route.fast running sloth logoroute.fast
⌥ GitHub · CE Talk to us
← Back to route.fast

LIP-4D · Intent over Identity

Replacing identity with intention.

A new authentication paradigm for autonomous agents: replace keys and tokens with purpose, context and reason. Talk, don't type. Reason, don't authorize.

The future of access isn't a key — it's a conversation.

Read the protocol → vs OAuth & API keys
intent.dialogue// agent ⇄ guardian

A capability is negotiated, not presented — every grant carries its own audited "why".

Why LIP-4D

Static secrets don't fit agents that reason.

API keys and token flows are brittle and misaligned with agentic systems that reason, adapt and evolve. Agents initiate workflows, delegate tasks and negotiate access.

LIP-4D authorizes intent instead of identities — turning policy into a machine-verifiable dialogue.

OAuthUser-centric delegation; long-lived scopes.
API keysCoarse identity; static, leak-prone secrets.
LIP-4DIntent-centric, contextual, ephemeral, auditable.

Core principles

Three things every intent must carry.

// purpose

Purpose

What the agent seeks to do — articulated as verifiable goals, not a role it happens to hold.

// context

Context

Where, when and under which constraints the action is requested — scope, rate and risk made explicit.

// reason

Reason

Why this action is appropriate now — the rationale rendered as attestable, reviewable claims.

Protocol sketch

Five steps from intent to audited execution.

01 · Describe intent

The agent submits a signed intent

A structured request: { purpose, context, reason, evidence } — cryptographically signed by the agent.

02 · Policy dialogue

The guardian challenges

The resource guardian responds with constraints and the proofs it requires — rate, scope and risk thresholds.

03 · Attestation & proofs

The agent attaches verifiable claims

Supply-chain attestation, safety scores, sandbox results — whatever the guardian's policy demands.

04 · Ephemeral capability

The guardian issues a bound grant

On success, a capability bound to intent + context — short-lived and non-portable by design.

05 · Execution & audit

Every invocation keeps its "why"

The call carries the capability plus the signed intent; logs retain the negotiated rationale for audit.

Compatible with OAuth2 / OIDC. LIP-4D doesn't replace your identity layer — it issues the final, context-bound capability after an intent dialogue, on top of what you already run.

The shift

From identities to intentions.

OAuth

Delegated identity

User-centric delegation with long-lived scopes. Powerful for humans signing in — loose for agents acting autonomously.

API keys

Static secrets

A coarse, standing identity in a string. Easy to leak, hard to scope, and blind to why a call is being made.

LIP-4D

Negotiated intent

Intent-centric and contextual. Capabilities are ephemeral, non-portable and auditable — access becomes a verifiable conversation.

In practice

What it changes, where it fits, how it runs.

Outcomes

  • Fine-grained, revocable capability grants
  • Negotiated access with audit-ready rationales
  • Lower credential sprawl; less secret rotation
  • Policy as dialogue — machine-verifiable

Use cases

  • Agent-to-agent orchestration across vendors
  • High-risk operations requiring proofs (e.g. trades)
  • Data rooms with context-bound read windows
  • Safety-gated tool use (model-in-the-loop)

Operational notes

  • Short-TTL capabilities (seconds–minutes)
  • Deterministic policy prompts for repeatability
  • Cryptographic signing of intents and transcripts
  • Human override & escalation channels

LIP-4D in route.fast

The gate that authorises every action.

In route.fast, LIP-4D is the Gate step — validating identity, authorization, context and TTL before any change reaches the control plane. See it running in the open-source Community Edition.

Explore the code → How route.fast works