41 lines
1.4 KiB
Markdown
41 lines
1.4 KiB
Markdown
---
|
||
title: "Delegation-Chain"
|
||
type: concept
|
||
tags: [authorization, delegation, multi-hop]
|
||
sources: [agentic-identity-trust.md]
|
||
last_updated: 2026-04-25
|
||
---
|
||
|
||
## Definition
|
||
|
||
Delegation-Chain(委托链)是一种多跳授权链机制——当 Agent A 授权 Agent B 代表其行事,Agent B 可以进一步授权 Agent C,但每一跳都必须满足:签名有效 + 作用域不扩大 + 时间未过期。
|
||
|
||
## Chain Structure
|
||
|
||
```
|
||
Agent A ──signs──> Agent B (scope: trade.execute)
|
||
│
|
||
└──signs──> Agent C (scope: trade.execute, audit.write) ❌ scope_escalation
|
||
```
|
||
|
||
## Verification Rules
|
||
|
||
每条委托链必须通过三项验证:
|
||
1. **签名有效性**:当前 Agent 的签名必须可被其公钥验证
|
||
2. **作用域不扩大**:本跳授权的作用域不得宽于上一跳
|
||
3. **时间有效性**:委托链中任意节点过期,则整链失效
|
||
|
||
## Fail-Closed Behavior
|
||
|
||
- 委托链的任意链节断裂 → **整链无效**
|
||
- 委托链的任意节点过期 → **整链无效**
|
||
- 无法验证某节点签名 → **整链无效**
|
||
|
||
## Relationships
|
||
- [[Zero-Trust]]:Delegation-Chain 是 Zero-Trust 授权验证的核心机制
|
||
- [[Fail-Closed]]:委托链验证采用 Fail-Closed 策略(任意断裂则整链失效)
|
||
- [[Peer-Verification]]:Peer-Verification 协议在有委托时必须验证 Delegation-Chain
|
||
|
||
## Sources
|
||
- [[agentic-identity-trust.md]]
|