Governed Caste Reassignment in Heterogeneous Swarms: An Asymmetric-Trust Protocol with Audited Operator Countersignature

2026-07-06Robotics

RoboticsCryptography and SecurityMultiagent Systems
AI summary

The authors study how robots in a mixed group can change roles based on needs like battery life or tasks. They say that when a robot gets a more powerful role, this change should be approved and logged for safety and trust reasons. They designed a system where safer role changes happen automatically, but upgrades need a human okay and are tracked with secure digital signatures. They tested their system with up to 100 robots and showed it stops several types of bad behavior and keeps a trustworthy record across multiple copies. Their work extends control from single robots to the whole group’s role management.

heterogeneous robot swarmscaste reassignmentprivilege escalationasymmetric-trust protocolMerkle audit logEd25519 signaturesByzantine fault tolerancedistributed consensusgovernancerole-based access control
Authors
Xue Qin, Simin Luan, Cong Yang, Zhijun Li
Abstract
In heterogeneous robot swarms, caste reassignment (rebinding a robot to a new capability-bound role) is a high-frequency runtime event driven by battery, payload, and priority changes. Existing approaches treat it as an internal allocation algorithm and do not expose the reassignment to external authority. We argue that for regulated embodied deployments a caste change that elevates a robot's privilege envelope is a governance event that must be auditable and externally authorised. We propose an asymmetric-trust protocol: auto-tightening reassignments (to safer, lower-privilege castes) are admitted automatically, while bounded relaxation (to higher-privilege castes) requires an operator countersignature against a per-axis budget. Each transition carries a signed cause-chain, committed to a hash-chained Merkle audit log that an offline auditor verifies from an operator-signed identity manifest alone. We evaluate a reference implementation with real Ed25519 signatures over fleets up to 100 robots: auto-tightening completes in single-digit to low-double-digit milliseconds, and the governed protocol refuses four explicit attacks (caste laundering, repeated-relaxation escalation, operator impersonation, cause-chain forgery) by construction, with a partially-governed baseline isolating which gate stops which attack and a randomized fuzz adversary finding no admission. A distributed audit layer replicates the log across N per-member replicas with quorum-committed total order and cryptographic fork exclusion; we prove agreement and fork exclusion and validate them both in simulation and as a real multi-process deployment over TCP sockets (up to 100 real processes) with a Byzantine equivocator, on which every honest replica agrees, detects the equivocation, and commits no fork. The construction generalises a single-agent persona-mutation governance gate to swarm-level caste governance.