Multi-agent systems face a fundamental architectural flaw: agent identity is bound to network location. When agents migrate between providers, scale across instances, or federate across organizations, URI-based identity schemes break references, fragment audit trails, and require centralized coordination. We propose the agent:// URI scheme, which decouples identity from topology through three orthogonal components: a trust root establishing organizational authority, a hierarchical capability path enabling semantic discovery, and a sortable unique identifier providing stable reference. The scheme enables capability-based discovery through DHT key derivation, where queries return agents by what they do rather than where they are. Trust-root scoping prevents cross-organization pollution while permitting federation when desired. Cryptographic attestation via PASETO tokens binds capability claims to agent identity, enabling verification without real-time contact with the issuing authority. We evaluate the scheme across four dimensions: capability expressiveness (100% coverage on 369 production tools with zero collision), discovery precision (F1=1.0 across 10,000 agents), identity stability (formal proofs of migration invariance), and performance (all operations under 5 microseconds). The agent:// URI scheme provides a formally-specified, practically-evaluated foundation for decentralized agent identity and capability-based discovery.
翻译:多智能体系统面临一个根本性的架构缺陷:智能体身份与网络位置绑定。当智能体在服务提供商间迁移、跨实例扩展或跨组织联邦化时,基于URI的身份方案会导致引用失效、审计轨迹碎片化,并需要集中式协调。我们提出agent:// URI方案,通过三个正交组件实现身份与拓扑的解耦:建立组织权威的信任根、支持语义发现的层次化能力路径,以及提供稳定引用的可排序唯一标识符。该方案通过DHT密钥派生实现基于能力的发现,查询将根据智能体的功能而非位置返回结果。信任根作用域机制在防止跨组织污染的同时,允许按需建立联邦关系。通过PASETO令牌的密码学证明将能力声明与智能体身份绑定,无需与签发机构实时交互即可完成验证。我们从四个维度评估该方案:能力表达能力(在369个生产工具上实现100%覆盖且零冲突)、发现精度(在10,000个智能体上F1=1.0)、身份稳定性(迁移不变性的形式化证明)和性能(所有操作低于5微秒)。agent:// URI方案为去中心化的智能体身份与基于能力的发现提供了形式化规范且经过实践验证的基础框架。