Cross-Agent Planning Graph Visibility

Mechanism

The forecasting engine produces forecasts as first-class structural objects. Each forecast carries an identifier, a content payload (the projected state, the planning graph fragment, the predicted observations), and a visibility-scope field. The visibility-scope field is not a free-form access-control annotation; it is a structured enumeration of agent identifiers, agent groups, and role bindings that name the consumers authorized to read the forecast. The scope is set at forecast creation, signed into the forecast manifest, and immutable thereafter.

When an agent attempts to read a forecast — by querying the forecasting engine, by ingesting a forecast through a cross-agent channel, or by following a lineage reference to an upstream forecast — the engine evaluates a structural match between the requesting agent's identity (and any role bindings active in its session) and the forecast's visibility scope. The match predicate is inclusion-based: the requester must appear in the scope, either directly or through a group or role membership recorded against a trust anchor configured in the forecasting engine's policy.

If the match fails, the read fails. The forecast is not surfaced to the requester. The forecasting engine does not return a redacted version, a stub, or a summary unless an explicit downgrade path has been provisioned (see below). The non-readability is structural: the forecast's payload does not enter the requester's address space at any level.

Visibility downgrade is structural rather than label-rewriting. When an agent in scope wishes to share a narrower projection of a forecast with a consumer outside the original scope, it does not edit the visibility field. It invokes the engine's downgrade operation, which constructs a new forecast object: a derived payload (typically a coarsened projection — aggregated, time-shifted, dimensionally reduced, or otherwise narrowed), a new visibility scope that includes the new consumer, and a lineage edge linking the derived forecast to its source. The derived forecast is signed independently. The source forecast remains unchanged. A consumer that reads the derived forecast cannot reach back through the lineage edge to read the source unless the source's own scope admits the consumer.

Operating Parameters

The visibility-scope vocabulary is policy-configured. A deployment registers the agent identifiers it operates, the agent groups it composes (a fleet of vehicle agents, a tier of clinical-decision support agents, a cohort of trading agents), and the role bindings under which agents may operate (supervisor, peer, subordinate, external-consumer). The scope field of any forecast draws from this registered vocabulary. Identifiers, groups, and bindings outside the registered vocabulary are not admissible scope members; the engine refuses to create a forecast whose scope references unknown principals.

The match predicate is evaluated at every read. There is no caching of read authorization across reads; a session that legitimately reads a forecast at one moment may fail to read the same forecast at a later moment if the session's role binding has changed, the requester's group membership has been revoked, or the forecast's scope has been narrowed by a structural revision (which produces a new forecast object — see below). The engine consults a trust anchor for group memberships and role bindings at intervals configured per role class, with safety-critical roles refreshed more frequently than informational roles.

Forecasts are immutable. A scope change is not an in-place edit; it is the construction of a new forecast object whose lineage references the prior. A scope narrowing produces a new object whose scope is a strict subset of the prior; the prior remains readable to its prior scope, but the engine flags it as superseded so that consumers prefer the current revision unless they have a documented reason to read the prior. This immutability is what makes the lineage tamper-evident.

Each read attempt — admit and refuse alike — produces a structural outcome record: the forecast identifier, the forecast scope, the requesting agent's identity and active role bindings, the match outcome, and the trust-anchor revision against which the match was evaluated. The records are written into the forecasting engine's lineage and are auditable independently of any particular agent's logs.

Alternative Embodiments

Scope-membership embodiments admit variation. A direct embodiment lists agent identifiers individually. A group embodiment names a group identifier whose membership is resolved against a registered group authority. A role embodiment names a role binding whose holder set is resolved against a role-management authority. A capability-attestation embodiment names a capability requirement (e.g., agents holding a particular safety attestation) and resolves the holder set against the attestation issuer. Embodiments compose: a forecast scope may name a fixed identifier, a group, and a capability requirement simultaneously, with the match predicate evaluating membership in any of them.

Downgrade embodiments admit variation. A coarsening embodiment produces a derived forecast whose payload is a structurally narrower projection (numeric aggregation, temporal binning, spatial generalization). A summarization embodiment produces a derived forecast whose payload is a textual or structured summary computed by a policy-defined summarizer that itself runs in scope. A truncation embodiment produces a derived forecast that omits specific fields entirely. A noisified embodiment produces a derived forecast with differential-privacy-style perturbation suitable for adversarial-tolerant consumers. Each embodiment produces a new forecast object with its own scope, signature, and lineage edge to the source.

Cross-trust-domain embodiments handle reads across organizational boundaries. A federated embodiment recognizes the requesting agent's home trust anchor and evaluates membership against that anchor under a federation agreement that maps external roles to local scope members. A bridged embodiment introduces a bridging agent that holds membership in both the source scope and the destination scope and whose downgrade operations are explicitly authorized to cross the boundary. An attestation-bridged embodiment admits external requesters who present a verifiable attestation issued by the source scope's authority granting bounded read access for a bounded window.

