Spec gap: anonymous-but-accountable agent participation in delegation chain #4
Description
Summary
HDP hop records require agent_id: string but place no constraints on what that string represents. Ephemeral agents (serverless functions, short-lived containers, model instances with no stable identity) have no meaningful stable ID to provide. The spec gives no guidance, leading to random UUIDs that are useless for audit.
The gap
Two distinct sub-cases:
| Case | Current workaround | Problem |
|---|---|---|
| Ephemeral agent with no stable identity | agent_id: "lambda-abc123" (random) |
Not auditable, not correlatable |
| Anonymous-but-accountable agent | No mechanism | Accountability impossible |
Proposed resolution (targeting §-01 of the IETF draft)
Add agent_id_type to hop records, mirroring principal.id_type:
agent_id_type: "stable" | "ephemeral" | "commitment"
stable— persistent identifier, current default behaviorephemeral— declared transient;agent_idis a run-scoped nonce; verifiers MUST NOT use it for identity correlationcommitment—agent_idisbase64url(SHA-256(ephemeral_public_key || session_id)); the agent generates an Ed25519 keypair per session, signs its hop with the ephemeral private key, and includesagent_pub(the ephemeral public key) in the hop record
The commitment scheme provides anonymous-but-accountable participation: the hop is cryptographically bound to a key the agent controls, without revealing a stable identity across sessions.
Target
- IETF draft §-01 (update §5 hop record schema)
v0.2of@helixar_ai/hdp(additive, non-breaking —agent_id_typedefaults to"stable")
Related
- Spec gap: key bootstrap mechanism for air-gapped environments #3 (air-gapped key bootstrap)
CoAuthorizationRequestv0.2 preview — both are v0.2 scope items