Anumati: Proof of Adherence as a Formal Consent Model for Autonomous Agent Protocols

TL;DR

This paper introduces Anumati, a formal consent model for autonomous agents that distinguishes proof of acceptance from proof of adherence, enhancing accountability in agent interactions.

Contribution

It formalizes a versioned, append-only consent model with primitives and extends existing agent protocols to improve accountability and compliance verification.

Findings

The model effectively captures adherence to evolving policies.

It extends A2A and MCP protocols without breaking compatibility.

A TLA+ specification and Python implementation are provided.

Abstract

As autonomous AI agents increasingly call other agents to complete tasks on behalf of a human principal, a structural accountability gap has emerged: the calling agent accepts the terms of service of the callee without any protocol-level mechanism to prove that it understood those terms or that it subsequently honoured them. Authentication protocols such as OAuth and mutual TLS establish who may call which capability. They do not address under what conditions a permitted call may be made, and those conditions change as the callee's policies evolve. In this paper we formalise the distinction between proof of acceptance (a timestamped acknowledgement) and proof of adherence (a per-action reasoning record citing the specific clause evaluated). We propose three primitives (PolicyDocument, ConsentRecord, and AdherenceEvent) that together constitute a versioned, append-only consent model for agent-to-agent communication. The model is instantiated as a non-breaking extension to two widely used agent protocols: the Agent2Agent (A2A) protocol and the Model Context Protocol (MCP). A TLA+ specification of the consent lifecycle, together with a reference Python implementation of the chain integrity and adherence trail validators, is available in the accompanying repository.