Mechanism
Evidence-based capability gating governs access to defined capabilities based on accumulated performance evidence rather than on credentials, roles, or static permission assignments. A capability gate is a governed evaluation point that stands between a requester, which may be a human operator, a semantic agent, or a composite system, and a capability that the requester seeks to exercise. The gate evaluates the requester's accumulated evidence of competence in the relevant domain and produces a binary determination: the gate opens, granting access, or the gate remains closed, denying access.
The distinguishing commitment is that the gate does not rely on credentials attesting to past training, degrees attesting to past education, or role assignments attesting to organizational position. It evaluates demonstrated performance evidence: observations, measurements, and assessments that directly measure the requester's ability to exercise the capability competently in the current context. Authorization shifts from who is asking to what has been demonstrated.
Continuous Evaluation, Not a One-Time Assessment
The capability gate operates as a continuous evaluation rather than a single assessment event. Performance evidence is accumulated through the curriculum engine and through continuous operational monitoring that observes the requester's performance after the capability has been granted. Because the gate is re-evaluated against ongoing evidence, it may close again: a previously granted capability is revoked if the requester's continuing performance indicates that competence has degraded below the required threshold.
This continuity is the structural difference from conventional access management, in which a capability granted at configuration time persists until a configuration change removes it. Here the grant is a function of current evidence, so a capability that was earned can lapse as the evidence supporting it ages or as new evidence contradicts it, without a precipitating administrative action.
The Curriculum Engine and Progressive Unlock
The curriculum engine is the subsystem that defines, sequences, and administers the learning and assessment activities through which requesters accumulate the performance evidence that capability gates require. For each gated capability it defines a set of learning objectives, a set of assessment instruments, a sequencing policy that determines the order in which objectives and assessments are presented, and a mastery threshold for each objective specifying the performance level required to satisfy it.
The engine implements progressive unlock: capabilities are not granted in a single assessment event but are unlocked progressively as the requester demonstrates mastery of increasingly complex or critical aspects of the capability. Requesters are exposed to simpler aspects before being granted access to higher-risk aspects, so the accumulated evidence reflects demonstrated competence across the full scope of the capability rather than performance on a single assessment.
Each curriculum is itself a governed object. Its definition, sequencing, and modification are subject to policy constraints and lineage recording. Additions of learning objectives, modifications of mastery thresholds, and resequencing of assessments are governed mutations that are validated, policy-checked, and recorded in the curriculum's lineage. A curriculum cannot be weakened, shortened, or bypassed without a governed policy change that is attributable to a specific governance authority and auditable through that lineage.
The Certification Token
When a capability gate opens, that is, when accumulated evidence satisfies all gating criteria for a defined capability, the system generates a certification token. The token is a cryptographically signed data object that attests to the holder's demonstrated mastery of the capability at a specific point in time, under specific assessment conditions, as evaluated by specific evaluation instruments. It is not a role assignment, a permission grant, or a static badge. It is a time-bounded, evidence-backed, cryptographically verifiable attestation subject to expiration, revocation, and revalidation.
The token comprises a capability identifier; the identity of the holder, resolved through the biological identity system or a platform identity anchor; an evidence hash, a cryptographic hash of the evidence corpus evaluated at issuance that lets verifiers confirm the token was issued on specific evidence without requiring access to that evidence; the issuance timestamp; the expiration timestamp; the policy scope under which the token was issued; the issuing authority; a device entropy binding to the physical device from which the mastery evidence was submitted, preventing portability to devices on which the mastery was not demonstrated; and the cryptographic signature of the issuing authority.
Token Lifecycle and Cross-Platform Deployment
The certification token participates in a defined lifecycle. Upon issuance the token is active and may be presented to capability gates, verification services, and cross-platform deployment gates as evidence of mastery. Upon expiration the token becomes inactive, no longer serving as valid evidence of current mastery, and the holder must re-demonstrate mastery to obtain a new token. Upon revocation, triggered by evidence of mastery regression, incident reports, or governance intervention, the token is invalidated regardless of whether it has expired. Upon revalidation, triggered by successful re-assessment, a new token is issued with fresh evidence bindings. Each lifecycle transition is recorded as a governed event in the holder's lineage.
