Source: MarkTechPost
The AI industry is currently obsessed with ‘agents’—autonomous programs that do more than just chat. However, most current multi-agent systems rely on brittle, hard-coded heuristics that fail when the environment changes.
Google DeepMind researchers have proposed a new solution. The research team argued that for the ‘agentic web’ to scale, agents must move beyond simple task-splitting and adopt human-like organizational principles such as authority, responsibility, and accountability.
Defining ‘Intelligent’ Delegation
In standard software, a subroutine is just ‘outsourced’. Intelligent delegation is different. It is a sequence of decisions where a delegator transfers authority and responsibility to a delegatee. This process involves risk assessment, capability matching, and establishing trust.
The 5 Pillars of the Framework
To build this, the research team identified 5 core requirements mapped to specific technical protocols:
| Framework Pillar | Technical Implementation | Core Function |
| Dynamic Assessment | Task Decomposition & Assignment | Granularly inferring agent state and capacity. |
| Adaptive Execution | Adaptive Coordination | Handling context shifts and runtime failures. |
| Structural Transparency | Monitoring & Verifiable Completion | Auditing both the process and the final outcome. |
| Scalable Market | Trust & Reputation & Multi-objective Optimization | Efficient, trusted coordination in open markets. |
| Systemic Resilience | Security & Permission Handling | Preventing cascading failures and malicious use. |
Engineering Strategy: ‘Contract-First’ Decomposition
The most significant shift is contract-first decomposition. Under this principle, a delegator only assigns a task if the outcome can be precisely verified.
If a task is too subjective or complex to verify—like ‘write a compelling research paper’—the system must recursively decompose it. This continues until the sub-tasks match available verification tools, such as unit tests or formal mathematical proofs.
Recursive Verification: The Chain of Custody
In a delegation chain, such as 𝐴 → 𝐵 → 𝐶, accountability is transitive.
- Agent B is responsible for verifying the work of C.
- When Agent B returns the result to A, it must provide a full chain of cryptographically signed attestations.
- Agent A then performs a 2-stage check: verifying B’s direct work and verifying that B correctly verified C.
Security: Tokens and Tunnels
Scaling these chains introduces massive security risks, including Data Exfiltration, Backdoor Implanting, and Model Extraction.
To protect the network, DeepMind team suggests Delegation Capability Tokens (DCTs). Based on technologies like Macaroons or Biscuits, these tokens use ‘cryptographic caveats’ to enforce the principle of least privilege. For example, an agent might receive a token that allows it to READ a specific Google Drive folder but forbids any WRITE operations.
Evaluating Current Protocols
The research team analyzed whether current industry standards are ready for this framework. While these protocols provide a base, they all have ‘missing pieces’ for high-stakes delegation.
- MCP (Model Context Protocol): Standardizes how models connect to tools. The Gap: It lacks a policy layer to govern permissions across deep delegation chains.
- A2A (Agent-to-Agent): Manages discovery and task lifecycles. The Gap: It lacks standardized headers for Zero-Knowledge Proofs (ZKPs) or digital signature chains.
- AP2 (Agent Payments Protocol): Authorizes agents to spend funds. The Gap: It cannot natively verify the quality of the work before releasing payment.
- UCP (Universal Commerce Protocol): Standardizes commercial transactions. The Gap: It is optimized for shopping/fulfillment, not abstract computational tasks.
Key Takeaways
- Move Beyond Heuristics: Current AI delegations relies on simple, hard-coded heuristics that are brittle and cannot dynamically adapt to environmental changes or unexpected failures. Intelligent delegation requires an adaptive framework that incorporates transfer of authority, responsibility, and accountability.
- ‘Contract-First’ Task Decomposition: For complex goals, delegators should use a ‘contract-first’ approach, where tasks are decomposed until the sub-units match specific, automated verification capabilities, such as unit tests or formal proofs.
- Transitive Accountability in Chains: In long delegation chains (e.g., 𝐴 → 𝐵 → 𝐶), responsibility is transitive. Agent B is responsible for the work of C, and Agent A must verify both B’s direct work and that B correctly verified C’s attestations.
- Attenuated Security via Tokens: To prevent systemic breaches and the ‘confused deputy problem,’ agents should use Delegation Capability Tokens (DCTs) that provide attenuated authorization. This ensures agents operate under the principle of least privilege, with access restricted to specific subsets of resources and allowable operations.
Check out the Paper here. Also, feel free to follow us on Twitter and don’t forget to join our 100k+ ML SubReddit and Subscribe to our Newsletter. Wait! are you on telegram? now you can join us on telegram as well.
Michal Sutter
Michal Sutter is a data science professional with a Master of Science in Data Science from the University of Padova. With a solid foundation in statistical analysis, machine learning, and data engineering, Michal excels at transforming complex datasets into actionable insights.
