Confidence Computation Function
by Nick Clark | Published March 27, 2026
Confidence, in the present disclosure, is a value computed from evidence by a declared function, not a value emitted by a heuristic, a hand-tuned threshold, or an opaque internal estimate. The computation function accepts structured inputs describing capability sufficiency, knowledge adequacy, resource availability, and environmental stability, and returns a bounded confidence value together with a rate of change. The function is Bayesian in shape: it composes prior belief with evidence according to declared weights, and it returns a posterior whose magnitude is interpretable on a fixed scale. The function is reproducible: identical inputs produce identical outputs across invocations, processes, and machines. The function is calibration-audit-required: its outputs are periodically compared against ground-truth outcomes, and the comparison is recorded in an audit log that is retained for the lifetime of the deployment.
Mechanism
The confidence computation function is a deterministic mapping from a structured input vector to a structured output vector. The input vector is assembled from canonical fields maintained by the agent's cognitive architecture. Each field carries a name, a type, a value, and a provenance reference identifying the upstream source. Capability sufficiency is a scalar in the unit interval representing the proportion of required capabilities that are presently available and within their operating envelopes. Knowledge adequacy is a scalar representing the coverage of the present situation by the agent's evidence base, computed as a function of similarity between the present situation and the situations represented in the evidence base. Resource availability is a scalar representing the proportion of required resources, including time, memory, computation, and external service quotas, that are presently allocable. Environmental stability is a scalar representing the inverse of the rate of change of the agent's observed environment over a recent window.
The function composes these inputs according to a declared form. In the disclosed embodiment, the form is a log-linear combination followed by a logistic squash, equivalent to a Bayesian update under a fixed prior with declared evidence weights. The output vector contains the confidence value, a first derivative computed from the previous and present values, and a second derivative computed from the previous two derivatives. The first and second derivatives constitute the rate-of-change signal that downstream authorization stages consume. The function is bounded: its output lies in a closed interval, and its derivatives are bounded by configured rate limits that prevent oscillation under noisy inputs. Every invocation of the function is recorded in lineage: the input vector, the function identifier, the function version, the output vector, and the wall-clock timestamp are all written to an append-only log indexed by invocation identifier.
The Bayesian shape of the function is structural rather than nominal. Each input field carries a prior distribution declared in the policy reference; each field's contribution is computed as a likelihood ratio against that prior; the composed posterior is the product of likelihood ratios under the assumption of conditional independence given the latent confidence variable. Where conditional independence is violated by a known correlation between fields, a correction term is declared and applied; the correction is itself a parameter of the function and is recorded in lineage. The logistic squash at the output maps the unbounded log-posterior to a bounded confidence value, preserving monotonicity so that the ordering of inputs is preserved by the ordering of outputs. The bounded codomain is what permits downstream consumers to treat the confidence value as comparable across invocations and across deployments rather than as a model-relative score.
Reproducibility is enforced at three levels. At the arithmetic level, all operations are specified in a deterministic order, with floating-point operations either replaced by fixed-point equivalents or constrained to associative compositions whose order is fixed by the function specification. At the implementation level, the compiled function carries a hash of its source, its parameters, and its toolchain, and the hash is recorded in lineage with every invocation. At the deployment level, the function is invoked through a single entry point that authenticates the caller's permission to consume confidence outputs and records the caller identity in lineage; this prevents shadow invocations whose results would not be subject to calibration audit.
Operating Parameters
Evaluation cadence is the rate at which the function is invoked. Cadences in the range of ten hertz to one hertz are contemplated for real-time control loops, with slower cadences appropriate for deliberative loops. Evidence weights are scalar parameters declared in the policy reference; they govern the relative contribution of each input field to the composed output and are subject to change-controlled revision. Hysteresis margin is the difference between the threshold at which authorization is granted and the threshold at which authorization is revoked; a non-zero margin is required to prevent oscillation near the authorization boundary.
Calibration window is the period over which the function's outputs are compared against ground-truth outcomes for the purpose of detecting drift. Windows of one hour, one day, and one week are contemplated, selected according to the rate at which ground truth becomes available in the deployment domain. Calibration tolerance is the maximum acceptable deviation between the function's mean output and the empirical frequency of the corresponding outcome; deviations exceeding the tolerance trigger a calibration alert. Function version is a discrete identifier that increments on every change to the function's form or weights; lineage records carry the version so that historical outputs can be reconstructed under the function that produced them.
