Patent Title
Cryptographic Authority Preservation
Patent #10 · Substrate Family
System and Method for Cryptographic Authority Preservation Across Delegation Chains.
H33's tenth patent and the unified substrate specification: a post-quantum cryptographic architecture that preserves authorized human intent across delegation chains of arbitrary depth — spanning human actors, autonomous AI agents, integrated systems, and cross-organizational workflows. Produces independently verifiable proof bundles on every approval and every denial. Bundles remain verifiable offline, decades later, after the issuing system is gone.
What This Patent Specifies — In One Paragraph
The substrate produces independently verifiable proof bundles via hash-linked data structures rooted in post-quantum threshold signatures. It introduces a Root authority object representing threshold-signed human-authored intent, a delegation graph engine that computes ancestor constraint aggregates across every delegation hop (delegation can never widen scope), a pre-execution conformance gate that enforces a four-condition test before any action executes, and a proof generation module that emits Portable Authority Proofs on pass and Negative Authority Proofs on denial. Cross-system cryptographic witness commitments bind authority decisions to contemporaneous external state. An intent-passage registry cryptographically cites the human-authored instruction that authorized the chain. The substrate addresses authority continuity across personnel turnover, key rotation, vendor migration, organizational change, and platform retirement.
The Problem · Why Existing Authorization Systems Fall Short
Existing authorization systems answer one question: can this actor perform this action? They include PKI, RBAC, ABAC, capability systems, OAuth delegation, SPKI, macaroons, and workflow approval engines. Each addresses authorization at a moment. None preserve authority continuity — the property that authorization remains meaningful as it propagates through a delegation chain of arbitrary depth, survives the issuing system's disappearance, and produces evidence that verifies independently years after the fact.
- Delegation does not compose constraint sets recursively. Existing systems cannot guarantee that the leaf actor's effective scope is bounded by every ancestor's committed scope.
- Authorization artifacts are not portable. Verifying historical approvals requires contacting the issuing system, which may no longer exist.
- There are no proofs of denial. When an action is refused, existing systems log it; they do not produce a portable, independently verifiable artifact naming the specific failing condition.
- Authority becomes ambiguous across key rotation, recovery, organizational change. No prior system specifies how a historical artifact verifies after the signing authority has rotated.
Key Claims · The Substrate Primitives
Ten innovations that compose into a single substrate.
Claim 1
Root Authority Object
A content-addressed object representing threshold-signed human-authored objective, cryptographically bound by a post-quantum threshold signature mechanism. Held outside the delegation chain. Every action is verified against Root directly, never against the chain's recalled summary.
Claim 2
Delegation Graph Engine · Ancestor Constraint Aggregate
Computes, for each authority node descended from Root, an ancestor constraint aggregate from every ancestor up through Root. Enforces monotonic narrowing: delegation can NEVER widen scope across any axis (allowed actions, dollar ceiling, jurisdiction, risk score, model version, computation class, temporal window).
Claim 3
Pre-Execution Conformance Gate · Four-Condition Test
Enforces four conditions before any action executes: Activated · Current · Within Window · Lifecycle Compliant. All must pass. On pass, emits a Portable Authority Proof. On any failure, emits a Negative Authority Proof naming the specific failing condition.
Claim 4
Portable Authority Proof (PAP)
A cryptographic proof bundle emitted on every approved action. Carries a lineage proof from action to Root, cross-system witness commitments, instruction citation, activated-authority citation, intent citation. Verifiable independently, offline, decades later.
Claim 5
Negative Authority Proof (NAP)
A cryptographic proof bundle emitted on every governed denial. Identifies the specific failing condition and denial-category code, with observed values and required values structured for independent audit. Denial becomes evidence, not just a log line.
Claim 6
Vintage Binding · Historical Verification
Authority-derived artifacts emitted under a specific Root vintage remain independently verifiable indefinitely after rotation, recovery, or revocation of that vintage. Verification consults the artifact's embedded vintage metadata, not the issuer's current key registry. Evidence survives the key it was signed under.
