This estate’s approach to agent personas applies self-sovereign identity principles to agent architecture. The persona system embeds agent identity into the same typed knowledge graph that organizes the estate’s content, governed by the same membrane principles that define the estate’s relationship to the outside world.
Self-sovereign identity holds that individuals — not institutions — should control their own digital identity. The ten principles (existence, control, access, transparency, persistence, portability, interoperability, consent, minimization, protection) were articulated for human identity, but the architectural patterns they require — selective disclosure, least authority, portable credentials, explicit consent boundaries — turn out to be the same patterns needed to coordinate AI agents within a personal knowledge system. The estate discovered this by working inward from the identity problem: how to organize multiple AI agents under one person’s authority without creating a hierarchy that undermines the sovereignty it serves.
The estate treats personas as first-class entities in a typed knowledge graph. Each persona is a garden node with:
is_a::[[Persona Form]], has_status::[[Growing Stage]], in_domain::[[Deep Context Architecture]]coordinates_with::[[Garden Groundskeeper Persona]], coordinated_by::[[Estate Seneschal Persona]]follows::[[Human Authority Over Augmentation Systems]]renders_as:: — connecting design to deployment configurationThe persona is not a prompt injected at session start and forgotten. It is a node in a graph that can be queried, audited, and compared through the same predicate vocabulary used for every other entity in the estate. When two personas declare coordinates_with:: each other, that relationship is traversable — a tool or a future agent can discover the coordination topology without reading prose.
This is the difference between a persona and a prompt: the prompt says what to do in this session; the persona is a persistent design document with typed relationships to the principles it follows, the domains it operates in, the other personas it works with, and the boundaries of its authority. The current implementation uses markdown wikilinks as typed edges — relates_to::[[X]] is a labeled relationship from this node to X. These garden predicates are not yet formally mapped to semantic web standards, but the underlying data model is compatible with richer typed-assertion formats. Gordian Envelope, for instance, supports typed assertions with selective disclosure — the same edge vocabulary could be expressed as cryptographically verifiable claims rather than markdown syntax. The architecture is designed to survive that transition.
The estate’s persona diversity is organized along system function — what agents do within a coordinated system of delegated authority, not how they think or what intellectual tradition they represent:
Each level operates under the principle of least authority — Mark Miller’s extension of least privilege to recognize that permissions form a web of transitive authority (see [[Allen (2023) Least and Necessary Design Patterns]]). A worker receives only the scope it needs for its commission — specific files, specific form types, specific disposition criteria. An orchestrator can commission workers and merge their output but cannot set cross-precinct policy. A steward sets direction but does not substitute its judgment for the human’s on intellectual content. The inside-out counterpart also applies: each persona receives the necessary authority to do its work without hitting barriers. The Groundskeeper needs merge authority to be effective; withholding it would create friction without improving safety. The delegated authority spectrum balances both sides — least authority as the ceiling, necessary authority as the floor.
A concrete example: when five citation analyses needed to be created for a collaborative meeting, the Seneschal (steward) wrote a commission specifying the deliverables. The Chamberlain (steward, tactical) decomposed it into five parallel worker sessions. Each Cultivator received a worktree, a specific citation, and a form contract to follow. The Groundskeeper (orchestrator) reviewed and merged each result. At no point did any agent exceed its declared authority — the Cultivators didn’t decide which citations mattered, the Chamberlain didn’t judge the intellectual content, and the Groundskeeper didn’t set the strategic direction. Authority traced back to the human principal at every step.
Self-sovereign identity treats sovereignty not as absolute control but as selective permeability — a living membrane that enables exchange while protecting autonomy (see [[Sovereignty Is Selective Permeability Not Absolute Control]]). This principle governs the estate’s agent architecture at three scales:
Personal scale. The Household Precinct is the innermost membrane — digital body integrity, personal notes, health records, daily journals. Agents working here (Chancellor, Scribes) operate under the tightest authority constraints because the content is the most personal.
Knowledge scale. The Garden Precinct is accumulated knowledge synthesis, shared selectively at its edges. Garden nodes follow form contracts, use typed predicates, and are licensed CC-BY. The membrane here is the garden patch: a curated projection of selected nodes published for specific audiences. What crosses the membrane is a deliberate choice, not a default.
Commons scale. Where gardens from different estates overlap, a commons forms — not a merged garden but a space where seeds cross-pollinate. Each estate maintains its own vocabulary, forms, and organizational principles. Ostrom-style governance applies: clearly defined boundaries, proportional equivalence, collective-choice arrangements. These norms emerge from practice rather than being imposed as protocol. The immediate work is publishing garden patches so that independent systems can cross-reference each other — each estate sharing selected nodes through its own publication mechanism, creating a web of citations and glosses across vocabularies.
