DELEGATION

1. Delegation Model

Human authorizes agent to act on their behalf.
Agent presents proof of delegation.
Services verify the chain.

Human (Alice)
  ↓ delegates to
Agent (Assistant Alpha)
  ↓ invokes
Service (Calendar API)

2. Delegation Token

{
  "iss": "did:key:z6Mk...",      // Human DID
  "sub": "did:key:z6Mk...",      // Agent DID
  "aud": "https://api.example",  // Target service
  "exp": 1735689600,
  "scope": ["calendar:read", "calendar:write"],
  "constraints": {
    "notBefore": 1735603200,
    "ipWhitelist": ["203.0.113.0/24"],
    "maxInvocations": 100
  }
}

3. Proof Format

Agent presents proof containing:
- Agent credential (who I am)
- Delegation token (what I'm authorized to do)
- Invocation proof (this specific request)

{
  "credential": "eyJ...",  // Agent VC-JWT
  "delegation": "eyJ...",  // Delegation JWT
  "proof": {
    "type": "Ed25519Signature2020",
    "created": "2025-01-29T12:00:00Z",
    "verificationMethod": "did:key:z6Mk...#z6Mk...",
    "proofPurpose": "authentication",
    "challenge": "nonce-12345",
    "proofValue": "z58DAdFfa9..."
  }
}

4. Verification

Service verifies the delegation:

1. Verify agent credential signature
2. Verify delegation token signature
3. Check delegation.iss matches credential subject
4. Check delegation.sub matches agent DID
5. Check delegation.aud matches service
6. Validate scope against requested action
7. Enforce constraints (IP, time, rate)

5. Revocation

Humans can revoke delegations at any time.
Services check revocation before honoring requests.
Status List 2021 or API-based revocation registry.

6. Chained Delegation

Agents can further delegate to sub-agents.
Each link in chain must be verified.
Scope narrows at each delegation.

Human → Agent A (scope: calendar:*, email:*)
        ↓
        Agent B (scope: calendar:read)
                ↓
                Service