by jonmon6691
0 subcomment
- A bit ironic that this framework's authorship is completely missing.
- As I am working on an internal platform for AI agents right now, this is of high interest to me. The way my design attempts to approach the problem is using OAuth access tokens with granular permission scopes, and the token exchange grant: When a user triggers an agent, the chat application will take the user's access token and its own, and exchanges both for a new token that includes the original subject claims for agent and user, and the granted scopes. It then requests an agent run using the new token; if the agent worker needs to make requests on its own (to MCP servers or tools), it follows that same process to exchange its own token and the request token for a job token. That way, all requests made on behalf of a user have a fully cryptographically verified audit trail, including the permissions granted.
It feels like that doesn't cover all things outlined in this framework, especially the hardware attestations and public verifiability, but I think it's a solid start.
by eduardovega
1 subcomments
- The moment this crystallized for me was reading about OpenClaw - runs locally, acts autonomously, and use third-party skills. Powerful concept. But as I went through the architecture I kept asking the same question: if this agent acts on my behalf, books something, sends something, deletes something — and something goes wrong — how does anyone trace that back to me? The audit trail wasn't there. Not because the builders didn't care, but because nobody has solved the underlying problem yet. That's when I stopped thinking about this as a product gap and started thinking about it as a missing layer in the infrastructure of the internet itself. That's when it became a manifesto.
- Either this is AI written or the author has an interesting sense of humor.
by eduardovega
0 subcomment
- I'm Eduardo Vega, the author. I'm a senior engineer specializing in identity, trust, and distributed systems, CISSP certified. I intentionally kept my name off the site and paper — the framework is public domain and I wanted the ideas to stand alone. Happy to own it publicly: this is my work, and I'm here to discuss the architecture, the gaps, and what I got wrong.
by 7777777phil
0 subcomment
- The three pillars make sense to me mostly.. but the gap I keep running into is authorization scope.
You can prove a human authorized an agent to "handle my inbox" but that agent might delete emails, reply to clients, forward stuff. Proving someone is at the root doesn't mean they signed off on every action the agent took.
by colinrand
1 subcomments
- I like this direction, but I don't think the crypto angle is necessary or practical in an enterprise / corporate setting. Current audit and compliance frameworks don't leverage or really recognize or encourage cryptographically based proof of action, so I don't see the agentic world as needing this to drive agentic adoption.
However, everything else you lay out is spot on.
by yellow_lead
1 subcomments
- Slop website with a slop white paper. Can the human behind this take accountability?
by botusaurus
0 subcomment
- i see whitepaper, i ask what shitcoin you are peddling
by wangzhongwang
0 subcomment
- [dead]
- [flagged]
Hacker News