Introduction

Wallets have undergone rapid iterations—from Externally Owned Accounts (EOAs) to smart accounts, from single-chain to multichain, and from human-only to agent-based usage. While off-chain infrastructure has quickly filled gaps to support growth, it has also exacerbated fragmentation, reduced user sovereignty, and limited support for an automated, agent-prolific future.

Over the past six years, Magic Labs has led the development of embedded wallet infrastructure, onboarding more than 40 million wallets worldwide through email, SMS, and social logins for customers such as Polymarket, WalletConnect, Helium, Mattel, Forbes, and Naver. Building on this experience, Magic Labs has envisioned a new standard for crypto wallets—one that addresses the evolving demands of today’s ecosystem while preserving trustlessness and verifiability.

Just as Ethereum introduced programmability to blockchain, it is essential to imbue wallet networks with trustless and verifiable programmability, unlocking new possibilities for web3, especially as the space moves toward an agentic future. At its core, Newton Keystore is a multi-chain validity rollup optimized for storing cross-chain session keys with a zkVM proving layer for onchain verification. Through its unique architecture, inspired by Vitalik’s specification for keystore rollups, Newton establishes a sufficiently decentralized permission layer for onchain accounts with a focus on security, verifiability, and programmability cross-chain to take wallet capabilities to the next level.

“Solving these problems is hard. Fortunately, there is a somewhat elegant solution that performs reasonably well: an architecture that separates verification logic and asset holdings.” (Source)
Vitalik Buterin

The Wallet Endgame

The ultimate goal for crypto wallets as we enter a multichain and multi-entity future is to guarantee programmability, interoperability, and sovereignty.

Programmability

Wallets should allow infinite customization and automation possibilities, ensuring wallets can evolve with new technologies—especially AI.

• Agentic Wallet: As more agents move onchain, driven by trends like DeFAI (DeFi + AI), onchain activities will increasingly be delegated to AI agents, abstracting away technical complexities for users.
• Extensive Verification Logic: To support a future where AI agents handle the majority of onchain activities on behalf of humans, we need more than static session key verification logic—we require arbitrary programmability that is both composable and verifiable.
• Cross-Chain Permissions: Permissions should be atomically settled and shared cross-chain, agnostic of what chain the users or where their liquidity is held.

Interoperability

Wallets should enable frictionless movement of assets and data across chains and applications.

• Cross-Chain Liquidity: Assets flow seamlessly across blockchain ecosystems, sidestepping cumbersome bridges or swaps.
• Cross-App Portability: Identities, wallet assets, permissions, and configurations move effortlessly between dapps.
• Cross-Entity Collaboration: Users, agents, and applications work together under predefined guardrails for secure, frictionless workflows.

Sovereignty

Wallets should grant users absolute ownership and control over their digital identity and assets.

• Full Ownership: Users must hold exclusive control over wallets, permissions, and assets—guaranteeing true self-custody.
• Zero-Knowledge Verified Permissions: Granular access controls empower users to grant or revoke privileges for agents, dapps, and collaborators, all while preserving their privacy.
• Trustlessness: All interactions rely on cryptographic guarantees, removing the need for third-party intermediaries.

AI and crypto together offer unparalleled synergies, yet too often they’re treated as separate domains. While some AI agents’ use cases are still speculative, truly transformative applications are emerging. Agents will soon be autonomously transacting, managing portfolios, optimizing yields, and even negotiating trades with other agents. Crypto wallets must be equipped to serve as programmable “bank accounts” for these agents—enabling them to transact onchain where traditional finance simply cannot.

To achieve this vision, a programmable, interoperable, and sovereign wallet must be integrated with a verifiable keystore rollup. The next generation of wallets will unify blockchain ecosystems and enable a world where humans and agents collaborate effortlessly—driving the expansion of the onchain economy while enabling seamless participation for billions of users and AI agents in a secure, transparent, and open financial ecosystem.

