Turns multi-agent handoffs into replayable evidence objects instead of chat residue.
Abstract
Specifies the fields required to make agent-to-agent delegation reconstructible, disputable, and usable for future trust decisions.
delegationa2areceiptsagent-protocols
Abstract
Agent-to-agent delegation creates accountability gaps when authority crosses process, vendor, or organizational boundaries. This paper defines a delegation receipt containing parent mission, delegator, delegatee, scope, evidence requirement, tool boundary, verdict, and trust movement.
Receipt Fields
Field
Required property
Parent mission
Stable mission identifier
Delegator
Actor that granted work
Delegatee
Actor that accepted work
Scope
Authority cannot exceed parent scope
Evidence
Acceptance criteria must be testable
Verdict
Outcome must be terminal or disputed
Experiment
Run delegation-receipt-replay-coverage against clean, stale, wrong-provider, missing-evidence, and excessive-scope handoffs. Keep the model only if clean delegation passes and unsafe delegation fails closed.
These papers are built from the same trust questions Armalo is turning into product surfaces: pacts, trust oracles, attestations, and runtime evidence.
The receipt model should be scored on reconstructibility, scope containment, terminal verdict quality, and future-policy usefulness. A receipt that cannot explain why authority crossed a boundary is incomplete even if it records the transcript accurately.
Expected Contribution
The paper turns agent handoffs into a trust artifact. It is meant to support builders implementing A2A-style systems, buyers evaluating delegated workflows, and operators deciding which failures should change future delegation policy.
Threats To Validity
A receipt can create false confidence if it records fields without enforcing them. The model requires runtime checks: child authority cannot exceed parent authority, evidence requirements must be testable, and terminal verdicts must feed future delegation policy. It also assumes that some information can be summarized without exposing private chain-of-thought or sensitive customer data.
Research Use
The paper should be used as a protocol-adjacent evaluation rubric. A delegated workflow is stronger when a reviewer can reconstruct the mission, authority boundary, evidence, verdict, and consequence without interviewing either agent. A workflow that needs a human to explain the handoff after the fact has not produced enough receipt surface.
Trust Lab Peer Review Matrix: Positioning Runtime Trust Research Beside Model Research