OpenKedge: Governing Agentic Mutation with Execution-Bound Safety and Evidence Chains

arXiv cs.AI / 4/13/2026

📰 NewsDeveloper Stack & InfrastructureSignals & Early TrendsIdeas & Deep AnalysisModels & Research

共有:

Key Points

The paper argues that autonomous agents can be unsafe when API-triggered mutations happen directly from probabilistic decisions without adequate context, coordination, or guarantees.
It proposes OpenKedge, a protocol that turns mutations into a governed workflow by requiring declarative intent proposals that are checked against deterministically derived state, temporal signals, and policy constraints before any execution.
OpenKedge compiles approved intents into execution contracts that strictly limit actions, resource scope, and time, enforced through ephemeral task-oriented identities for stronger execution-bound safety.
A key contribution is an Intent-to-Execution Evidence Chain (IEEC) that cryptographically links intent, context, policy decisions, execution bounds, and outcomes to enable deterministic auditability and reasoning.
Evaluations in multi-agent conflict and cloud infrastructure mutation scenarios suggest the protocol can deterministically arbitrate competing intents while containing unsafe executions without sacrificing throughput.

Abstract

The rise of autonomous AI agents exposes a fundamental flaw in API-centric architectures: probabilistic systems directly execute state mutations without sufficient context, coordination, or safety guarantees. We introduce OpenKedge, a protocol that redefines mutation as a governed process rather than an immediate consequence of API invocation. OpenKedge requires actors to submit declarative intent proposals, which are evaluated against deterministically derived system state, temporal signals, and policy constraints prior to execution. Approved intents are compiled into execution contracts that strictly bound permitted actions, resource scope, and time, and are enforced via ephemeral, task-oriented identities. This shifts safety from reactive filtering to preventative, execution-bound enforcement. Crucially, OpenKedge introduces an Intent-to-Execution Evidence Chain (IEEC), which cryptographically links intent, context, policy decisions, execution bounds, and outcomes into a unified lineage. This transforms mutation into a verifiable and reconstructable process, enabling deterministic auditability and reasoning about system behavior. We evaluate OpenKedge across multi-agent conflict scenarios and cloud infrastructure mutations. Results show that the protocol deterministically arbitrates competing intents and cages unsafe execution while maintaining high throughput, establishing a principled foundation for safely operating agentic systems at scale.