#newt $NEWT
Even if a cryptographic attestation cannot be forged, why does @NewtonProtocol still give it an expiration time?
The $NEWT documentation states that every attestation includes an expiration field, and TaskManager checks it before allowing a transaction to execute. The documentation also defines two separate validation errors: AttestationExpired and AttestationAlreadySpent. This shows that Newton protects the system with two independent security mechanisms.
The first mechanism is straightforward. Once an attestation has been used, it cannot be used again. If someone attempts to submit the same transaction with the same attestation a second time, TaskManager rejects it with AttestationAlreadySpent.
But that alone is not enough.
Consider a case where an attestation has been successfully generated, but the transaction is never submitted to the network. While it remains unused, the asset price, protocol state, policy limits, or external runtime data used during policy evaluation may all change. The cryptographic signature would still be valid, but the decision it represents might no longer match the current conditions.
That is why every attestation in @NewtonProtocol has a limited lifetime. Once the expiration time is reached, TaskManager rejects the attestation even if it is cryptographically valid and has never been used before. A new policy evaluation must be performed to generate a fresh attestation based on the current state.
In the #Newt architecture, single-use protection and expiration solve two different problems. Replay protection answers the question, "Can this attestation be used again?" Expiration answers a different question, "Is this authorization decision still valid now?" Because these mechanisms protect against different risks, the documentation implements them as separate validation checks rather than treating them as a single security feature.
Even if a cryptographic attestation cannot be forged, why does @NewtonProtocol still give it an expiration time?
The $NEWT documentation states that every attestation includes an expiration field, and TaskManager checks it before allowing a transaction to execute. The documentation also defines two separate validation errors: AttestationExpired and AttestationAlreadySpent. This shows that Newton protects the system with two independent security mechanisms.
The first mechanism is straightforward. Once an attestation has been used, it cannot be used again. If someone attempts to submit the same transaction with the same attestation a second time, TaskManager rejects it with AttestationAlreadySpent.
But that alone is not enough.
Consider a case where an attestation has been successfully generated, but the transaction is never submitted to the network. While it remains unused, the asset price, protocol state, policy limits, or external runtime data used during policy evaluation may all change. The cryptographic signature would still be valid, but the decision it represents might no longer match the current conditions.
That is why every attestation in @NewtonProtocol has a limited lifetime. Once the expiration time is reached, TaskManager rejects the attestation even if it is cryptographically valid and has never been used before. A new policy evaluation must be performed to generate a fresh attestation based on the current state.
In the #Newt architecture, single-use protection and expiration solve two different problems. Replay protection answers the question, "Can this attestation be used again?" Expiration answers a different question, "Is this authorization decision still valid now?" Because these mechanisms protect against different risks, the documentation implements them as separate validation checks rather than treating them as a single security feature.