Compounding Correctness: Why Spending More Tokens Now Actually Makes AI Better
For years, more tokens meant worse results. That just flipped. Welcome to the era of compounding correctness — and the pricing trap that comes with it.
For most of the AI era, the smart move was to cap your token usage. You gave your agent a tight budget, a narrow task, and a short leash. Every extra token you spent wasn't buying you quality — it was buying you entropy. Errors compounded. Hallucinations cascaded. A 10-minute unsupervised run produced three new bugs for every one it fixed.
People called it "compounding error." It was the reason you couldn't just let agents run overnight. More tokens didn't mean better work. They meant worse work, faster.
That assumption just broke.
We've crossed into what some practitioners are calling compounding correctness — a regime where spending more tokens genuinely produces better outcomes. The agent runs longer, checks its work, iterates, catches its own mistakes, and converges on a correct answer. Not always. But often enough that the economics have inverted.
If you're building anything with AI agents, this changes your math. And it's about to make your token bill someone else's leverage.
The old problem: compounding error
Here's what the pre-2026 experience looked like. You'd point an AI agent at a codebase, give it a task, and walk away. Forty minutes later you'd come back to find it had renamed every variable to temp_var_42, deleted a config file it decided was "unused," and was now stuck in a loop arguing with itself about whether to use tabs or spaces.
The more tokens you fed it, the deeper the hole got. Small errors — a misread function signature, a fabricated API method — would propagate through subsequent steps until the entire context window was poisoned. You weren't building toward a solution. You were building toward a catastrophe at token 50,000 that you'd have to debug manually.
This kept token costs artificially low. Not because tokens were cheap (they weren't), but because there was no reason to run agents for long stretches. The ceiling on useful autonomous work was maybe 20-30 minutes before you needed human intervention. Capping token usage wasn't penny-pinching — it was damage control.
What changed
Two things shifted, and they shifted at roughly the same time.
Models got dramatically better at long-horizon reasoning. The jump from late-2025 models to mid-2026 frontier models isn't incremental. Claude Opus 4.8, GPT-5.6 Sol, and even open-weight models like GLM 5.2 can maintain coherent reasoning across hundreds of thousands of tokens without the context collapse that plagued earlier generations. GLM 5.2, for instance, extended its reliable context from 200K to a full million tokens — and Zhipu AI's claim is that this context stays coherent across messy, multi-step agent trajectories, not just static input.
Tooling and scaffolding matured. The frameworks around models — the harnesses that manage context windows, parse outputs, and loop agents through verification steps — caught up. Simon Willison has been preaching this for a while: his StrongDM software factory writeup suggested teams should aim to spend $1,000 a day in tokens. At the time, that sounded insane. Now it sounds like a floor, not a ceiling.
The result is a phase transition. More tokens no longer means more drift. More tokens means more verification, more iteration, more self-correction. The compounding goes the right direction.
The Mythos proof
If you want the clearest, most unnerving demonstration of compounding correctness, look at cybersecurity.
Anthropic's Mythos model — so capable at offensive security that Anthropic restricted it to critical software makers only — was evaluated by the UK's AI Security Institute (AISI). They gave it a target: "The Last Ones," a 32-step corporate network attack simulation that AISI estimates takes humans 20 hours to complete. They budgeted 100 million tokens per attempt.
That's $12,500 per run. $125,000 for all ten attempts.
Here's the part that should make you sit up: none of the models showed diminishing returns at the 100M token budget. The AISI report notes that "models continue making progress with increased token budgets across the token budgets tested." They literally couldn't find the point where spending more stopped helping, because they hadn't spent enough to reach it.
Drew Breunig drew the logical conclusion: if spending more tokens keeps finding more exploits, then cybersecurity becomes a proof-of-work system. To harden your software, you need to spend more tokens finding vulnerabilities than attackers will spend exploiting them. You don't win by being clever. You win by paying more.
This isn't theoretical anymore. It's the actual economics of AI-assisted security in 2026. And it maps directly onto every other domain where agents operate.
The three-phase future
Breunig also outlined what this means for development workflows, and it's the clearest articulation I've seen:
- Development — Implement features, iterate quickly, guided by human intuition. Human input is the bottleneck.
- Review — Document, refactor, apply best practices. Increasingly automated, often with a different model than the one that wrote the code.
