Back to Glossary
PROTO

Authority Control

principal authorizationtool allowlistVEX Authority pillar

Authority control is the mechanism by which every agentic action is cryptographically bound to an authorized principal and a declared scope.

THE IMPLICIT AUTHORIZATION PROBLEM

Most frameworks assume implicit authorization. This breaks under Indirect Injection or multi-agent delegation. Authority control transforms authorization from an implicit assumption into an explicit verifiable claim.

PROTOCOL CONTEXT (VEX — AUTHORITY PILLAR)

The Authority pillar contains a signed manifest: a list of permitted tools and action types, signed by the principal using a key rooted in their Silicon-Rooted Identity. Delegation chains are explicit.

ProvnAI Mitigation

McpVanguard verifies the authority manifest signature before processing any tool call. Tool identifiers not listed are blocked unconditionally. Delegation chains are validated against hardware identities.