Multi-stage downgrade embodiments allow a derived forecast to be further downgraded for a still-narrower consumer. The lineage chain grows with each downgrade; each derived object is signed independently; the chain is auditable end-to-end. A re-broadening operation is not admissible: a downgraded forecast cannot be widened by a downstream agent, because doing so would require fabricating data that the downgrade operation removed. Re-broadening, where it is needed, is performed by the in-scope holder of the source forecast issuing a new derivation with the broader scope; it is not performed by the downstream consumer.

Real-time-stream embodiments apply the same scope semantics to forecast streams. Each emitted update on the stream is a forecast object with its own scope, immutable on emission. A downgraded stream is itself a derived stream whose updates carry the narrowed scope and lineage edges to the source-stream updates. Late-binding scope adjustments do not retroactively re-scope already-emitted updates; they take effect from the next emission forward.

Composition With Forecasting-Engine Architecture

Cross-agent visibility composes with the forecasting engine's containment architecture defined elsewhere in the cognition patent. The same containment boundary that separates speculative planning from verified execution carries the visibility-scope field; speculative branches are not exempt from scope enforcement. An agent that speculatively plans a coordination move with a peer cannot leak the speculation outside scope merely because it is speculative.

Visibility composes with the forecasting engine's lineage. Every forecast — original and derived — sits in a lineage graph. Every read — admit and refuse — sits in a corresponding read-trace. An auditor reconstructs end-to-end which agents read which forecasts, which downgrades produced which derivatives, and which scope decisions admitted or refused which reads. The reconstruction is tamper-evident because every forecast object is signed and every lineage edge references signed predecessors.

Visibility composes with the policy-update path. When the deployment's agent registry changes — a new agent commissioned, an existing agent decommissioned, a group membership revised — the change propagates as a policy update and is reflected in subsequent match evaluations. Forecasts created under the prior policy retain their original scope (because the scope is immutable into the manifest), but membership resolution against the current policy may admit or refuse readers differently than at the time of forecast creation. The lineage records the policy revision against which each match was evaluated.

Visibility composes with the multi-agent coordination mechanisms in the forecasting engine. Coordination protocols that depend on shared forecasts (scheduling, resource allocation, conflict avoidance) operate naturally within scope; cross-scope coordination requires explicit downgrade and re-derivation rather than ambient sharing. The structural cost of cross-scope coordination is the cost of constructing the derived forecasts, which is precisely the cost the architecture intends to expose.

Distinction From Prior Art

Existing multi-agent systems share planning state through message passing or through shared blackboards with role-based access control. The access control sits at the blackboard or the message broker, not at the forecast object itself. A forecast that escapes the broker — through a log dump, a debugging export, a downstream reuse — loses its access binding. The cross-agent-visibility mechanism binds scope to the forecast object structurally, so the binding travels with the object regardless of transport.

Existing access-control frameworks treat downgrade as a label-rewriting operation: a high-classification document is reviewed and its label downgraded, with the same bytes now bearing a lower classification. Cross-agent-visibility downgrade is a fresh derivation: a new object with a narrower payload is constructed, signed, and linked. The source object is not relabelled; it remains as it was. This eliminates the trust gap inherent in label-rewriting (in which the consumer must trust the rewriter's discretion about what to remove) and replaces it with a structural guarantee (the consumer reads only what the derived payload contains).

Existing privacy-preserving computation frameworks (differential privacy, secure multi-party computation) provide cryptographic or statistical guarantees over computations but do not specify a forecasting-engine scope vocabulary, an immutable-forecast-object substrate, a downgrade-as-derivation pattern, or a lineage-recorded match predicate. The cross-agent-visibility mechanism is complementary: those frameworks may be used as the downgrade transformation under a noisified embodiment, with the surrounding scope and lineage machinery providing the structural enforcement.

Disclosure Scope

This disclosure covers the structural pattern of attaching an explicit visibility scope to forecasts emitted by the forecasting engine, evaluating cross-agent reads against that scope through a deterministic match predicate at the engine layer, refusing out-of-scope reads at the engine boundary, and treating visibility downgrade as a structural derivation that produces a new forecast object with its own scope, signature, and lineage edge to the source. Specific scope vocabularies, downgrade transformations (coarsening, summarization, truncation, noisification), cross-trust-domain federation, multi-stage downgrade chains, and real-time-stream applications are within the disclosure's contemplation. The disclosure is not limited to the embodiments exemplified; the mechanism is generic over any agent vocabulary that admits identifiable principals, group authorities, and role bindings.