Heartbeat-Bound Hierarchical Credentials: Cryptographic Revocation for AI Agent Swarms
The paper presents a new cryptographic protocol called Heartbeat-Bound Hierarchical Credentials (HBHC) designed for autonomous AI agent swarms. This protocol addresses the issue of credential revocation without requiring network connectivity, thereby preventing 'zombie agents' from executing privileged operations after shutdown. Evaluation shows significant improvements in revocation efficiency and performance compared to existing methods.
- ▪HBHC binds credential validity to periodic parent liveness proofs, eliminating the need for network round-trips.
- ▪The protocol achieves a 90 times reduction in the zombie window compared to OAuth 2.0.
- ▪Real-agent experiments indicate a 0.71% end-to-end overhead on tool calls and zero post-revocation tool calls under certain conditions.
Opening excerpt (first ~120 words) tap to expand
Computer Science > Cryptography and Security arXiv:2605.20704 (cs) [Submitted on 20 May 2026] Title:Heartbeat-Bound Hierarchical Credentials: Cryptographic Revocation for AI Agent Swarms Authors:Saurabh Deochake View a PDF of the paper titled Heartbeat-Bound Hierarchical Credentials: Cryptographic Revocation for AI Agent Swarms, by Saurabh Deochake View PDF HTML (experimental) Abstract:Autonomous AI agents that spawn sub-agent swarms create a safety gap: existing credential revocation mechanisms, OAuth~2.0 introspection, OCSP, and W3C Status Lists, require network connectivity to a central authority, leaving ``zombie agents'' executing privileged operations for minutes to hours after operator shutdown.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at arXiv cs.AI.
Discussion
0 commentsMore from arXiv cs.AI
