The AI industry is currently obsessed with ‘agents’ – autonomous programs that do more than just chat. However, most existing multi-agent systems rely on brittle, hard-coded heuristics that fail when the environment changes.
google deepmind Researchers have proposed a new solution. The research team argued that to build the ‘agent web’ at scale, agents would need to move beyond simple task-division and adopt human-like organizational principles such as authority, responsibility and accountability.
Defining ‘intelligent’ delegation
In standard software, a subroutine is simply ‘outsourced’. intelligent delegation Is different. It is a sequence of decisions where one delegate transfers authority and responsibility to another. This process includes risk assessment, capability matching, and establishing trust.
5 pillars of the framework
To create it, the research team identified 5 core requirements mapped to specific technical protocols:
| frame column | technical implementation | core function |
| dynamic evaluation | Work breakdown and assignment | Accurate estimation of agent’s status and capabilities. |
| adaptive performance | adaptive coordination | Handling context changes and runtime failures. |
| structural transparency | Monitorable and Verifiable Completion | Auditing both the process and the end result. |
| scalable market | Trust and reputation and multi-objective optimization | Efficient, reliable coordination in open markets. |
| systemic resilience | Security and Permission Management | Preventing widespread failures and malicious use. |
Engineering Strategy: ‘Contract-First’ Decomposition
The most important change is contract-first decomposition. Under this principle, a delegate only delegates a task if the outcome can be accurately verified.
If a task is too subjective or complex to verify – like ‘writing a compelling research paper’ – the system must recursively decompose it. This continues until the subtasks match available verification tools, such as unit tests or formal mathematical proofs.
Recursive Verification: Chain of Custody
In a delegation chain, such as 𝐴 → 𝐵 → 𝐶Accountability is transitive.
- Representative b Is responsible for verifying the work of C.
- when the agent b returns results to AIt must provide a full chain of cryptographically signed verifications.
- Representative A Then performs a 2-step check: Verifying bis a direct function of and is verifying b verified correctly C.
Security: Tokens and Tunnels
Scaling these chains poses massive security risks, including data removal, backdoor transplantAnd model extraction.
To protect the network, the DeepMind team suggests Delegation Capacity Token (DCT). based on technologies like macarons Or biscuitsThese tokens use ‘cryptographic caveats’ to enforce the principle of least privilege. For example, an agent might receive a token that allows it to read a specific Google Drive folder but prevents any write operations.
Evaluation of current protocols
The research team analyzed whether existing industry standards are ready for this framework. Although these protocols provide a foundation, they all have ‘missing pieces’ for high-stakes delegation.
- MCP (Model Reference Protocol): It standardizes how models connect to tools. Difference: It lacks a policy layer to control permissions in deep delegation chains.
- A2A (Agent-to-Agent): Manages the search and task lifecycle. Difference: It lacks standardized headers for zero-knowledge proofs (ZKP) or digital signature chains.
- AP2 (Agent Payment Protocol): Authorizes agents to spend funds. Difference: It cannot fundamentally verify the quality of work before releasing payment.
- UCP (Universal Commerce Protocol): Standardizes commercial transactions. Difference: It is optimized for purchasing/fulfillment, not abstract computational tasks.
key takeaways
- Proceed with estimates: Current AI delegations rely on simple, hard-coded heuristics that are fragile and cannot adapt dynamically to environmental changes or unexpected failures. Intelligent delegation requires an adaptive framework that includes the transfer of authority, responsibility, and accountability.
- ‘Contract-first’ work breakdown: For complex goals, delegates should use a ‘contract-first’ approach, where tasks are decomposed until sub-units meet specific, automated verification capabilities, such as unit testing or formal proofing.
- Variable Accountability in Chains: In long delegation chains (for example, 𝐴 → 𝐵 → 𝐶), responsibility is transitive. Agent B is responsible for C’s work, and Agent A must correctly verify B’s direct work and B’s verification of C’s work.
- Weakened security through tokens: To prevent systemic breaches and the ‘confused deputy problem’, agents should use Delegation Capability Tokens (DCTs) which provide attenuated authorization. This ensures that agents operate under the principle of least privilege, with their access limited to a specific subset of resources and acceptable operations.
check it out paper here. Also, feel free to follow us Twitter And don’t forget to join us 100k+ ml subreddit and subscribe our newsletter. wait! Are you on Telegram? Now you can also connect with us on Telegram.
Michael Sutter is a data science professional and holds a Master of Science in Data Science from the University of Padova. With a solid foundation in statistical analysis, machine learning, and data engineering, Michael excels in transforming complex datasets into actionable insights.
