Multi-Agent Coordination in the Agential Semioverse

1. Introduction

The agential semioverse defines individual agents and their execution semantics: an internal agent $A = (Σ, K, Π)$ selects interaction operators from its skillset $K$ according to its policy $Π$ and applies them to a partial state $u \in U$ . The specification addresses single-agent execution in detail but does not address what happens when multiple agents act on the same state concurrently.

In practice, this vault uses parallel agent sessions for performance. Three patterns recur:

Fan-out across directory subtrees. A coordinator agent partitions the vault into disjoint directory subtrees and spawns worker agents, one per subtree. Each worker applies the same skill template (e.g., cross-linking, style checking, reference auditing) to its subtree. Workers run concurrently and do not touch each other’s files.
Pipeline composition. One agent’s output feeds the next. For example, an audit agent produces a list of broken references; a repair agent reads that list and creates stubs; a style-check agent then verifies the stubs conform to PTGAE.
Config-driven batch operations. Multiple agents share a configuration artifact (e.g., a JSON file specifying cross-link targets). Each agent reads the config but only modifies files in its assigned region. Only the coordinator may update the config itself.

Formalizing these patterns requires extending the existing framework with region ownership, non-interference conditions, and composition theorems. This document provides that extension.

We assume familiarity with the base structures: the complete Heyting algebra $H$ with modal closure $j$ and trace comonad $G$ ; the definable operator algebra $Op^{def}$ ; fragments $F (H)$ as finitely generated modal-temporal Heyting subalgebras; partial states $U = P (H) \times P (Op^{def})$ ; the composite closure operator $S = S_{fus} \circ S_{syn} \circ S_{sem}$ with least fixed point $X^{⋆}$ ; thing handles $Thing$ with semantic seeds $η : Thing \to H$ ; thing fragments $F_{τ, X}$ ; footprints $Foot_{X} (τ) = S_{X} (F_{τ, X})$ ; and interaction operators $Int$ as monotone endomorphisms of $U$ satisfying fragment-preservation, closure-compatibility, provenance extension, and failure monotonicity. We also assume the agential extension: agent profiles $P (a) = (role_{a}, goals_{a}, policy_{a}, Skills_{a}, Tools_{a}, Mem_{a})$ , internal agents $A = (Σ, K, Π)$ , the skill calculus $Skill^{def}$ , policy-restricted interpretation $[[s]]_{a}$ , and the agential closure operator $S_{agent}$ with its least fixed point $A^{⋆}$ .

2. Regions

We formalize the notion of a “region” within the fragment lattice that corresponds to a directory subtree in the ASR implementation.

Definition 2.1 (Region). A region $R \subseteq F (H)$ is a downward-closed subset of the fragment lattice: if $F \in R$ and $F^{'} \subseteq F$ with $F^{'} \in F (H)$ , then $F^{'} \in R$ .

Downward closure captures the intuition that if a region owns a fragment, it also owns all subfragments of that fragment. In the ASR implementation, a region $R_{d}$ for directory $d$ contains all fragments whose thing handles lie under $d$ in the filesystem hierarchy.

Definition 2.2 (Region generated by a directory). Given a directory path $d$ and the set $Thing_{d} = {τ \in Thing : τ lies under d}$ , define the directory region:

$R_{d} = {F \in F (H) : every generator of F lies in ⋃_{τ \in Thing_{d}} F_{τ, X}} .$

Then $R_{d}$ is downward-closed by construction, since subfragments of fragments generated by things under $d$ are themselves generated by elements from things under $d$ .

Definition 2.3 (Disjoint regions). Two regions $R_{1}, R_{2}$ are disjoint if $R_{1} \cap R_{2} = \emptyset$ : no fragment belongs to both regions.

Definition 2.4 (Region cover). A region cover of $F (H)$ is a finite family ${R_{i}}_{i = 1}^{n}$ such that every fragment $F \in F (H)$ belongs to at least one $R_{i}$ . A region cover is disjoint if the $R_{i}$ are pairwise disjoint.

Lemma 2.5 (Directory subtrees give disjoint regions). If $d_{1}, \dots, d_{n}$ are directories with pairwise disjoint filesystem subtrees (no $d_{i}$ is an ancestor of $d_{j}$ for $i \neq = j$ , and their subtrees do not overlap), then $R_{d_{1}}, \dots, R_{d_{n}}$ are pairwise disjoint regions.

Proof. A thing handle $τ$ lies under at most one $d_{i}$ (since the subtrees are disjoint in the filesystem), so $F_{τ, X}$ belongs to at most one $R_{d_{i}}$ . Fragments are generated by thing-handle denotations; a fragment whose generators come from disjoint thing-handle sets cannot belong to two distinct directory regions.

3. Region-Restricted Agents

We define what it means for an agent to operate within a region.

Definition 3.1 (Region-restricted skillset). Given an agent $A = (Σ, K, Π)$ and a region $R$ , define the region-restricted skillset:

$K ∣_{R} = {E \in K : for all u \in U, if F \in / R then E (u) ∣_{F} = u ∣_{F}} .$

That is, $K ∣_{R}$ contains exactly those interaction operators in $K$ that act as the identity on fragments outside $R$ .

Definition 3.2 (Region-restricted agent). The region-restricted agent $A ∣_{R} = (Σ, K ∣_{R}, Π ∣_{R})$ where:

$Σ$ is unchanged (the agent retains its internal state space);
$K ∣_{R}$ is the restricted skillset from Definition 3.1;
$Π ∣_{R} (σ, u) = Π (σ, u) \cap K ∣_{R}$ restricts operator selection to $K ∣_{R}$ .

