Hierarchical Mandate Tokens for Autonomous Agent Authority (SEP Draft)#1926
Hierarchical Mandate Tokens for Autonomous Agent Authority (SEP Draft)#1926devfelipenunes wants to merge 13 commits into
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds a new draft SEP to define a Soroban-based “Mandate” authority/delegation interface for autonomous agents, plus a small .gitignore update.
Changes:
- Introduces
ecosystem/sep-mandate.md, a draft specification for hierarchical, non-transferable, revocable mandate tokens and a Nexus verification interface. - Defines core structs, required functions (
issue_mandate,revoke_mandate,verify_authority), and required events for indexing. - Ignores local
.worktrees/directories in.gitignore.
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated 8 comments.
| File | Description |
|---|---|
| ecosystem/sep-mandate.md | Adds a new SEP draft describing hierarchical mandate delegation and verification on Soroban. |
| .gitignore | Adds .worktrees/ to ignored paths. |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
|
@copilot apply changes based on the comments in this thread |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Updated the SEP document to reflect changes in the Mandate token structure, including the introduction of DelegationRules, VerificationCache, and improved clarity in the Scope definition.
|
@copilot apply changes based on the comments in this thread |
Updated version and added support for Autonomous Subscriptions with recurring budgets. Clarified comments and improved documentation throughout the mandate authority specification.
Updated the SEP mandate authority document to reflect changes in authority definitions, budget reclamation, and revocation processes.
|
Hey @willemneal and @chadoh ! A dev from the Discord community suggested that I reach out to you regarding this draft. This proposal introduces a standard for Mandate Tokens, designed specifically to solve a major workflow bottleneck in the Agentic Economy: allowing autonomous AI agents to operate on-chain safely. It establishes a cryptographic containment layer directly on Soroban, allowing users to delegate specific permissions, whitelists, and spending limits to an agent without ever exposing their private keys. Since you both are deeply involved with the ecosystem's developer infrastructure and runtime tooling, I would highly appreciate your technical feedback on this architecture, especially regarding our containment logic and state management. Looking forward to your thoughts whenever you have some time! |
|
Hi @devfelipenunes, I noticed that this SEP is being posted at the same time as the discussion meaning this proposal has had no opportunity for public discussion prior to being formalised (see the SEP process). Discussions before hand can gather feedback and build confidence in a proposal before it becomes formalised and may have more success in finding adoption. Are you wanting to formalise the proposal and for it to be assigned a number and merged now or would you like to focus on the discussion, then revisit formalising once you've gathered feedback? I can merge it now if the intent is to formalise now, just wanted to check before merging. Reply here to let me know. |
|
Thanks for the tip! I actually tried reaching out on the Discord channels, but the topic didn't get much traction there. Since this proposal involves specific security and architecture mechanics (like digital identity and Soroban smart contracts), could you do me a favor and tag a few core developers or subject matter experts directly in this PR who usually review these topics? |
The discussion forum is where folks engage on new proposals. Discussion doesn't happen on PRs because a single proposal may have many PRs and discussion becomes fragmented. That's the reason behind why the SEP process has ideas and proposals get discussed first in the forum, and then a PR comes later once the proposal is being formalised. If the goal is to find more discussion, I suggest taking the details to: |
Summary
This proposal introduces a standard interface for issuing non-transferable, revocable Mandate tokens on the Stellar network (Soroban). It allows a sovereign identity (Anchor) to delegate programmable, scoped authority to AI agents or automated systems without sharing private keys.
Motivation
The emerging agentic economy requires AI agents to execute financial transactions and interact with decentralized protocols autonomously. Current methods (like sharing private keys) present extreme custody risks. This SEP solves this by creating a programmable power of attorney: the agent can only act within a pre-defined Scope, and the Anchor retains full, instant revocation rights.
Key Features
Hierarchical Delegation: Allows for Sub-Mandates with narrowing scopes.
On-chain Verification: Standardized
verify_authorityinterface for dApps.Atomic Revocation: Immediate and cascading invalidation of delegated power.
Soulbound Nature: Mandates are non-transferable and linked to specific agent addresses.
Links