OpenKedge: Governing Agentic Mutation with Execution-Bound Safety and Evidence Chains
Announce Type: new
arXiv: 2604.08601v1
Abstract
The rise of autonomous AI agents exposes a fundamental flaw in API-centric architectures: probabilistic systems directly execute state mutations without sufficient context, coordination, or safety guarantees. We introduce OpenKedge, a protocol that redefines mutation as a governed process rather than an immediate consequence of API invocation.
Overview of OpenKedge
OpenKedge requires actors to submit declarative intent proposals, which are evaluated against deterministically derived system state, temporal signals, and policy constraints prior to execution. Approved intents are compiled into execution contracts that strictly bound permitted actions, resource scope, and time, and are enforced via ephemeral, task-oriented identities. This shift moves safety from reactive filtering to preventative, execution-bound enforcement.
Key Features of OpenKedge
- Governed Mutation Process: Mutation is treated as a governed process, allowing for a more structured approach to state changes.
- Declarative Intent Proposals: Actors must submit proposals that reflect their intentions, ensuring a clearer understanding of actions to be taken.
- Execution Contracts: These contracts define the scope and limits of actions, thereby ensuring that only approved mutations occur.
- Ephemeral Identities: Task-oriented identities are used to enforce execution contracts, enhancing security and accountability.
- Intent-to-Execution Evidence Chain (IEEC): This innovative feature links intent, context, policy decisions, execution bounds, and outcomes into a unified lineage, facilitating auditability.
Transforming Mutation into a Verifiable Process
OpenKedge’s introduction of the Intent-to-Execution Evidence Chain (IEEC) is a game-changer in how mutations are handled within autonomous systems. By cryptographically linking all aspects of the intent and execution process, OpenKedge transforms mutation into a verifiable and reconstructable process. This capability not only enhances transparency but also enables deterministic auditability and reasoning about system behavior.
Evaluation and Results
We evaluated OpenKedge across multi-agent conflict scenarios and cloud infrastructure mutations. The results demonstrated that the protocol successfully and deterministically arbitrates competing intents, effectively “caging” unsafe executions while maintaining high throughput. This establishes a principled foundation for safely operating agentic systems at scale.
Conclusion
OpenKedge represents a significant advancement in the governance of autonomous AI agents, addressing the inherent risks associated with API-centric architectures. By rethinking the mutation process and introducing rigorous safety mechanisms, OpenKedge lays the groundwork for more reliable and secure agentic systems capable of functioning in complex environments.