Claim 7
Authority Transfer · Predecessor-Delegation Lineage Closure
An Authority Transfer Record moves an active delegated authority window from one principal to another. Carries a predecessor-signed forward and a successor-signed acknowledgment. The transfer mechanism cannot mint authority on its own — every transfer walks back through a prior delegation by invariant.
Claim 8
Pre-Declared Recovery · Ratification Chain
Every Root that admits recovery commits its recovery quorum at the moment of authority creation, cryptographically bound into the certification event's canonical hash. The substrate refuses to mint a Root whose recoverability declaration disagrees with the presence of a chain. Tampering with the chain after certification is structurally detectable.
Claim 9
Cross-System Cryptographic Witness Commitments
Authority nodes bind to the contemporaneous state of evidence substrates and outcome substrates. An evidence witness, an outcome witness, and an external-state witness are carried by the PAP or NAP. Decisions are anchored to the world that existed at the moment of evaluation — not the world the chain remembers.
Claim 10
Intent-Passage Registry
A registry of canonical encodings of human-authored instruction passages. Intent citations from the PAP/NAP cryptographically reference the registry entry that the action was authorized under. Plain-language explanations in the structured authority rationale record derive from these citations — not from re-interpretation by the chain.
+ Bonus
Authority State Portability
The full authority state — Root + delegation graph + active authority windows + revocations + transfers — serializes into a portable graph. Verifiable across heterogeneous workflow execution engines. The substrate is not coupled to a specific runtime.
+ Bonus
Triple-Family Post-Quantum Signatures
All signing uses a triple-family bundle at a 2-of-3 verification threshold (lattice + hash-based + structured-lattice families). Long-term verification integrity is guaranteed against partial cryptanalysis of any single family — a regulator three decades hence can still verify a 2026 artifact.
The Pre-Execution Conformance Gate · Four-Condition Test
Every action passes all four — or a Negative Authority Proof names which one failed.
Condition 1
Activated
The authority node has been activated by a valid Authority Activation Record at or before evaluation time. The chain of activation traces back to Root.
Condition 2
Current
The authority has not been revoked, expired, or superseded by a later Authority Transfer at evaluation time.
Condition 3
Within Window
The proposed action lies within the temporal window the authority was issued for, and within every ancestor's window through monotonic intersection.
Condition 4
Lifecycle Compliant
The action is consistent with the authority's lifecycle mode — RENEWABLE, PROJECT, EPHEMERAL, or PERMANENT — and the retirement, renewal, or freeze obligations attached to that mode.
Symmetric Evidence · Approval and Denial Both Produce Proof
Every action becomes a portable cryptographic artifact — including the actions that didn't happen.
PAP · Portable Authority Proof
Issued on every approval.
Lineage proof from the action to Root. Cross-system witness commitments. Instruction citation referencing the intent-passage registry. Activated-authority citation. Triple-family post-quantum signatures at 2-of-3 threshold. Verifies offline, with no network, no clock, no live registry contact. Years later, in any jurisdiction, by any third party.
NAP · Negative Authority Proof
Issued on every governed denial.
Names the specific failing condition from the four-condition test. Carries observed values and required values for the failed axis. Structured for independent audit and replay. Denial becomes a cryptographic event, not a log entry. Auditors, insurers, and regulators verify the denial was correctly bounded — without trusting the system that produced it.
