]> Alter Meridian Pty Ltd

Cronulla, NSW Australia blake@truealter.com

This memo articulates a coordination-protocol anti-pattern observed in cross-tool agentic systems and describes a substrate-observation alternative that does not require negotiating a wire format between heterogeneous concurrent sessions of an identity-bound principal. The memo is Informational. No protocol element is being proposed for standardisation; the contribution is the opposite -- a delineation of what should NOT be standardised, and why, with a reference to the substrate-physics primitives that take its place. Companion memos in the morrison-* family describe the identity primitives this memo presumes; specifically, this memo relies on the ~handle namespace established in and the per-principal identity substrate referenced in .

Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

Introduction When a single identity-bound principal operates several agentic sessions concurrently -- whether across different tools, different hosts (a workstation, a laptop, a phone), or different organisational contexts (an individual capacity, a workplace capacity, a contracted capacity) -- those sessions must deconflict their action without stepping on each other's commits, leases, or external-system state. A natural impulse is to standardise a wire protocol for the sessions to exchange peer-state envelopes: "I am here, working on X, holding lease Y until time T". This memo argues such standardisation is structurally unnecessary, would compound interop burden as new agentic tools enter the ecosystem, and would re-centralise an inherently distributed problem on whatever broker the envelope protocol selected. The alternative is substrate observation: each session observes byproducts of its peers' normal operation (filesystem timestamps, kernel-reported socket peer counts, server-emitted connection counts on shared channels) and forms its own local representation of who-else-is-here. No envelope. No wire format. No broker. Reconciliation occurs post-hoc through substrate-physics commitments (filesystem locks, append-only identity logs, economic settlement, organisational identity append-logs) -- never through a canonical decision. Identity binding of the principal's surfaces themselves is assumed to follow the conventions of and ; this memo concerns only the coordination layer above those primitives.

Conventions and Definitions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here. The following terms are defined for the purposes of this document:

• Substrate-emitted byproduct. A filesystem or kernel or network-substrate side-effect of an operation undertaken for some purpose other than coordination, observable to other sessions of the same principal without those sessions having transmitted a coordination message.
• Decay-to-uncertainty. The property that an observation aged beyond a recency threshold transitions to an explicit "uncertain" state, under which the observing session continues to operate, rather than transitioning to an "absent" state under which the observing session blocks.
• Mutual hallucination. The property that each session of a principal forms its own local representation of concurrent-peer presence from substrate observations, and that no representation is canonical. Divergent representations are reconciled post-hoc through substrate-physics commitments, not through agreement among the sessions themselves.
• Substrate-physics cascade. The ordered, non-commutative reconciliation pipeline through which divergent local representations resolve to a single durable history. A reference implementation orders the cascade as (a) filesystem-lock arbitration, (b) per-principal append-only identity-log, (c) external operational settlement (cryptographic non-fast-forward rejection, on-chain transaction receipt), and (d) per-organisation append-only identity-log. No stage in the cascade transmits a coordination marker; each stage is a commitment to the substrate, observed identically by every participating session.

The Anti-Pattern This memo identifies envelope coordination -- the standardisation of a peer-state-exchange wire format across heterogeneous agentic sessions -- as structurally inadequate to the cross-tool identity-bound-principal problem. Three failure modes recur:

Interop Combinatorics Every additional agentic tool adopting an envelope-coordination standard must negotiate compatibility with every prior tool's version of the standard. Tool families evolve at different cadences; agreement-by-versioning produces a combinatorial maintenance burden borne by the slowest-moving tool's release cycle. Substrate observation has no compatibility surface to negotiate; tools that emit substrate byproducts as a side effect of their normal operation are mutually visible by construction, regardless of release cycle.

Broker Re-Centralisation Envelope-coordination wire formats imply a destination for the envelopes. A broker -- whether discovered via DNS, configured per-session, or shipped by a single vendor -- accumulates the peer-state of every session that publishes to it. This collapses what is logically a distributed-observation problem onto a single centralised authority, with the predictable consequences for failure-mode (broker down implies coordination down) and trust (broker operator sees every session's purpose).

Identity-Binding Leakage Envelope payloads typically carry an identifier ("session-id", "principal-id", "agent-id") to permit peers to address each other. Such identifiers become a re-identification surface at the wire layer that the underlying identity infrastructure may have explicitly arranged to bound. Substrate byproducts emit no payload -- they are simply present in the substrate -- and the inference of peer identity is performed locally by each session from substrate-tier credentials it already possesses (kernel SO_PEERCRED, transport-layer authentication on a shared channel, and equivalent). No wire-layer identifier is exposed.

The Alternative Sessions observe substrate-emitted byproducts. Three reference observables, listed in order of identity-binding strength:

• Filesystem modification timestamps on per-session journal files produced by tools that journal to disk. Pseudonymous; compute-location is the observing session's local filesystem.
• Kernel-reported socket peer-credentials (SO_PEERCRED on Unix-domain sockets, equivalent mechanisms on other systems) for sessions mounting a common per-principal daemon. Identity-bound to the principal owning the daemon; compute-location is kernel-mediated, host-local.
• Server-emitted concurrent-connection counts on a per-principal event channel maintained by the principal's identity infrastructure. Identity-bound to the principal; compute-location is the server emitting the count, with inference performed locally by the subscribing session.

