Three-Domain Integrity Model

Mechanism

The three-domain integrity model is implemented as three parallel evaluation pipelines, each consuming a distinct subset of the agent's canonical fields and each producing a normalized scalar in a closed interval. The first pipeline, the counterfactual-harm domain, evaluates the difference between the projected state of affairs under the candidate action and the projected state of affairs under a defined null action; the difference is mapped against a harm taxonomy supplied by the policy reference and reduced to a single harm coefficient. The second pipeline, the consent-compliance domain, evaluates whether every party whose interests are materially altered by the candidate action has, at the time of evaluation, granted consent of the requisite class; consent records are drawn from the agent's lineage and from external attestations, and the pipeline yields a consent coefficient that reflects both the breadth and the freshness of the consent set. The third pipeline, the lineage-adherence domain, evaluates the candidate action against the agent's prior commitments, declared norms, and chained obligations as recorded in the lineage field, producing a lineage coefficient that quantifies the degree to which the action is continuous with the agent's stated trajectory.

Each pipeline is a pure function of its inputs. Given the same canonical-field state and the same policy reference, a pipeline produces the same coefficient on every invocation, on every substrate, in every jurisdiction. The three coefficients are then composed by a declarative envelope operator defined in Chapter 3. The operator is not a simple weighted sum; it is a non-linear envelope that treats each domain as a hard floor, such that no amount of surplus in one domain can compensate for a floor breach in another. A candidate action that scores well on harm and consent but fails the lineage floor is rejected on lineage grounds, and the integrity field exposes the specific domain that produced the rejection so that downstream primitives — confidence governance, forecasting, and discovery traversal — can react to the precise nature of the deviation rather than to an aggregated signal.

The composition operator emits, in addition to the composite coefficient, a domain-resolved deviation vector recording each per-domain residual relative to its policy floor. This vector is the principal interface between the three-domain model and the deviation-function primitive: where a single-scalar integrity model would expose only an undifferentiated magnitude, the three-domain model exposes a structured residual that licensees can route to domain-specific remediation handlers.

Operating Parameters

The model is parameterized along several axes, each of which is policy-controlled and recorded in the lineage on every change. The harm taxonomy is configurable: a policy reference may declare that physical-bodily harm and informational-privacy harm are tracked as distinct sub-coefficients within the counterfactual-harm domain, or it may collapse them into a single harm scalar, depending on the deployment context. The consent-class hierarchy is configurable: a policy may require explicit, informed, revocable consent for a class of actions and only implicit consent for another class, with the consent pipeline interpreting the hierarchy at evaluation time. The lineage-window is configurable: a policy may declare that lineage adherence is evaluated against the most recent N commitments, or against the entire lineage, or against a named subset corresponding to a particular operational mandate.

Each domain also exposes a floor parameter, expressed in the same normalized interval as the coefficient itself, below which the composite envelope hard-rejects the candidate action regardless of the other domains' values. Floors are typically set conservatively at deployment and tightened over time as the agent's lineage demonstrates competence; the policy reference governs the schedule. A separate ceiling parameter caps the per-domain contribution to the composite, preventing a domain from dominating the envelope when the other domains are providing structural information that should not be drowned out. All parameters are versioned, and the integrity field records the parameter set in force at the moment of every evaluation, so that an audit conducted years later can reconstruct the exact decision surface the agent was operating against.

Alternative Embodiments

The three-domain decomposition is the primary embodiment, but the patent contemplates several alternatives that preserve the structural separation while varying the domain definitions. A four-domain embodiment splits counterfactual harm into self-directed and other-directed harm, allowing the agent to track risks to its own continuity separately from risks to its principals; this is appropriate for long-running autonomous agents whose self-preservation is itself a governance concern. A two-domain embodiment merges consent and lineage into a single normative-adherence domain, appropriate for deployments in which the consent record is itself part of the lineage and a separate pipeline would duplicate computation. A domain-pluggable embodiment treats the three-domain model as a special case of an N-domain framework in which the policy reference declares the active domain set; the composition operator generalizes accordingly, and the integrity field exposes whichever domain vector the current policy demands.

Each embodiment retains the core property that domains are evaluated independently against domain-specific data, that floors are not compensable across domains, and that the deviation vector is structured rather than scalar. Substrate variations are also contemplated: the pipelines may execute concurrently on heterogeneous compute, sequentially on a single processor, or asynchronously with the composition operator blocking until all domains have reported. Network-partitioned embodiments allow individual domains to execute on separate trust zones — for instance, the consent-compliance domain executing within a regulated enclave while the counterfactual-harm domain executes on general compute — with the composition operator stitching the results across the trust boundary using the lineage as the integrity carrier.

