feat: AuthorityResolver protocol interface for reputation-gated authority #275
Description
Context
PR #274 merged a design proposal by @aeoess for composing trust scoring with delegation chains (reputation-gated authority). Rather than embedding the composition logic directly into AgentMesh core, we want to expose extension interfaces so implementations can live in external packages.
Scope
Define and implement the following minimal interface changes in AgentMesh:
1. AuthorityResolver protocol
class AuthorityResolver(Protocol):
def resolve(
self,
identity: AgentIdentity,
delegation: Delegation | None,
action: ActionRequest,
trust_score: float,
) -> AuthorityDecision: ...The PolicyEngine calls the registered AuthorityResolver (if any) during evaluation, between delegation verification and capability enforcement.
2. TrustScoreChanged event
TrustManager emits an event when a score changes, enabling cache invalidation in external resolvers.
3. CapabilityModel.check() effective_scope override
Allow callers to pass an effective_scope that narrows the capability check, so authority resolvers can constrain the capability set without modifying the model itself.
4. Lineage-bound initial trust in identity.delegate()
When delegating, cap the child's initial trust score at min(default_score, parent_score). This is Invariant 6 from the proposal and likely belongs in core.
Non-goals
- The actual reputation-gated authority composition logic (this lives in external packages like Agent Passport System)
- Tier-capability mapping configuration (deployment-specific)
- Multi-step workflow transactional authority (future extension)
References
- Proposal: REPUTATION-GATED-AUTHORITY.md
- Issue: Cryptographic Identity Layer: Ed25519 agent passports + cascade revocation from Agent Passport System #140
- Agent Passport System: https://github.com/aeoess/agent-passport-system
/cc @aeoess