Four Identity Layers
| Layer | What | Purpose |
|---|---|---|
| Tenant | Organizational boundary | All resources scoped to a tenant |
| Human (Owner) | The person ultimately accountable | Every chain terminates at a human |
| Agent | Durable template (model, harness, tools) | Defines what kind of worker this is |
| AgentSession | Live execution context | The unit of accountability |
Dual Identity
Every event, artifact, and API call carries both the session identity AND the owner identity:- “What did Jane’s agents do last week?” → query by owner
- “What did the researcher agent do?” → query by agent
- “What happened in this session?” → query by session
Delegation
Authority flows downward through theparentSessionRef chain:
- A child’s authority is a subset of its parent’s
- A child’s timeout cannot exceed its parent’s remaining time
- The child inherits the parent’s owner (accountability doesn’t change)
- Delegation goes through the admission pipeline — no side-channel creation