Alternative Embodiments
In a first alternative embodiment, the function is a closed-form Bayesian update over a small set of conjugate-prior distributions, eliminating the logistic squash in favor of an explicit posterior moment. In a second alternative embodiment, the function is a learned parametric model, such as a small neural network or a gradient-boosted tree ensemble, whose parameters are frozen at deployment time and whose declared form is the architecture description rather than a closed-form expression; reproducibility is preserved by freezing parameters and logging the model hash.
In a third alternative embodiment, the function returns a distribution over the confidence value rather than a point estimate, with downstream consumers selecting a quantile appropriate to their risk tolerance. In a fourth alternative embodiment, the function is decomposed into a hierarchy of sub-functions, each producing a confidence value over a sub-domain, with a top-level aggregator combining the sub-values; this decomposition is suited to deployments where sub-domain confidences are independently auditable. In a fifth alternative embodiment, the calibration audit is performed continuously by a shadow function that consumes the same inputs and is compared against the production function in real time, surfacing divergence before it propagates to authorization decisions.
Composition with Adjacent Mechanisms
The confidence computation function is consumed by an authorization gate that compares the confidence value against domain-specific thresholds and emits an authorization signal. It is consumed by a pause-and-resume controller that monitors the rate of change and halts execution when the second derivative indicates accelerating loss of confidence. It is consumed by an explanation generator that surfaces the dominant input contributors to a given output, supporting human review. It composes with the lineage subsystem, which retains the per-invocation record and supports retrospective analysis. It composes with the policy subsystem, which holds the evidence weights and the calibration tolerance and admits change-controlled revision. It composes with the audit subsystem, which exposes the calibration window comparison to external reviewers without exposing the agent's internal state.
Distinction Over Prior Art
Prior systems treat confidence as a heuristic scalar produced inside a model, with no declared form, no reproducibility guarantee, and no calibration audit. Such heuristics are useful as relative signals within a single model but are not auditable as absolute claims, and they cannot serve as the basis for governance decisions that must be defended after the fact. Prior calibration techniques, including isotonic regression and Platt scaling, post-process model outputs to improve their alignment with empirical frequencies, but they do not constitute a declared function over structured inputs and they do not produce a lineage record. The present mechanism is distinguished by the conjunction of declared form, structured inputs, bounded output, lineage record, and calibration audit, each of which is required to support the governance use case and none of which is sufficient on its own.
Failure Modes and Mitigations
Several failure modes are identified and addressed at the structural level. The first is input staleness, in which one or more canonical fields carry values that are no longer current, producing a confidence value that reflects past rather than present conditions. Staleness is detected by the per-field provenance reference, which carries an acquisition timestamp; when any contributing field exceeds a configured staleness budget, the function emits a stale flag together with the confidence value, and downstream authorization treats the flag as a hard constraint. The second failure mode is calibration drift, in which the function's outputs systematically diverge from empirical frequencies over time. Drift is detected by the calibration audit and surfaced as a calibration alert; the response is a change-controlled revision of evidence weights, recorded in lineage as a function-version increment so that historical outputs remain reproducible under the function that produced them.
The third failure mode is adversarial input shaping, in which an upstream component, whether external or internal, manipulates a canonical field to drive the function's output toward a desired authorization outcome. Shaping is mitigated by the structured-input requirement: every contributing field carries a provenance reference, and the function refuses to compute when any reference fails authentication. The fourth failure mode is reproducibility violation, in which the function's output for a given input differs across invocations due to non-determinism in the implementation, such as floating-point reordering across hardware. Reproducibility is preserved by specifying the function's arithmetic in a deterministic form, by pinning library versions in lineage, and by the calibration shadow function which surfaces reproducibility violations as divergence between production and shadow outputs on identical inputs.
Disclosure Scope
The disclosure encompasses the computation function, its structured inputs, its bounded output and rate-of-change derivatives, its lineage record, its calibration audit, and the compositions described above. The disclosure is not limited to any specific functional form, parameterization, or implementation technology. Functional forms ranging from closed-form Bayesian updates to learned parametric models are contemplated, provided that the declared-form, reproducibility, and audit requirements are satisfied. Implementations in software, in fixed-function hardware, and in heterogeneous accelerated environments are contemplated, as are deployments across single agents, agent collectives, and supervisory hierarchies in which higher-level agents consume the confidence outputs of lower-level agents.
