each individual Release, but in how the Newton Protocol is Engineered. As @NewtonProtocol continues to expand, new Features will not become pieces built from different Engineering Philosophies. They will still be constructed on the same foundation of thinking that shaped the Protocol from the beginning. Perhaps the most valuable thing the Magic Labs team brings when developing the Newton Protocol is the Process-First Mindset. It helps the Newton Protocol keep evolving and expanding while still preserving consistency in how it is Engineered.#Newt $LAB $NEWT
Read the Integration Guide of the Newton Protocol, and there’s one detail I find rather strange: the Data Oracle can be written in JavaScript, Rust, or Python. At first, I thought that @NewtonProtocol was just trying to expand options for builders. But what’s noteworthy isn’t the programming language itself. It’s that no matter which language it’s written in, everything eventually compiles into the same WIT interface. That’s when I realized that JavaScript, Rust, or Python are just superficial expressions. What changes fastest in each ecosystem has never been the programming language—it’s innovation. Python keeps seeing new AI packages. Rust has performance and security optimizations. JavaScript is developing rapidly at the application layer and in tooling. Each ecosystem has its own pace of evolution, and no one knows where the next breakthrough will come from. If a protocol is tightly tied to a single programming language ecosystem, it also unintentionally bets that the most important innovations will keep emerging there. Anything created outside it either has to be ported back in, or never makes it into the system. Newton Protocol seems to choose to stand outside the race and adopt a stance of Innovation Neutrality. The Newton Protocol doesn’t standardize where innovation is created. The only thing that is standardized is the way innovation makes its way to the protocol through a shared interface. In that case, the evolution of the Data Oracle doesn’t depend on any single programming language or developer community. A breakthrough that appears in Python, Rust, or JavaScript can all become part of the Newton Protocol. That’s also the advantage of the Innovation Neutrality stance. The Newton Protocol doesn’t need to bet its future on any single programming language ecosystem. #Newt $LAB $HMSTR $NEWT
Does the Newton Protocol clearly define which decisions should belong to the protocol?
The other day I looked at a pull request from an open-source project. The code wasn’t anything special, but underneath the review there was a pretty long argument. One person suggested rewriting it in Rust. Another wanted to keep Python because it lets you take advantage of all the libraries you already have. The interesting thing is that in the end nobody debates programming languages anymore. They just agree on one thing: as long as the input and output don’t change, the rest can be left up to each person to decide.
Read the Verifiable Credentials section in Newton Protocol docs, and I keep getting stuck on a very small detail. Among a bunch of SDK methods for Identity, Verification, and Credential Management, @NewtonProtocol is still reserved entirely for a method called unlinkApp(). At first glance, it seems like this is only an API for revoking the link between a user and an application. But the more I think about it, the more I feel that the existence of this method may be more noteworthy than what it actually does. A system truly only needs unlinkApp() if, from the very beginning, the team has accepted that users always have Exit Rights. If that assumption is correct, Newton Protocol might be pursuing a Voluntary Lock-in strategy. That sounds contradictory at first. Usually, Lock-in is created by gradually increasing Switching Costs, making it harder and harder for users to leave the system. But with Voluntary Lock-in, the option to leave is always there. The only thing keeping users around is their own choice. That also means Newton Protocol effectively gives up one of the most common Competitive Moats among Web3 platforms. When Exit is always protected, Newton Protocol can’t rely on Switching Costs to retain Users. In my view, this is the real point worth thinking about. If Voluntary Lock-in is truly a choice in Product Design, then each Active User is no longer simply a growth metric. They become evidence that even when Exit rights always exist, they still continue to choose Stay. In other words, unlinkApp() may not just be an SDK method. It may be a small signal that Newton Protocol doesn’t view Lock-in as the result of barriers, but as the result of voluntary decisions repeated over time. #Newt $MAGMA $LAB $NEWT
Is the Newton Protocol redefining the meaning of Consent?
There's something I find rather strange. Many apps only need me to tap "Allow" just once. A few months later, I can almost no longer remember what permissions I granted, yet those permissions still quietly persist. That makes me wonder another question. Should a one-time Consent create a power that exists long into the future? Or should Consent itself also have limits so it can’t automatically expand just because it was granted once?