The same principles that organize one person’s agents (delegated authority within selective boundaries) are what enable multiple sovereign systems to collaborate. The personal is not a stepping stone to the collaborative — they are the same architecture at different scales.
| On the [[The Persona Spectrum from Role Label to Soul Document | Persona Spectrum]], the estate’s personas sit at Level 2-3: functional role specification with behavioral decision rules. More than role labels — each persona has declared non-goals, behavioral patterns for common situations, and explicit blind spots. Less than full identity specifications — no backstory, no personality trait list, no emotional register. |
The behavioral specification is concrete. The Groundskeeper’s includes: “When observing the garden, identify disconnected clusters, overlapping domains, inconsistent structures. Determine whether intervention is needed at patch level (assign to a Gardener via commission) or system level (adjust boundaries directly).” This resolves ambiguous situations through behavioral answers rather than identity claims, following the approach described in [[Behavioral Questions vs Identity Assertions in Persona Design]].
Declared blind spots function as active constraints, not disclosure. “May over-architect: creating structure before enough content reveals natural organization” is specific enough to trigger behavioral refusal when the pattern is recognized. These are persona specifications that change behavior under pressure, not just sound different in demos.
| The estate uses the [[Ephemeral vs Persistent Persona Identity | stateful serverless]] pattern: each agent session reloads identity fresh from version-controlled configuration. No behavioral drift accumulates across sessions because there is no carry-forward of implicit state. |
Knowledge persists explicitly through three mechanisms: garden nodes (synthesized understanding that survives any session), state files (operational state for workstreams and agent briefs), and deep learning loops (end-of-session capture that cascades observations to durable configuration). The identity/knowledge separation means the estate can audit exactly what persists and why. Every piece of cross-session memory exists as a file that can be read, questioned, and corrected — transparency through architecture, not policy.
| This separation also supports portability. The estate currently runs on Claude Code with Obsidian as the vault interface, but the persona architecture is not inherently coupled to either. Agent files are markdown. Garden nodes are markdown with typed predicates. State files are markdown with YAML frontmatter. The [[Allen (2025) The Exodus Protocol | Exodus Protocol]] patterns — no external dependencies, exit through portability, work offline and across time — are aspirational design criteria for the estate. The architecture is not yet fully portable (it depends on Claude Code’s agent loading, worktree isolation, and hook system), but the data formats are open and the design documents are the source of truth, not any particular runtime. |
The estate separates persona design from persona deployment.
The garden layer is the canonical design document: a node in the typed graph with predicates, relations, structural sections, and form compliance. It participates in the knowledge graph and serves as the authoritative source for what a persona is and how it relates to everything else.
The operational layer is the runtime rendition: a markdown file with YAML frontmatter that the agent harness loads as a system prompt. Tool restrictions, model selection, isolation mode — operational concerns that belong in deployment, not design.
The renders_as:: predicate connects them. When the garden persona changes, the agent file should be updated to match. When operational experience reveals design flaws, the garden persona should be corrected. The two layers are a single design expressed in two formats — one for the knowledge graph, one for the runtime harness. This mirrors the self-sovereign identity principle of separating the credential (portable, verifiable) from the identity it represents (contextual, evolving).
Three coordination mechanisms shape how estate personas work together, each grounded in a self-sovereign identity principle:
Commission architecture applies least authority. Work flows through typed commissions — bounded delegated assignments from orchestrators to workers. Each commission states its authority boundaries, scope constraints, and close-out expectations. The Groundskeeper commissions Gardeners with specific file lists, form types, and disposition criteria. The Chamberlain decomposes Seneschal commissions into parallel tasks. Authority is always traceable: every worker knows who commissioned the work and what authority it operates under.
Worktree isolation applies minimal disclosure. Workers operate in git worktrees — isolated copies of the repository where they can work freely without collision risk. Orchestrators maintain the canonical state on the main branch; the merge review is the quality gate. Each worker sees only the branch it needs.
Context conservation applies resource governance. The Chamberlain’s context window is a shared bottleneck, so mechanical work (polling, status checks) delegates to workers or scripts, reserving orchestrator context for judgment. Context is treated as a commons resource within the agent system — governed by conservation principles rather than consumed freely.