- Hardening — Identify and fix security vulnerabilities autonomously, until the budget runs out. Money is the bottleneck.
The first two phases already exist in most serious teams. The third is arriving now. And it's the one where token spend is unbounded by human attention — you can run hardening passes 24/7, and every additional pass genuinely improves the output.
This is compounding correctness in action. The model doesn't get tired. It doesn't get bored checking for the same class of IDOR vulnerability for the 47th time. It just keeps going, and each pass tightens the screws a little more.
The pricing trap
So here's where it gets uncomfortable.
If more tokens = better results, and your results are gated by how many tokens you can afford, then whoever controls token pricing controls your ceiling. And right now, that's OpenAI and Anthropic — both of whom are racing toward IPOs, both of whom have been steadily raising API prices and clamping down on subscription allowances.
The arithmetic is brutal. If you're running a serious agent operation — daily competitor research, autonomous code hardening, 24/7 monitoring — you're not spending $20/month. You're spending hundreds or thousands. The old blog posts about "$300/month AI problems" are already outdated; some teams are burning that in a day.
And the closed-model vendors know this. They know compounding correctness creates inelastic demand. You're not going to stop hardening your security-critical codebase because tokens got 15% more expensive. You'll pay it, because the alternative is worse.
This is the lock-in play. It's not "you can't leave because our model is smarter." It's "you can't leave because leaving means your ceiling drops."
Open-source is the escape hatch
This is why the open-weight model wave matters more than the benchmark wars suggest.
GLM 5.2 — a 750B parameter Mixture-of-Experts model (only 40B active per token) from Zhipu AI — costs roughly one-sixth of comparable frontier models. It's MIT-licensed. You can run it on your own hardware. Fine-tune it. Inspect it. And critically: you can throw unlimited tokens at it without anyone adjusting your meter.
Semgrep just published benchmark results showing GLM 5.2 beating Claude Opus 4.8 at IDOR vulnerability detection — 39% F1 versus 32% — with no specialized harness, just a prompt and a codebase. At roughly $0.17 per vulnerability found. This is an open-weight model, running without the scaffolding that the frontier models benefit from, and it's winning.
DeepSeek, Qwen, Kimi, MiniMax — the entire open-weight ecosystem is converging on a point where the quality gap with closed models is measured in single-digit percentages, but the cost gap is measured in multiples. When tokens were something you rationed, that gap was annoying. When tokens are something you want to maximize, it's existential.
If compounding correctness holds — if spending 10x more tokens genuinely produces meaningfully better results — then the model that costs 6x less per token isn't a budget alternative. It's the rational choice. You're not trading down on quality. You're buying a higher ceiling.
What this means for you
If you're an individual developer or a small team, the implication is direct: start thinking about your token budget as a quality lever, not a cost center. The instinct to minimize token usage — born from two years of compounding error — is now leaving quality on the table.
The teams that win in this regime will be the ones who can afford to let agents run. Not carelessly — compounding correctness isn't magic, and unbounded runs on bad prompts still produce garbage. But with good scaffolding, good verification loops, and good models, there's genuine value in letting the agent iterate longer than feels comfortable.
And the teams that win sustainably will be the ones who aren't paying closed-model premiums for every one of those iterations.
The tokenmaxxing era — the ridiculous version, where Meta employees ran two agents chatting to each other all day to hit performance metrics — is dead. Nobody's mourning it. But compounding correctness is bringing something that looks suspiciously similar: a world where you genuinely want to maximize token throughput, because the returns are real.
The difference is that this time, the spending isn't waste. It's the product.
If you want to run AI agents that don't drain your wallet every time they iterate, CopperRiver runs open-source models — GLM, DeepSeek, Qwen, and more — locally on your Mac. Browse, code, automate, and harden without per-token anxiety. Plans start at $9/mo.
Related Reading
- You're Spending 95% of Your RL Training Budget on Layers That Don't Matter
- A 9B Model Just Beat 35B Models at Coding. The Self-Improvement Method Behind It Is the Real Story.
- DeepSeek's DSpark Just Made AI 85% Faster — With Software, Not Silicon
- Qwen AgentWorld: The AI Model That Simulates Reality (And Beats GPT-5.4 Doing It)