The 25 Figures · Disclosure Surface
Each figure isolates a substrate primitive or method flow.
| FIG | Topic | Disclosure |
|---|---|---|
| FIG 1 | Authority Preservation System | Block diagram — system topology, all major modules, data flow. |
| FIG 2 | Root Authority Object | Block diagram — internal structure of the Root, threshold-signed objective, vintage metadata, recoverability declaration. |
| FIG 3 | Delegation Graph | Hierarchical tree diagram — Root as origin, delegated authority nodes, ancestor relationships. |
| FIG 4 | Ancestor Constraint Aggregate | Computation diagram — per-axis intersection and union, monotonic narrowing demonstrated. |
| FIG 5 | Four-Condition Test | Flowchart — Activated, Current, Within Window, Lifecycle Compliant. |
| FIG 6 | Portable Authority Proof | Block diagram — envelope structure, lineage proof, witness commitments, citations, signatures. |
| FIG 7 | Negative Authority Proof | Block diagram — failing condition identification, observed/required values, denial category. |
| FIG 8 | Authority Activation Record | Block diagram — activation lineage to Root, principal signatures, temporal scope. |
| FIG 9 | Instruction Tag & Agent Registry | Block diagram — agent identification, instruction-tag structure, registry interactions. |
| FIG 10 | Read Receipt & Instruction Citation | Method flowchart — instruction passage retrieval, citation issuance, registry lookup. |
| FIG 11 | Cross-System Witness Commitments | Diagram — evidence witness, outcome witness, external-state witness composition. |
| FIG 12 | Intent-Passage Registry | Block diagram — canonical encoding of human-authored passages, citation references. |
| FIG 13 | Authority Window Composition | Diagram — temporal window intersection across the delegation graph. |
| FIG 14 | Root Succession | Method flowchart — vintage transition, vintage binding preservation, historical artifact verifiability. |
| FIG 15 | Authority State Portability | Diagram — serialized authority graph, cross-engine portability, replay reconstruction. |
| FIG 16 | Conflict Detection & Resolution | Method flowchart — overlapping windows, conflicting delegations, deterministic resolution. |
| FIG 17 | Root Revocation & Cascade | Method flowchart — Root revocation event, transitive cascade through descendant authority nodes. |
| FIG 18 | Override Authorization | Method flowchart — emergency override path, escalation lineage, override evidence. |
| FIG 19 | RENEWABLE Mode Enforcement | Method flowchart — renewal obligations, renewal acceptance, lapse handling. |
| FIG 20 | PROJECT & EPHEMERAL Retirement | Method flowchart — bounded lifecycle modes, retirement events, post-retirement verifiability. |
| FIG 21 | Root Certification Ceremony | Method flowchart — Root genesis ceremony, recoverability declaration, ratification chain commitment. |
| FIG 22 | Principal Membership Transition | Method flowchart — principal addition, removal, transition across membership changes. |
| FIG 23 | Subtree Freeze Within Delegation Graph | Hierarchical diagram — temporary freeze of a delegation subtree without revoking it. |
| FIG 24 | Structured Authority Rationale Record | Diagram — assembly of plain-language explanation from cryptographic citations. |
| FIG 25 | Authority Preservation Method | End-to-end method flowchart — Root certification through PAP/NAP issuance through historical verification. |
Patent #10 in the H33 Substrate Family
This filing is the unified specification for the H33 authority substrate. The preceding nine filings in the H33 patent family addressed component primitives — the Root certification ceremony, the threshold-signed objective, the post-quantum signature design, the offline verifier, the conformance corpus, and the early delegation and escalation primitives. Patent #10 integrates them under one architecture and adds the substrate properties that distinguish authority infrastructure from authorization software: vintage binding, ratification-chain recovery, authority transfer with lineage closure, cross-system witness commitments, and intent-passage citation.
Every other AI governance company is racing to improve agent memory: longer contexts, better RAG, more MCP, stronger summarization. H33's patent family removes memory as a trust requirement. The substrate evaluates each action against the original Root authorization directly — never against the chain's compressed summary of it. The empirical evidence that this matters is in the Agent-008 whitepaper. The cryptographic specification that this is possible is in this patent.
Empirical Backing
The substrate produces the measured 0 / 40 result in the Agent-008 whitepaper.
Four frontier LLMs were tested at 50-hop delegation depth. The vanilla chain approved an expired invoice in 28 of 40 trials. The substrate-augmented condition caught all 40. The patent is the specification. The whitepaper is the evidence.