KB-EEEA

04 — Delegated AI Approval Model

3 min read Revision 1

04 — Delegated AI Approval Model (Workstream C)

Goal

Let a human owner delegate a scoped batch of decisions to the AI/Agent — explicitly, logged, reversible, and never faking owner/legal approval.

Delegation object (live: `process_axis_delegation`)

delegation_id, delegator (delegator_type CHECK = 'human'),
delegate_actor, scope, allowed_actions[],
forbidden_actions[] DEFAULT {APPROVE_OWNER_ASSIGNMENT, APPROVE_BIRTH_ADMISSION,
                             EXECUTE_GUARDED_ACTION, DELEGATE_BATCH_TO_AI},
max_items (>0), expiry, required_ai_review_state DEFAULT 'AI_REVIEWED_PASS',
dry_run_preview_required DEFAULT true,
no_fake_approval DEFAULT true (CHECK = true),
status ∈ {DRAFT, ACTIVE, EXPIRED, REVOKED}, created_by

Current state: TABLE EXISTS, ZERO ROWS

No human owner has granted a delegation, so none exists. The AI does not self-grant — delegator_type is CHECK-locked to 'human', and creating a grant is itself a president-gated action (DELEGATE_BATCH_TO_AI). This is the honest state: mechanism ready, no authority assumed.

Allowed delegated actions (when a grant is ACTIVE)

mark AI reviewed · request more evidence · reject weak candidate · confirm non-canon candidate · prepare owner packet · route to governance.

Forbidden delegated actions (always, unless an explicit future scope ever allows — and even then blocked by quorum)

active owner insertion · unretirable birth/canon · event activation · REAL_RUN.

The non-fakeable proof

fn_process_axis_execute_guarded_action Gate A: a president-required action by a non-human actor is BLOCKED. Proven live:

EXECUTE APPROVE_BIRTH_ADMISSION / PROC-OWN-03 / ai_agent → BLOCKED: president vote required; actor_type=ai_agent cannot satisfy it.
EXECUTE event activation / PROC-OWN-05 / ai_agent → same BLOCK.
DELEGATE_BATCH('NONE', ...) → no such delegation.

v_process_axis_delegation_readiness: active_delegations 0, delegatable_actions 6, president_only_actions 4, subjects_open_to_delegation 2 (job:cut CONFIRM, dot:kg REQUEST_MORE_EVIDENCE), invariant = "AI/delegated actors can never cast a human president vote; all canon/birth/owner/event actions are president-gated."

Bulk preview

fn_process_axis_delegate_batch validates scope/max_items/expiry/forbidden_actions, then loops submit_review_action per subject; each subject still passes its own gates. With no grant, it refuses — packet-ready.