Problem

The entire web3 ecosystem is held back by the limitations of current wallet infrastructure. There is no onchain infrastructure that enables ownership to become programmable and composable. The combined implication is a deterioration of self-sovereignty and fragmentation of liquidity and identity–leading to disjointed user experience and trust problems when engaging with new technologies like AI Agents.

There are three areas missing in the wallet landscape.

1. Permissions are not programmable

Current permission structures are rigid and support simple onchain behaviors typically based on binary rules like amount thresholds or time of day. These permission types limit usability in more complex scenarios, particularly when agents are acting autonomously and when the market is changing so quickly. The permissions need to be more dynamic, able to adjust to oracle readings or delegated to an AI agent collaborating and managing several other agents to optimize a portfolio.

2. No verifiability and security

Current agent and trading bot interfaces require independent wallets to be created. As a result, users must import a private key or transfer funds into a new wallet, introducing security risk by giving assets to an agent or bot with effectively “admin” permission or by exposing private keys outright. Moreover, we know AI is not perfect. It hallucinates and gives false positives/negatives. For it to be safely used, their computation must be verifiable cryptographically. Without that, agent actions lack transparency.

3. Lack of interoperability

With more chains and more liquidity fragmentation, it is cumbersome and inefficient to transact without knowing a dapp’s specific chain and what assets are supported. Additionally, current permission implementations are limited to a single chain. This lack of portability and multichain support not only adds friction to onchain experiences, but forces inefficient processes and flows for AI agents and humans to transact. For example, updating wallet permissions across 10 chains requires 10 separate transactions.

Solution: Multichain Keystore Protocol

We present Newton Keystore, a multichain keystore protocol that provides cross-chain interoperability, private account verification, and real-time composability. Newton Keystore is an upgraded and expanded version of a keystore rollup inspired by Vitalik’s specification, that focuses on enabling ownership to become programmable and composable by utilizing a novel architecture that separates verification logic and asset holdings. It is a decentralized and secure service network that stores and propagates your ownership permissions across any chain in an efficient, verifiable, and trustless way. With Newton Keystore, you always have full control over your assets whether you’re engaging with an agent, a dapp, or another person.

Newton Keystore

Newton Keystore is a multichain aggregated validity rollup with specialized state machine and storage for cross-chain access of smart contract wallet (SCW) authentication parameters (e.g., public keys, passkeys, signature thresholds, etc.) or session keys (e.g., permissions over assets, expiration conditions). These permissions are atomically updated across any L2 on Ethereum in near real-time latency and with minimal cost. The keystore is architected with the following core features:

• Programmable permissions through a modular session key permission structure; providing fine-grain design of onchain behavior by AI agents and humans, allowing for simple rules to compose into highly expressive behaviors.
• Verifiability with real time validity proofs through continuous validation of the AI agent transactions against active permissions using verification and proving key generation.
• Multichain interoperability through permissionless atomic updates across all supported chains.

Programmable permissions

All accounts regardless of network, refer to Newton Keystore to authenticate users. Instead of storing mutable permissions in the account smart contract on each rollup, an immutable link to a “virtual account” ID is stored which points to the actual permission data on Newton Keystore. Permissions can be flexible, modular, and arbitrary, opening the door for policies defined by rules based on time or balance as well as fluid dynamic rules decided by an AI agent like KOL sentiment interpretation. By providing a global repository for account permissions, Newton Keystore unlocks programmability, verifiability, and composability at the account permissioning layer in a decentralized manner. Sessions are created by humans or AI agents who want to use specific permissions over assets. This is done as follows:

1. A transaction to Newton Keystore is sent, containing the permissions for the session key or global account being created.
2. At the same time, either (a) the account is being deployed on however many L2s the user wants with the same deterministic address; or (b) a session signing key is produced capable of acting on permitted assets, verified on Newton Keystore.
3. The proposed transaction is validated within a block by the consensus layer.
4. After this batch of transactions reaches consensus, the key-value database is updated, and the Merkle tree root is settled on the L1, as well as all data made available through a data availability layer.
5. Finally, this state is synced to every L2 with a L2 keystore contract.

