Multi-Agent Confidence Propagation

Mechanism

The propagation mechanism described in Chapter 5 of the cognition patent treats every cross-agent invocation as an event in which the calling agent's current confidence vector is serialized into the canonical fields of the invocation envelope and transmitted to the callee. The callee receives the envelope, parses the upstream confidence vector into its own cognitive frame as a first-class input, and is structurally prevented from issuing any output whose effective confidence exceeds the bounded transformation of the upstream value. The bounded transformation is monotonic, codomain-preserving, and locally computable from the envelope.

Concretely, when agent A invokes agent B with an upstream confidence c_A, agent B's evaluator computes its local confidence c_B from its own inputs, and the effective confidence c_eff that B may attach to any downstream output is c_eff = T(c_A, c_B), where T is the propagation operator. T is required to satisfy three properties: T(c_A, c_B) ≤ min(c_A, c_B) + epsilon for a small policy-defined slack, T is monotone non-decreasing in both arguments, and T is codomain-bounded to [0, 1]. The default operator is T(c_A, c_B) = c_A * c_B, which trivially satisfies all three properties.

The propagation envelope is signed by the calling agent's policy identity and content-addressed in the lineage. Agent B cannot rewrite c_A; it can only consume it. If B's local evaluation produces a high confidence, the upstream low confidence still suppresses c_eff, and any downstream consumer of B's output sees c_eff rather than c_B in isolation. There is no field in the envelope through which B could declare "I trust myself more than my caller" and override the propagation; the field schema does not admit such a declaration.

Recursive delegation is handled by recursive application of the operator. If A invokes B and B invokes C, the envelope from B to C carries c_eff(A,B), and C computes c_eff(A,B,C) = T(c_eff(A,B), c_C). Because T is bounded above by min + epsilon, the chain monotonically suppresses confidence as it lengthens, with the slack term controlling whether short chains accumulate visibly. Lineage records the full chain, so any auditor can recompute c_eff at any depth from the canonical envelopes.

Operating Parameters

The propagation operator is parameterized by the slack term epsilon, which is constrained to [0, 0.05] at policy load and defaults to zero. A non-zero slack permits a downstream agent to attach slightly greater confidence than the strict product when its local evaluation provides corroborating evidence; the slack is bounded specifically to prevent a chain of small slacks from compounding into laundered confidence. With the default of zero, the chain is strictly multiplicative.

The envelope schema declares the maximum chain depth at which propagation is admitted. Beyond the declared depth, the receiving agent must either reject the invocation or treat the upstream confidence as zero. Default depth is policy-configurable but bounded above by a system-wide maximum, typically eight, that prevents pathological recursion from masking the suppression effect through floating-point underflow.

Each agent declares, in its policy reference, an inbound trust profile per caller class. The profile may apply an additional clamp to the incoming c_A before it enters the operator: a caller class flagged as low-authority may have its c_A clamped at 0.5 regardless of the value asserted in the envelope, while a caller class flagged as canonical may pass through unclamped. The clamp is applied before T, so the clamped value is what propagates. Clamps are auditable and versioned alongside the rest of the policy reference.

The propagation operator itself is selectable from a policy-defined operator set. The default is multiplicative; alternative operators include the strict minimum T(a, b) = min(a, b), the geometric mean T(a, b) = sqrt(a * b), and the Bayesian update T(a, b) = a * b / (a * b + (1 - a) * (1 - b)). The selection is a per-deployment parameter and cannot be changed at runtime by the agents themselves.

Propagation envelopes have a declared validity window. An envelope older than the window is treated as expired by the receiving agent, and the propagation falls back to a configured stale-handling policy (typically reject, with an alternative of degrade-to-zero). The window prevents replay of stale high-confidence envelopes against subsequent low-confidence contexts.

Alternative Embodiments

The canonical embodiment uses a multiplicative operator with zero slack, a depth limit of eight, and per-caller-class trust clamps. Several alternative embodiments are within scope. A first alternative replaces the scalar c with a confidence vector matching the discovery-traversal vector, propagating ⟨C, min, var, depth⟩ as a tuple and applying the operator componentwise with policy-defined component weights. This embodiment preserves more structural information across the boundary at the cost of a wider envelope.

A second alternative uses a Dempster-Shafer combination as the operator, treating each c as a basic belief mass and combining beliefs across the chain. This embodiment is preferred when callers and callees have known partial-overlap evidence bases. A third alternative uses an interval-valued confidence and propagates intervals through interval arithmetic, with the operator being the interval-valued analog of the scalar operator; this embodiment is preferred when distinguishing epistemic from aleatoric uncertainty across the chain matters.