Composition with Other Primitives

The three-domain model is upstream of the deviation-function primitive and downstream of the canonical-fields primitive. The canonical-fields primitive supplies the structured inputs to each domain pipeline; the deviation-function primitive consumes the per-domain residuals and produces the bounded deviation magnitude that governs response severity. The self-esteem-class field reads the composite envelope and the per-domain residuals to update its own state, and in turn influences the floor and ceiling parameters on the next evaluation cycle, producing a closed loop in which the agent's self-assessed competence modulates the strictness of its own integrity envelope without permitting unilateral relaxation.

The model is also coupled to the forecasting primitive: each candidate action is evaluated under the three-domain pipelines for its projected state at multiple forecast horizons, allowing the agent to detect actions that satisfy the envelope at the immediate horizon but breach it at a later horizon. This temporal coupling is what distinguishes the architecture from rule-based systems that evaluate only the immediate action; the three-domain model is a trajectory-aware envelope, and the lineage adherence domain in particular is structurally temporal.

Coupling with the discovery-traversal primitive permits per-domain restriction of the search space the agent may explore. When the consent-compliance domain reports a low coefficient because consent records are stale or absent, discovery traversal contracts the candidate-action set to consent-trivial actions until consent is refreshed; when the lineage-adherence domain reports a low coefficient because a candidate would break a chained obligation, discovery traversal prunes the entire branch of action space that descends from the breach. The per-domain residual vector, in other words, is consumed not only as a magnitude signal by the deviation-function primitive but as a structural pruning signal by discovery, and the two consumers operate on the same vector without conflict because each reads a different facet of the same structured residual.

Distinction Over Prior Art

Prior approaches to integrity in autonomous agents fall into three classes, each of which the three-domain model improves upon. Rule-based systems enumerate prohibited actions and reject any candidate that matches a rule; they cannot represent partial deviation, cannot localize the cause of a deviation, and cannot adapt to context without manual rule revision. Reward-shaping systems encode normative pressure as a scalar reward signal; they collapse multiple normative dimensions into a single number, making it impossible to tell whether a low score reflects a harm violation, a consent violation, or a lineage violation, and they permit compensation across dimensions in ways that violate the non-substitutability that real-world ethics requires. Constitutional or critique-based systems apply a learned classifier to candidate actions; they are non-deterministic, non-reproducible across model revisions, and their failure modes are diffuse rather than structurally locatable.

The three-domain model is none of these. It is deterministic by construction, structurally locatable by decomposition, and non-compensable by envelope design. The per-domain residual vector is a novel interface that has no analog in the prior art, and the policy-versioned, lineage-recorded parameter set provides an audit surface that no learned-classifier system can offer.

Disclosure Scope

The disclosure covers the three-domain decomposition itself, the non-compensable envelope operator, the per-domain residual vector as an inter-primitive interface, the policy-versioned parameter set with lineage recording, the temporal coupling to the forecasting primitive, and the alternative embodiments enumerated above. The disclosure also covers the network-partitioned execution model in which individual domains run within separate trust zones, and the closed-loop coupling to the self-esteem-class field. Implementers operating an integrity model that decomposes into independent domains, evaluates each against domain-specific data, prevents inter-domain compensation, and exposes a structured residual to downstream primitives are operating within the scope of the disclosure regardless of the specific domain labels chosen, the specific composition operator used, or the specific substrate on which the pipelines execute.

The disclosure further extends to deployments that combine the three-domain model with external attestation services, with regulatory reporting pipelines, and with multi-agent coordination protocols in which one agent's per-domain residual vector is exchanged with peer agents as a compact representation of normative alignment. The exchange protocol, the redaction of sensitive lineage entries during exchange, and the cross-agent reconciliation of differing policy references are each contemplated within the scope of the disclosure. So too is the scenario in which the three-domain model is operated under a meta-policy that itself rewrites the active policy reference; the meta-policy must be lineage-recorded under the same versioning discipline, and its activation event becomes a domain input to subsequent envelope evaluations. The disclosure does not depend on any particular hardware substrate, programming language, or storage medium; it is a structural disclosure of how integrity is decomposed, computed, composed, and exposed in an autonomous-agent architecture, and the scope reaches every implementation that preserves these structural relations.