What question did this study set out to answer?

The aim is to establish a reliable governance framework for autonomous AI systems by utilizing hardware security measures.

February 5, 2026Open Access

The Citadel Protocol: A Reference Architecture for Hardware-Enforced Agentic Governance

Key Points

The aim is to establish a reliable governance framework for autonomous AI systems by utilizing hardware security measures.
Proposed The Citadel Protocol as a reference architecture
Utilized hardware attestation to bind agent identity to a Hardware Root of Trust
Enforced execution within a Trusted Execution Environment to ensure secure operations
Eliminated silent data corruption issues associated with 'Mercurial Core'
Achieved improved non-repudiation for high-value autonomous transactions
Reduced communication overhead in multi-agent coordination, addressing Policy Drift

Abstract

Abstract As Artificial Intelligence systems transition from chat-based interfaces ("Co-Pilots") to autonomous execution engines ("Agents"), the traditional software-based security perimeter (RBAC, IAM, OAuth) becomes insufficient. The complexity of multi-agent coordination creates an N(N-1)/2 communication overhead, leading to "Policy Drift" where probabilistic models bypass logical constraints. This paper proposes The Citadel Protocol, a reference architecture that replaces probabilistic governance with deterministic hardware attestation. By binding agent identity to a Hardware Root of Trust (HRoT) and enforcing execution inside a Trusted Execution Environment (TEE), we demonstrate a method for eliminating "Mercurial Core" silent data corruption and ensuring non-repudiation in high-value autonomous transactions. Keywords: Agentic AI, Hardware Root of Trust, TEE, Sovereign Cloud, Attestation, Governance, Citadel Protocol. License: CC-BY-4.0

Read Full Paperexternally

Mark Helpful

Bookmark

Relay

View Full Paper