Software Design Catalog
Agentic AI
Back to Catalog
Agentic AI Governance & Observability

Deontic Token Delegation

Encode obligations, permissions, and prohibitions as transferable tokens that travel with delegated work — so duty and accountability move with the task, not just credentials.

Deontic Token Delegation makes compliance obligations first-class objects in multi-agent pipelines — each obligation, permission, or prohibition is a structured token with a provenance chain, so a sub-agent inherits not just the ability to act but the constraints it must honor and the accountability it can’t shed.

Intent & Description

🎯 Intent

Reify obligations, permissions, and prohibitions as transferable deontic tokens that agents pass along the delegation chain with full provenance — duty and accountability travel with the work, not only the credentials to perform it.

📋 Context

In multi-agent systems, a coordinator accepts a goal and delegates to specialist agents who delegate further to tools or other agents. Standard delegation passes credentials. But the original duties — “obtain consent before acting,” “retain a record,” “refuse this class of operation” — have no representation that survives the hand-off. Downstream agents inherit the permission but not the constraint.

💡 Solution

Represent each deontic relation as a structured token: the duty, the agent currently bearing it, the originating principal, and the chain of hand-offs. When an agent delegates, it transfers the tokens bound to that delegation and appends itself to each token’s provenance — you can’t pass authority without passing the obligations attached to it. Receiving agents evaluate their tokens before acting: prohibitions override obligations override permissions. Every token carries its full chain, so any dropped obligation can be traced back to the specific agent that held it when the duty was abandoned.

Real-world Use Case

  • Tasks carry obligations or prohibitions — consent, retention, refusal duties — that must survive delegation across a chain of agents.
  • Accountability must be traceable: which agent held which duty and where did it come from.
  • Permissions alone are insufficient — the system needs to enforce what agents must and must not do, not only what they may do.
  • The delegation chain is long enough that reconstructing responsibility from logs after the fact is unreliable.

Source

View Original Source →
📌 TL;DR

Pack obligations and prohibitions into tokens that travel with delegated work — when a sub-agent drops a duty, you know exactly which node in the chain dropped it.

Advantages
  • Duties travel with the work — a sub-agent inherits what it must and must not do, not only what it’s allowed to do.
  • Every obligation carries its chain — responsibility can be traced back to the originating principal after the fact.
  • Prohibition tokens let a receiving agent refuse a forbidden action even when it holds the permission to perform it.
  • Dropped or breached obligations can be attributed to the specific agent that held the token.
Disadvantages
  • Reifying and transferring tokens at every hand-off adds protocol overhead that permission-only delegation avoids.
  • Without a tamper-evident anchor, an agent can rewrite a token to quietly shed an obligation it should keep.
  • Largely research-grade for LLM agents — mature lineage is in formal-methods and enterprise distributed systems, not yet in production stacks.
  • Authoring deontic rules and precedence correctly is its own design burden, separate from the delegation mechanism.
Previous
60 of 322
Next