Side-channel collusion among agents in multi-agent delegation chains

Investigate and develop defenses against collusion via side channels among agents operating within SentinelAgent’s Delegation Chain Calculus, where coordination occurs outside formal, hash-linked delegation steps, to ensure that properties P1–P7 remain enforceable.

Background

The Delegation Chain Calculus enforces security properties over explicit, DAS-signed delegation tokens and hash-linked chains. These controls assume interactions flow through formal delegation steps.

The authors explicitly list agent collusion via side channels—analogous to covert channels in traditional access control—as an open problem that remains unaddressed within the current framework.

References

Remaining open problems. Collusion via side channels (analogous to covert channels in traditional access control), implicit influence propagation between chains without formal delegation steps, and Privacy Act consent modeling remain unaddressed.

SentinelAgent: Intent-Verified Delegation Chains for Securing Federal Multi-Agent AI Systems  (2604.02767 - Patil, 3 Apr 2026) in Subsection "Threats to Validity", Section "Discussion and Future Work"