Typed auditability. Every persona relationship is a traversable edge. A query can discover which personas follow the augmentation-over-autonomy principle, which coordinate with the Groundskeeper, which operate in a given domain. The predicate vocabulary makes coordination topology machine-queryable, not just human-readable.
Authority boundaries as architecture. The delegated authority spectrum is a structural feature. The Chamberlain cannot set strategic direction. The Groundskeeper cannot make cross-precinct decisions. These boundaries are designed and declared, following the self-sovereign principle that authority should be explicit and minimal.
Commons-ready from personal principles. The typed-edge, selective-membrane architecture that organizes one estate’s agents is what enables collaboration between self-sovereign estates. Interoperation happens through typed relationships (citations, seeds, glosses) rather than merged vocabularies. The architecture does not require participants to adopt a shared ontology — it requires them to make their own ontology traversable through typed predicates.
Behavioral specification with graph integration. Behavioral decision rules — what to do when stuck, when to escalate, when to refuse — are embedded in garden persona nodes and connected through typed edges to the principles and patterns that inform them. The specification participates in the estate’s accumulated understanding of how agents should work, not isolated in a prompt file.
No adversarial deliberation mechanism. The estate’s personas coordinate operationally, not through structured disagreement. There is no anonymization step, no dissent quota, no forced steelman. When multiple perspectives are needed, the estate relies on the human’s judgment after reviewing structured output. The [[Structured Disagreement Through Persona Review]] pattern exists in the garden as a recognized design but is not implemented in the coordination architecture.
| Single-model diversity ceiling. All estate personas run on the same foundation model. They share the same training distribution, the same conceptual vocabulary, and potentially the same blind spots. The [[The Persona Selection Model | Persona Selection Model]]’s finding about cross-trait inference applies: the estate’s functional diversity is genuine but bounded by the model’s repertoire. |
Functional diversity only. Persona diversity is organized by system function, not by culture, language, or intellectual tradition. The estate sees different parts of the system from different operational vantage points; it does not see the world through different cultural or analytical lenses.
Implementation-coupled portability. The estate’s typed predicates (coordinates_with::, follows::, renders_as::) are meaningful within the garden’s vocabulary but have no formal mapping to external semantic web standards. The data formats are open (markdown, YAML), but the coordination mechanisms depend on Claude Code’s specific features (agent loading, worktree creation, hooks). Full portability — the ability to run this architecture on a different harness or express these predicates as Gordian Envelope assertions — is a design aspiration, not a current capability.
Self-sovereign identity was designed for individuals interacting with institutions. The estate extends it to knowledge work: how do independent self-sovereign systems — each with their own vocabulary, organizational principles, and accumulated understanding — collaborate without surrendering sovereignty to the collaboration?
The architecture was designed inward first, to solve a personal organization problem. The discovery that the same principles enable commons governance came after — a recognition that personal self-sovereignty and collaborative interoperation are the same problem at different scales.
The commons is where gardens from different self-sovereign systems overlap. It is not a merged garden. Each system maintains its own vocabulary and organizational principles. Collaboration happens through shared artifacts — citations, glosses, seeds — that translate between vocabularies rather than merging them. The norms so far are emergent: share seeds freely, credit sources, do not force vocabulary convergence on other participants.
Governance is the open question. Ostrom’s principles (clearly defined boundaries, proportional equivalence, collective-choice arrangements, monitoring) may already be operating in practice, unnamed. Making them visible is part of the ongoing work. The practical next step is publishing garden patches — curated projections of selected nodes — so that independent systems can discover and cross-reference each other’s work. Citations, glosses, and seeds create typed connections across vocabulary boundaries without requiring any party to adopt another’s structure.
| On the longer horizon, the technical infrastructure for commons governance could take the form of autonomous cryptographic objects. [[Allen (2025) The Gordian Club | Gordian Clubs]] encode access rules, versioning, and multi-party coordination through mathematics rather than administrative authority. The [[Allen (2025) The Exodus Protocol | Exodus Protocol]] patterns — no external dependencies, exit through portability, work offline and across time — describe what such infrastructure would need to satisfy. This is aspirational: the current work is finding practical ways to share patches and cross-reference, not building cryptographic commons infrastructure. But the architectural principles are compatible — typed edges that today are markdown wikilinks could eventually be Gordian Envelope assertions with selective disclosure. |
The puzzle at the heart of the commons question is how to collaborate without forcing premature convergence. Vocabulary diversity is not a problem to solve but a feature to preserve. Each sovereign system’s naming choices carry meaning — they encode design decisions, intellectual heritage, and values. A commons that flattens this diversity into a shared ontology destroys the very thing it was meant to cultivate.