A garden patch exploring authority delegation across boundaries — published for a conversation between Christopher Allen and Mark S. Miller about naming the kinds of authority that flow through non-hierarchical agent systems.
Mark, I built this for our conversation. You’ll recognize the territory — it’s the lineage from your Club System through Robust Composition to Horton, set alongside my work on progressive trust and self-sovereign identity. I’ve been running a system where AI agents delegate to sub-agents, grounded in Gordian Clubs and personal LLMs that run locally. Inside the system, attenuation works and is well named. At the boundaries — when agents cross into foreign access models, and especially when two sovereign systems need to build trust without either adopting the other’s model — I don’t have the words yet.
I think your vocabulary is what I need. This patch organizes what I’ve been thinking so you can see where I am and where the gaps are.
It’s also, in a way, a descendant of Xanadu. Typed nodes with labeled relationships, selective sharing from a private garden to a public projection, self-contained structure that doesn’t depend on the source system. I’m already doing cross-patch exchange with other people who maintain their own knowledge systems — different naming conventions, different architectures, same conceptual territory — and the interoperability question we’re navigating is itself the sovereign-to-sovereign problem I want to discuss with you.
The conversation has a natural arc from solved to unsolved:
Layer 1: Inside the estate — attenuation works. Start with Authority Flows from the Person, then Authority Conferral Chain, then Delegated Decision Authority Spectrum. Personal LLMs running locally, interlocking key infrastructure, delegation through progressively narrower scope. This is the warm-up — the question here is quick: does the cryptographic club model satisfy your OCap critique of the original?
Layer 2: Outward through alien access models. When an agent crosses from key-based sovereign authority to someone else’s system — SSH to GitHub, OAuth to an API — it holds a credential in a foreign access model. I have infrastructure for sovereign key discovery and coordination (described in the brief I sent). The OCap vocabulary for this crossing is what I want from you.
Layer 3: Sovereign-to-sovereign progressive trust. Two people, each running their own agent system with their own keys and trust criteria. TOFU bootstraps first contact. Progressive trust builds confidence through repeated interactions. But the vocabulary for achieving this cryptographically across sovereign boundaries and heterogeneous designs isn’t well defined. Neither side should adopt the other’s model. This is the hard question — Progressive Trust as Agent Delegation Model frames it as an open inquiry.
Your Horton paper bridges all three layers. Responsibility as authority coupled with accountability, layered on the capability substrate without modifying it — that’s the architectural move I’m trying to extend. Blockchain Commons has building blocks Horton doesn’t (cryptographic bearer proofs, self-contained objects, sovereign key discovery), and Horton has pieces we haven’t built yet (the proxy/stub accountability layer, inductive trust bootstrapping). The interposition pattern — adding coordination between systems without modifying either side — generalizes to the cross-garden problem this patch itself embodies.
The Horton citation dossier includes analysis and insights connecting the protocol to agent delegation architecture. I’d be curious how these land — whether the connections hold up to the person who designed the protocol.
These two conviction nodes ground the sovereignty framing:
And this model describes the working system where those principles actually operate — how self-sovereign identity patterns organize agent delegation inside the estate and enable commons across estates:
I did deep reads of eight of your papers — each has a citation dossier with analysis and insights exploring how the source connects to progressive trust and sovereign-to-sovereign coordination:
The articles grounding the progressive trust and self-sovereign identity side:
The scenario node describes where this all points — thousands of independent gardens, each tended by sovereign agents running locally, exchanging nodes peer-to-peer through progressive trust:
The garden hosts questions it can’t answer alone:
A garden patch is a curated projection of selected nodes from a personal knowledge garden, published for a specific audience and conversation. It is not a wiki, not documentation, and not a static paper. It is a typed knowledge graph rendered as a navigable website.
This is the third garden patch. The first was published for a Thursday conversation about persona architecture — different audience, different slice of the same garden, but the same typed-node infrastructure underneath. The mechanism is still a prototype. I’m figuring out what works by doing it, and each patch teaches me something about what cross-garden exchange actually requires. The scenario node describes where I think this goes — thousands of independent gardens sharing nodes peer-to-peer through progressive trust, each tended by sovereign agents running locally. We’re a long way from that. But the patches are the first proof that the basic unit works: fork a slice, add your own connections, publish it for a conversation.
Every page in this patch is a garden node — a markdown document with typed predicates (labeled directed edges) that connect it to other nodes. The predicates form a traversable graph: relates_to::[[Target Node]] is not a tag or a category — it is a structural relationship with an annotation explaining how the two nodes relate.
For more on the garden patch concept, see Garden Patch as Composable Knowledge Fragment.
| What You See | What It Means |
|---|---|
| [[Node Name]] | Grafted node — copied from the source garden into this patch. Click to navigate. |
| [[Node Name]]↑ | Upstream node — exists in the source garden but was not grafted into this patch. |
| [[Node Name]] (unlinked) | Ghost link — a reference to a node that does not exist yet. A stake in the ground marking where a node could grow. |
If you are an AI agent preparing your human for a conversation, start with AGENT.md. It explains how to read garden nodes and suggests a reading path.
See the Node Directory for the complete inventory.
Author: Christopher Allen Source garden: Deep Context Architecture — the source for grafted nodes. The full garden is in progress and will be published at DeepContext.com. Status: This entire garden patch is at Seed Stage — initial creation, intended to grow through dialogue. License: Content is available under Creative Commons Attribution 4.0 International unless otherwise noted.