I kept coming back to one question about PolicyClient. Why doesn't the contract just evaluate the policy itself? That honestly felt like the simpler option. Put the rules in the contract and let it decide.
The more I sat with that idea, the more I realized Newton is solving a different problem.
In @NewtonProtocol, the contract doesn't try to understand every policy. It verifies an attestation that's produced after policy evaluation instead of running the same logic again. A developer only needs to inherit NewtonPolicyClient and call _validateAttestation() or _validateAttestationDirect() before execution. The contract isn't trying to make the decision. It's checking that someone already did.
What I find interesting is how that changes the contract's job. It stops being the place where authorization happens and becomes the place where authorization is enforced. That feels like a small distinction, but I don't think it is. Less policy logic on chain usually means less code to reason about later.
The tradeoff is obvious too. You're relying on the attestation because that's what the contract trusts. The trust doesn't disappear. It just moves. Whether that's the better design probably depends on how much you value smaller contracts over keeping every decision on chain.
That's the idea that stayed with me. Good architecture isn't only about what you add. Sometimes it's about what you deliberately leave out.
@NewtonProtocol $NEWT #Newt
$NEWT
Which model would you trust more?
The more I sat with that idea, the more I realized Newton is solving a different problem.
In @NewtonProtocol, the contract doesn't try to understand every policy. It verifies an attestation that's produced after policy evaluation instead of running the same logic again. A developer only needs to inherit NewtonPolicyClient and call _validateAttestation() or _validateAttestationDirect() before execution. The contract isn't trying to make the decision. It's checking that someone already did.
What I find interesting is how that changes the contract's job. It stops being the place where authorization happens and becomes the place where authorization is enforced. That feels like a small distinction, but I don't think it is. Less policy logic on chain usually means less code to reason about later.
The tradeoff is obvious too. You're relying on the attestation because that's what the contract trusts. The trust doesn't disappear. It just moves. Whether that's the better design probably depends on how much you value smaller contracts over keeping every decision on chain.
That's the idea that stayed with me. Good architecture isn't only about what you add. Sometimes it's about what you deliberately leave out.
@NewtonProtocol $NEWT #Newt
$NEWT
Which model would you trust more?
On chain only
PolicyClient
Hybrid model
Not sure yet
17 hr(s) left