I spent some time thinking about what "optional" actually means inside a policy request.

Newton's newt_createTask RPC marks intent_signature as optional in its base request schema. At first glance, that seems straightforward—but the reality is more nuanced.

An optional field in the shared API doesn't necessarily mean every task can safely omit it.

If the selected policy reads input.intent_signature, or if the chosen PolicyClient or identity-backed flow requires intent verification, the request must include a valid EIP-712 signature for the exact intent. Passing an empty value like "0x" isn't a workaround either. The Gateway may reject the request before the Rego policy is even evaluated because it expects a properly encoded 65-byte signature.

Initially, this looked inconsistent.

The more I examined it, the more it made sense.

The same endpoint is designed to support multiple integration patterns. Some policies require signed intent, while others don't. Keeping intent_signature optional in the shared schema gives developers flexibility, while individual policies and integration flows decide whether it becomes mandatory.

The interesting part isn't the flexibility—it's the integration risk.

A frontend can build a request that fully satisfies the base schema yet still fail because its selected policy or PolicyClient flow expects a signature. In that case, the application only discovers the requirement after submission, leading to avoidable failures.

That's why flow-aware validation becomes important.

Applications need to validate more than the shared request schema. They also need to understand the requirements of the specific policy, PolicyClient, and identity flow before sending the task.

Flexible schemas improve reusability and support a wider range of policy designs, but they also shift more responsibility to integrators. Without clear validation, "optional" at the API level can become "required" in practice.

The question isn't whether this design is right or wrong.

It's whether developer tooling can make those hidden requirements obvious before a request ever reaches the Gateway.

Does Newton's flexible task schema ultimately make integrations more powerful—or make critical signing requirements harder to detect before submission?

#NEWT #Newt #NewtonProtocol #Web3 #Blockchain #AI #Rego #EIP712 #Crypto

$NEWT

  • Hides critical requirements

  • Support More policy design