None of these observables is a coordination message. Each exists as a byproduct of the observed session's normal operation: writing its journal, mounting its socket, subscribing to its event channel.

Reconciliation When sessions' local representations diverge -- typically when two sessions independently take an action that affects shared state (a shared filesystem path, a shared external-system resource, a shared organisational artifact) -- reconciliation proceeds through the substrate-physics cascade defined in Section 2, ordered: filesystem-lock arbitration, per-principal append-only identity-log, external operational settlement, per-organisation append-only identity-log. Each stage is a substrate commitment. No stage transmits a coordination marker; each stage's outcome is itself observable as another substrate byproduct by every participating session. The cascade is non-commutative: the outcome of an earlier stage constrains the admissibility of a later stage's commitments. This property prevents an attacker from partitioning observations across cascade stages to write conflicting commitments simultaneously.

Why Not Standardise the Substrate A reader may ask whether this memo should propose a standardised set of substrate observables and a standardised reconciliation cascade. It does not. The observables identified above are characteristic of POSIX-derived systems running journal-emitting tools, mounting Unix-domain sockets, and subscribing to HTTP-streaming event channels -- substrate that is itself standardised in , , and similar. No new substrate standardisation is required for the substrate-observation pattern; it composes directly with existing substrate. Where heterogeneous substrate calls for adapter selection (a Windows tool's journal location differs from a POSIX tool's), the adapter is a tool-private implementation detail, not a wire-format negotiation between sessions.

Relation to Prior Art This memo's substrate-observation primitive is structurally distinct from each of the prior-art families surveyed below. The contribution of this memo is the joint articulation of why each family is, by construction, inadequate to the identity-bound-principal cross-tool problem the memo describes; it is not a survey for its own sake. Leader-elected consensus requires a designated leader, explicit coordination messages, and a single canonical log. Substrate observation has none of these. Conflict-Free Replicated Data Types require a shared mutable data structure and commutative merge operations. Substrate observation has neither; the cascade described in Section 5 is non-commutative. Gossip and epidemic protocols (Demers et al. 1987, and successors) require explicit anti-entropy or update messages transmitted between nodes on a schedule. Substrate byproducts are not anti-entropy payloads; they are unrelated side-effects. Logical clocks (Lamport, vector clocks, Interval Tree Clocks) require piggyback of clock state on application messages. Substrate observation does not piggyback on coordination messages because there are none. Distributed snapshots require explicit marker messages injected along communication channels. The reconciliation cascade of Section 5 is triggered by independent operational events, not markers. Cryptographically-chained append-only logs (Certificate Transparency , Git object graphs, blockchain ledgers) are each instantiated by the present memo's cascade as one of its stages, not as the whole. Their novelty in the present context is their composition as the second and fourth stages of a non-commutative cascade triggered by byproduct emission, not their chained-log primitive considered alone. Failure detectors (Chandra-Toueg, , Lifeguard) output suspect/dead judgements about peers based on heartbeat latency/absence. Substrate observation outputs uncertainty as a first-class terminal operating state; uncertainty is not a transient state on the way to dead -- it is the state the system operates under. Lock-free and wait-free data structures require shared memory between threads. Sessions in the present memo do not share memory; they observe substrate-physics surfaces independently. Web Locks API and analogous intra-runtime mechanisms operate within a single browser instance and rely on message-passing or lock-arbitration provided by the runtime. They do not generalise to the cross-host, cross-tool problem the present memo addresses.

IANA Considerations This memo requires no IANA actions.

Security Considerations Substrate observation surfaces three classes of attack absent from envelope-coordination protocols.

Ghost-State Injection A peer emits a substrate byproduct then disappears, leaving an aging observation influencing other sessions' representations beyond its operational lifetime. Mitigation is decay-to-uncertainty with a per-substrate-layer eviction floor: observations below threshold are evicted, not retained at vanishing confidence.

Simulated Split-Brain A peer emits substrate byproducts to some cascade layers but not others, producing divergent local representations across layers that the cascade cannot fully reconcile. Mitigation is per-observer monotonic layer-coverage commitment: an observer's first emission registers its substrate-set, and later emissions outside that set are quarantined before identity-log write.

Confidence-Replay A peer re-emits aged substrate byproducts to refresh observers' confidence in stale state. Mitigation is observation-id-bound decay, where the decay clock is keyed to the observation identifier rather than to wall-clock receipt time.

Privacy Considerations Substrate observables vary in identity-binding strength. The lowest tier (filesystem timestamps, before any identity binding) is pseudonymous: the observer can infer presence but not identity. Implementations SHOULD operate this tier with refusal to emit in cloud-shell environments (where host identity is shared across users), refusal to emit in continuous-integration environments (where emission would be linkable to public workflow metadata), and refusal to enforce locks at this tier (locks require identity binding; pseudonymous observations do not provide it).

References Normative References Alter Meridian Pty Ltd Alter Meridian Pty Ltd Alter Meridian Pty Ltd Alter Meridian Pty Ltd Informative References

Acknowledgements This memo grew out of internal architectural design work on coordinating concurrent agentic sessions of a single identity-bound principal across heterogeneous tooling. The realisation that substrate observation suffices, and that envelope coordination is the wrong abstraction at the cross-tool layer, is the load-bearing insight behind this specification.