Verifiability with real time validity proofs

During session key creation/deletion, Newton Keystore executes the zkVM program and generates a verification key to store in the chain state. The verification key is stored in a read efficient indexed Merkle tree and the state root is posted by the Newton Keystore validators with quorum, atomically settling the state root across all supported chains, enabling the session key to be used on any destination chain of the user's choosing.

At the time of usage (proving time), the session key users can trustlessly access and authenticate to the session key owners' smart accounts. For verification, the session key users send encrypted intent to the Newton Keystore executor where the intents are decrypted and the proving key is generated for onchain verification. The proving key is then used to verify against the verification key by reading the keystore contract on the respective chain.

By storing the verification onchain while proving offchain, this unique architecture offers arbitrary, programmable verification logic to be used for session keys in a privacy preserving manner. Users do not have to rely on Newton Keystore executor for proof generation, but instead trustlessly execute the proof generation themselves by running the zkVM program locally.

Multichain interoperability

Newton Keystore is a single source of truth for session keys, permissions, and authentication parameters to update atomically across all L2s, which can be used by AI agents to securely and privately authenticate to users' smart accounts cross-chain. Newton Keystore coordinates these updates while being a completely permissionless and decentralized infrastructure that is designed to be account agnostic and composable with any wallet provider. In a nutshell, Newton Keystore decouples verification logic and asset holdings, for the authentication to be synced across L2s. This means that users configure their permissions once and have it updated everywhere.

As a starting point, Magic Labs is launching a Newton Account that is natively integrated with Newton Keystore and uses TEEs to securely store the signer. Newton Account is a modular, ERC-7579 compatible smart contract wallet deployed across chains and implements all the benefits of account abstraction and chain abstraction, specifically 1) email and passkey login 2) universal liquidity and 3) session keys atomically propagated across all chains via Newton Keystore. It will serve as the primary upgrade path for all of Magic Labs’ existing 40M+ wallet base as well as equipping any AI agent with a cross-chain native wallet immediately.

Use Cases

Newton Keystore enables every user or entity to be onchain securely with some example use cases listed below.

Human → Human / Dapp

Users can automate transactions based on conditions and rules that are propagated across chains instantly. For example, scheduling a monthly transfer of a pre-defined amount of USDC to a roommate for rent payments. The Newton Keystore ensures that the USDC can be pulled from multiple chains in addition to standard session key configurations where the transaction is automated, pre-approved, and mitigates risk of token asset spend that does not meet the criteria written to the keystore.

Human → Agent / Dapp

Users with a personal AI agent can provide an objective to autonomously work towards. For example, a user can have an agent automatically find and buy memecoins up to 10% of their total portfolio or a maximum of $10,000. The agent can only rebalance with USDC and ETH assets. Alternatively, a user can have an agent automatically monitor and rebalance liquidity pool contributions that optimize yield on a specific asset in Morpho supported vaults only across Base, Polygon, and Ethereum.

Agent → Agent

DAOs can define the objectives and corresponding guardrails for agents to interact autonomously with each other. For example, a trading agent can contract memecoin research services to another agent specializing in the trenches with the largest data set from X, Telegram, Discord, and Dune Analytics. The trading agent can receive top small cap coin recommendations and pay the agent automatically up to a % of the profits earned for any trades on that coin. The DAO can vote and configure that % within the session key which will automatically propagate to any chain the trading agent is transacting on.

Agent Swarms

Extending the example above, an agent swarm can coordinate to optimize stablecoin yield. The swarm has dedicated agents where each specializes in a vault protocol like Morpho, Moonwell, Aave for lending, Ethena for delta neutral hedging, and more. All of the agents are working towards a single objective to optimize stablecoin yield by automatically finding, rebalancing, and developing strategies to earn you the most yield. The user can configure and set parameters on which agents can autonomously transact with particular wallets, how much, and what chains are acceptable across all of their assets on every chain.