After being “bitten back” by being “smart,” I realized how important it is to give an AI a “leash”
Last year I used a so-called “fully automated” on-chain trading bot. I went to sleep, and when I woke up, my wallet underwear had been stripped clean. It wasn’t the work of hackers. The “smart” program hit an extreme liquidity crisis and just kept疯狂 buying in the trash pool, following unlimited slippage. Watching the machine I’d granted permissions to “legally” self-destruct was a helpless, soul-crushing feeling.
That’s what brings us to a very real dead-end in the current Agent track: if you want AI execution efficiency, you often end up being forced to sign “overlord terms” with unlimited permissions. Excessive authorization is like running around completely naked—but if moving funds step by step requires confirmations, then what kind of “automation” is that?
With that knot in mind, looking at Newton Protocol’s underlying framework for AI agent execution makes the idea look surprisingly clever. It doesn’t deify AI’s absolute autonomy; instead, from the perspective of preventing wrongdoing, it adds a “dynamic braking” system to the protocol.
Previously, on-chain security data revealed a pattern: more than 60% of automation blowups have their root cause in overreach during execution. A lot of protocols out there today only handle “intent recognition”—they can understand what you want to do, but they don’t care whether the AI goes out of bounds when executing. Newton’s solution is to tightly confine the AI within the permission boundaries set by users, while also having the nodes that have staked $NEWT act as “guards.” For every step the agent moves funds, a third party acting under the rules—who gets punished with confiscated assets if they neglect their duties—must verify it.
Sounds like a perfect logical closed loop, right? Like chaining a ferocious dog and having someone patrol nearby all day.
But the trick is often hidden in performance.
This “execute + verify” dual-track design naturally consumes a lot of on-chain consensus time. If it’s slow-paced personal finance reinvestment, that might be okay. But the moment it involves high-frequency arbitrage or instant GameFi interactions, if nodes take even an extra couple of seconds to check, it’s all over.
So the real tough bone Newton has to tackle next isn’t that the risk-control model isn’t strict enough—it’s how to make distributed supervision not fail, without turning the AI into a sluggish “sloth.” @NewtonProtocol #newt #Newt $NEWT
Last year I used a so-called “fully automated” on-chain trading bot. I went to sleep, and when I woke up, my wallet underwear had been stripped clean. It wasn’t the work of hackers. The “smart” program hit an extreme liquidity crisis and just kept疯狂 buying in the trash pool, following unlimited slippage. Watching the machine I’d granted permissions to “legally” self-destruct was a helpless, soul-crushing feeling.
That’s what brings us to a very real dead-end in the current Agent track: if you want AI execution efficiency, you often end up being forced to sign “overlord terms” with unlimited permissions. Excessive authorization is like running around completely naked—but if moving funds step by step requires confirmations, then what kind of “automation” is that?
With that knot in mind, looking at Newton Protocol’s underlying framework for AI agent execution makes the idea look surprisingly clever. It doesn’t deify AI’s absolute autonomy; instead, from the perspective of preventing wrongdoing, it adds a “dynamic braking” system to the protocol.
Previously, on-chain security data revealed a pattern: more than 60% of automation blowups have their root cause in overreach during execution. A lot of protocols out there today only handle “intent recognition”—they can understand what you want to do, but they don’t care whether the AI goes out of bounds when executing. Newton’s solution is to tightly confine the AI within the permission boundaries set by users, while also having the nodes that have staked $NEWT act as “guards.” For every step the agent moves funds, a third party acting under the rules—who gets punished with confiscated assets if they neglect their duties—must verify it.
Sounds like a perfect logical closed loop, right? Like chaining a ferocious dog and having someone patrol nearby all day.
But the trick is often hidden in performance.
This “execute + verify” dual-track design naturally consumes a lot of on-chain consensus time. If it’s slow-paced personal finance reinvestment, that might be okay. But the moment it involves high-frequency arbitrage or instant GameFi interactions, if nodes take even an extra couple of seconds to check, it’s all over.
So the real tough bone Newton has to tackle next isn’t that the risk-control model isn’t strict enough—it’s how to make distributed supervision not fail, without turning the AI into a sluggish “sloth.” @NewtonProtocol #newt #Newt $NEWT