beta
/Identity-bound Delegated Authorization, Connector Mediation, And Offline-verifiable Receipt Lineage For Agentic Systems
Abstract

Systems and methods provide an integrated technical control architecture for agentic systems, including large language model (LLM)-based agents, tool-calling assistants, and workflow orchestrators, in which delegated authority, connector invocation, and verification evidence share a common cryptographic lineage. An agent authority rail verifies an identity credential bound to an agent-held key, canonicalizes selected request fields, computes a request digest, derives a least-privilege capability scope with temporal constraints, and issues a capability token cryptographically bound to the verified identity credential, the request digest, the capability scope, and the temporal constraints. A connector trust mediation system verifies a connector descriptor, derives an invocation scope, isolates tool output from privileged instruction channels via a context firewall, and emits linked receipts. An append-only transparency log returns proofs and checkpoints. An offline verifier reconstructs lineage and validates proofs, witness requirements, and verification profiles without online access to a receipt producer.

Full Text

What is claimed is:

Systems and methods provide an integrated technical control architecture for agentic systems, including large language model (LLM)-based agents, tool-calling assistants, and workflow orchestrators, in which delegated authority, connector invocation, and verification evidence share a common cryptographic lineage. An agent authority rail verifies an identity credential bound to an agent-held key, canonicalizes selected request fields, computes a request digest, derives a least-privilege capability scope with temporal constraints, and issues a capability token cryptographically bound to the verified identity credential, the request digest, the capability scope, and the temporal constraints. A connector trust mediation system verifies a connector descriptor, derives an invocation scope, isolates tool output from privileged instruction channels via a context firewall, and emits linked receipts. An append-only transparency log returns proofs and checkpoints. An offline verifier reconstructs lineage and validates proofs, witness requirements, and verification profiles without online access to a receipt producer.
Timeline
Filed
03/03/2026
Granted
06/30/2026
IPC Codes(2)
H04L 9/32:including means for verifying the identity or authority of a user of the system
H04L 9/40:Network security protocols