A fourth alternative permits per-output propagation: instead of a single c_eff applied to all of agent B's outputs, B's policy may declare a per-output c_eff that combines c_A with a per-output local confidence. This is useful when an agent produces multiple outputs of differing reliability from a single invocation. A fifth alternative integrates the propagation operator with the gating subsystem so that the gate may admit some outputs of B while suppressing others based on per-output c_eff, rather than admitting or suppressing the entire response uniformly.

Composition With Adjacent Mechanisms

Multi-agent confidence propagation composes with the discovery-traversal confidence mechanism, the canonical-fields layer, the policy reference, and the lineage subsystem. The discovery-traversal mechanism produces the local confidence vector that enters the propagation operator; without local confidence, the operator would have nothing to combine with the upstream value. The canonical-fields layer provides the envelope schema; without canonical fields, the envelope would be unstructured and the receiving agent could not parse upstream confidence as a first-class input.

The lineage subsystem records every envelope, every operator application, and every clamp event. The composition guarantees that any downstream consumer can audit the full provenance of c_eff back to the originating discovery confidence, traversing every cross-agent boundary in between. There is no opaque step in which confidence is asserted without traceable derivation.

The gating subsystem consumes c_eff at the boundary between an agent's reasoning and its externalized actions. The composition is strict: the gate never reads c_local in isolation when an upstream envelope is present; it reads c_eff. Agents that attempt to bypass the gate by re-deriving local confidence from raw inputs cannot do so, because the canonical-fields contract requires the envelope to be present in the frame, and the gate's policy keys on the envelope-bearing field rather than on the local computation.

Prior-Art Distinction

Conventional multi-agent systems either pass confidence as an unstructured hint that the downstream agent may ignore or rewrite, or they pass no confidence at all and require the downstream agent to re-derive its own confidence from raw evidence. Both approaches admit confidence laundering: the downstream agent can attach arbitrary confidence to its outputs without structural constraint by the upstream confidence. The mechanism disclosed here differs in that the propagation operator is structurally enforced through the envelope schema and the gating contract.

Distributed Bayesian inference systems propagate beliefs across nodes but typically require a globally specified network structure and a globally synchronized update protocol. Multi-agent systems do not have a globally specified structure; agents are invoked dynamically, and the chain is not known in advance. The mechanism disclosed here differs in that the operator is locally computable from the envelope, requires no global synchronization, and produces a chain-monotone suppression that does not depend on knowing the full chain.

Trust-management systems in distributed computing propagate trust scores across delegation chains, but those systems typically do not bound the operator's codomain or guarantee monotonicity, and they do not integrate with a deterministic evaluator and lineage subsystem. The mechanism disclosed here is structurally distinct in that the operator's properties are policy-validated at load time and the propagation is auditable from canonical envelopes.

Disclosure Scope

This disclosure covers the structural mechanism by which confidence values cross agent boundaries under a bounded operator, the envelope schema that carries upstream confidence as a first-class input, the inbound trust clamps applied before the operator, and the policy-validated operator selection. The disclosure includes the canonical multiplicative embodiment and the enumerated alternative embodiments. The disclosure extends to compositions with the discovery-traversal mechanism, the gating subsystem, the canonical-fields layer, and the lineage subsystem.

The disclosure does not cover the underlying transport (RPC, message queue, in-process call), the specific cryptographic signing scheme used to authenticate envelopes, or the user-facing presentation of propagated confidence. Implementations using any transport that preserves envelope integrity and any signing scheme that authenticates the calling policy identity are within scope. The disclosure is transport-independent so that the structural guarantees survive infrastructure evolution.

The disclosure further covers the structural prohibition against confidence laundering through invocation, expressed both as the mathematical property of the operator and as the schema-level absence of any field through which the receiving agent could override the upstream value. Embodiments in which the operator is implemented in hardware, in a trusted execution environment, or in a verifiable computation framework are within scope, as are embodiments in which the operator is implemented in interpreted code subject to runtime policy validation. The choice of implementation substrate does not affect the structural guarantees, provided the operator's three required properties are preserved.

Equivalents are intended to be covered. Any propagation operator satisfying monotonicity, bounded codomain, and the upper-bound property T(a, b) less than or equal to min(a, b) plus epsilon is structurally equivalent for the purposes of this disclosure. Envelope schemas that preserve upstream confidence as a non-rewritable structured field, regardless of the specific encoding (CBOR, Protobuf, JSON canonicalization, or future formats), are within scope. The mechanism is defined by the operator's mathematical properties and the envelope's non-rewritable contract rather than by any specific transport, encoding, or hardware substrate.