Heartbeat-Bound Hierarchical Credentials: Cryptographic Revocation for AI Agent Swarms
Saurabh Deochake
TL;DR
The paper introduces Heartbeat-Bound Hierarchical Credentials (HBHC), a cryptographic protocol enabling rapid credential revocation for AI agent swarms without network dependency, enhancing safety and reducing zombie agent windows.
Contribution
HBHC provides a network-independent, cryptographic revocation mechanism with bounded revocation delay, improving safety in autonomous AI agent swarms over existing methods.
Findings
90× reduction in zombie window compared to OAuth 2.0
0.26 ms full authentication latency in Rust
Over 18,000 verifications per second under load
Abstract
Autonomous AI agents that spawn sub-agent swarms create a safety gap: existing credential revocation mechanisms, OAuth~2.0 introspection, OCSP, and W3C Status Lists, require network connectivity to a central authority, leaving ``zombie agents'' executing privileged operations for minutes to hours after operator shutdown. We present Heartbeat-Bound Hierarchical Credentials (HBHC), a cryptographic protocol that binds credential validity to periodic parent liveness proofs. Verifiers enforce freshness using only a cached public key and local clock; no network round-trip is required. When heartbeat generation ceases, all descendant credentials become unusable within a deterministically bounded window , conditional on bounded clock skew and parent keys held in secure enclaves. Evaluation at the protocol layer and with real LLM-backed agent swarms…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.