i keep getting stuck on a phrase newton's whitepaper uses almost casually when describing its MPC layer: honest-majority three-party computation.

the honest-majority assumption is doing a lot of work in that phrase and it's worth unpacking what it actually requires rather than reading past it.

in a three-party honest-majority MPC protocol, security holds as long as at most one of the three parties is corrupted or colluding with an adversary. two out of three behave honestly and the protocol remains secure. the corrupted party learns nothing about the secret-shared inputs it shouldn't see. the result emerges correctly.

that's the mathematical guarantee. what it requires in practice for newton is that the subset of operators participating in any given MPC evaluation contains at most one corrupted participant. not across the whole operator set over all time. in any specific evaluation instance.

newton cites throughput benchmarks from academic research showing honest-majority three-party computation exceeding one billion gates per second in LAN settings. that number is real and the research it references is credible. but a LAN benchmark between three co-located machines is a different operating environment than a geographically distributed operator set running over the public internet with variable latency and real adversarial pressure.

the EigenLayer restaking economics are newton's stated collusion deterrent. corrupting a threshold of operators to compromise the MPC requires risking their combined staked capital. that's a meaningful economic disincentive. but economic deterrents and cryptographic guarantees are different kinds of claims, and newton's MPC security ultimately rests on both holding simultaneously.

what i find genuinely interesting is how this maps onto newton's existing operator architecture. the same operators providing BLS attestations serve as MPC computation parties. that's elegant from an infrastructure standpoint. it also means the threat model for MPC collusion is the same as the threat model for attestation collusion, which is either a strength, one security model covering both, or a single point of failure, compromising the operator set undermines both guarantees at once.

what i cant fully resolve is how newton selects the specific operator subset for a given MPC evaluation and whether that selection process itself is a point of influence an adversary could exploit before the honest-majority guarantee even kicks in.

#Newt @NewtonProtocol $NEWT