The token supports cross-platform deployment gating. When a holder presents a token to a system outside the originating platform, for example a user trained on one platform seeking to operate equipment managed by a different platform, the receiving system verifies the cryptographic signature against the issuing authority's public key, validates the expiration status, and evaluates the policy scope for compatibility with its own governance requirements. If verification succeeds, the receiving system may accept the token as evidence of mastery within the scope it defines, subject to any additional requirements imposed by its own capability gate.
Regression Detection and Capability Revocation
After a capability is unlocked, the system continues monitoring the grantee's performance. This monitoring produces a continuous evidence stream that is evaluated against a regression threshold, a defined performance floor below which the grantee's demonstrated competency is deemed insufficient to maintain the grant. If subsequent performance falls below the regression threshold, indicating skill decay, context change, or gaming, the capability is automatically revoked and the grantee must re-demonstrate competency through the same evidence-based pathway that originally granted it.
The regression threshold may be set at the same level as the original granting threshold or at a lower level that provides a buffer against transient performance dips, as specified by the applicable policy configuration. Revocation is protective. The system records the revocation event, the evidence that triggered it, and the performance trajectory leading to it in the grantee's lineage. Revocation may trigger a mandatory cooldown period during which the grantee may not re-apply, ensuring that re-demonstration reflects genuine competency recovery rather than short-term performance variance.
Multimodal Evidence and Anti-Gaming
The evidential foundation for the gate is a multimodal evaluation pipeline that acquires, processes, scores, and classifies evidence from multiple sensory modalities simultaneously. Supported input streams include text-based input, audio-based input including vocal prosody, video-based input including facial expression and manual task execution, sensor-telemetry input including force-torque and motion-capture data, and biometric input including heart rate variability and galvanic skin response. Each stream is processed by a modality-specific module that produces a structured score vector, and a fusion engine computes a composite that accounts for both the individual signals and the degree to which they corroborate one another.
The multimodal evidence serves a second function beyond assessment enrichment: it is the medium through which the system detects and invalidates attempts to manipulate gating decisions. Cross-modality consistency enforcement flags cases where textual responses indicate mastery but physiological signals indicate confusion or reliance on external assistance. Temporal pattern analysis detects response dynamics indicative of coaching, remote assistance, or automated generation. Spoofing detection, leveraging continuous identity verification and behavioral biometric continuity, detects substitution of a different individual's performance. When gaming is detected, the trust weight assigned to language model proposals that reference the compromised evidence is reduced, so the arbitration engine prefers alternative proposals or rejects the unlock proposal entirely.
Composition With Adjacent Mechanisms
Capability gating composes with the structural confinement of the language model. No language model output reaches any capability gate without first passing through the validation engine; there is no bypass path by which a model can promote its own output to authoritative status or represent itself as having satisfied a gate. The model produces candidate proposals; the gate is computed over signed evidence, tokens, and policy, not over natural-language claims.
Gating also composes with trust-weight calibration and validation feedback asymmetry. Trust weights decay over time in the absence of new evidence, and incorrect accepted proposals decrease a model's weight by more than correct ones increase it, reflecting the asymmetric cost of accepting incorrect proposals. The feedback asymmetry, under which a proposer does not learn why its proposals are rejected, means a model cannot probe or optimize against gating criteria it cannot observe, and the stateless purging at each inference boundary prevents accumulating such inference across calls.
Disclosure Scope
Evidence-based capability gating, comprising the binary open-or-closed capability gate evaluated against accumulated performance evidence rather than credentials, the curriculum engine with its learning objectives, assessment instruments, sequencing policy, mastery thresholds, and progressive unlock, the cryptographically signed certification token with its capability identifier, holder identity, evidence hash, issuance and expiration timestamps, policy scope, issuing authority, device entropy binding, and signature, the active, expired, revoked, and revalidated token lifecycle and cross-platform deployment gating, the regression threshold with continuous post-grant monitoring and automatic revocation, and the multimodal evaluation pipeline functioning as an anti-gaming substrate, is disclosed in the cognition filing (U.S. Application No. 19/647,395 and its international counterpart). This article describes that disclosed mechanism. The mechanism is independent of any specific underlying language model, evaluation harness, or credential format; equivalent embodiments that preserve the evidence-driven evaluation, the governed curriculum, and the signed evidence-backed certification are within scope. The disclosure does not claim novelty in language modeling itself; it claims novelty in the structural binding between accumulated, signed evidence and the runtime exposure of model-driven capability.