Lemma 3.3 (Fragment identity outside region). If $E \in K ∣_{R}$ , then $E$ is fragment-preserving on $F (H) ∖ R$ : for every fragment $F \in / R$ , $E (u) ∣_{F} = u ∣_{F}$ .

Proof. This is the defining property of $K ∣_{R}$ (Definition 3.1).

Lemma 3.4 (Region restriction preserves admissibility). If $E \in K$ is an admissible interaction operator (monotone, fragment-preserving, closure-compatible, provenance-extending, failure-monotone), then $E \in K ∣_{R}$ is also admissible.

Proof. Restricting the set of fragments an operator may modify does not weaken monotonicity, fragment-preservation, closure-compatibility, provenance extension, or failure monotonicity. Each property holds for all fragments; restricting to identity on some fragments preserves the property on the remaining ones.

4. Non-Interference Theorem

The central result: agents restricted to disjoint regions do not interfere with each other.

Theorem 4.1 (Non-interference). Let $A_{1}, A_{2}$ be agents restricted to disjoint regions $R_{1}, R_{2}$ , with $R_{1} \cap R_{2} = \emptyset$ . Let $E_{1} \in K ∣_{R_{1}}$ and $E_{2} \in K ∣_{R_{2}}$ . Then:

(i) Commutativity. $E_{1} \circ E_{2} = E_{2} \circ E_{1}$ on $U$ .

(ii) Admissibility of composite. The composite $E_{1} \circ E_{2}$ is an admissible interaction operator.

(iii) Preservation of all admissibility conditions. Fragment-preservation, closure-compatibility, provenance extension, and failure monotonicity hold for $E_{1} \circ E_{2}$ .

Proof sketch.

For (i): Let $u \in U$ and let $F$ be any fragment. There are three cases:

$F \in R_{1} ∖ R_{2}$ : Then $E_{2}$ acts as identity on $F$ , so $(E_{1} \circ E_{2}) (u) ∣_{F} = E_{1} (u) ∣_{F}$ . Similarly, $(E_{2} \circ E_{1}) (u) ∣_{F} = E_{2} (E_{1} (u)) ∣_{F} = E_{1} (u) ∣_{F}$ since $E_{2}$ acts as identity on $F$ regardless of the state.
$F \in R_{2} ∖ R_{1}$ : Symmetric argument.
$F \in / R_{1} \cup R_{2}$ : Both operators act as identity on $F$ , so both composites yield $u ∣_{F}$ .

Since the composites agree on every fragment, and partial states are determined by their fragment restrictions (by the sheaf condition, Theorem 15.2 of the Interactive Semioverse specification), $E_{1} \circ E_{2} = E_{2} \circ E_{1}$ .

For (ii): Monotonicity composes. Fragment-preservation holds because each operator preserves fragments in the other’s region and its own. Closure-compatibility: for any $X$ ,

$S ((E_{1} \circ E_{2}) (X)) = S (E_{1} (E_{2} (X))) \geq E_{1} (S (E_{2} (X))) \geq E_{1} (E_{2} (S (X)))$

where the first inequality uses closure-compatibility of $E_{1}$ and the second uses closure-compatibility of $E_{2}$ together with monotonicity of $E_{1}$ . Provenance extension and failure monotonicity compose because each operator independently extends provenance and preserves failure marks in its region, and acts as identity elsewhere.

For (iii): This follows from (ii) and the observation that each admissibility condition is preserved under composition of operators satisfying it (established in the base Interactive Semioverse specification for monotonicity, fragment-preservation, and closure-compatibility).

5. Parallel Composition

We define a parallel composition operator for region-restricted agents.

Definition 5.1 (Parallel composition). Given agents $A_{1} ∣_{R_{1}}, \dots, A_{n} ∣_{R_{n}}$ with pairwise disjoint regions (i.e., $R_{i} \cap R_{j} = \emptyset$ for all $i \neq = j$ ), define the parallel composition:

$A_{1} ∥ A_{2} ∥ \dots ∥ A_{n}$

as the agent whose step operator applies each $E_{i} \in K ∣_{R_{i}}$ concurrently. Formally, the composite step operator is:

$E_{A_{1} ∥ \dots ∥ A_{n}} (u) = (E_{n} \circ \dots \circ E_{1}) (u)$

where each $E_{i}$ is selected by $Π_{i} ∣_{R_{i}}$ .

By Theorem 4.1(i), the result does not depend on the ordering of operators: for any permutation $σ$ of ${1, \dots, n}$ ,

$E_{σ (n)} \circ \dots \circ E_{σ (1)} = E_{n} \circ \dots \circ E_{1} .$

Theorem 5.2 (Parallel composition preserves admissibility). The parallel composition $A_{1} ∥ \dots ∥ A_{n}$ is an admissible agent: its step operator is monotone, fragment-preserving, closure-compatible, provenance-extending, and failure-monotone.

Proof. By induction on $n$ . The base case $n = 1$ is trivial. For the inductive step, apply Theorem 4.1(ii)-(iii) to the composite of $E_{n}$ with the operator for $A_{1} ∥ \dots ∥ A_{n - 1}$ , noting that $R_{n}$ is disjoint from $R_{1} \cup \dots \cup R_{n - 1}$ .

Corollary 5.3 (Order independence). The parallel composition is well-defined up to fragmentwise extensional equality: the result depends on the set ${(A_{i}, R_{i})}$ but not on any enumeration of that set.

6. Sequential Composition with Handoff

Not all multi-agent coordination involves disjoint regions. We formalize the sequential case.

Definition 6.1 (Handoff predicate). A handoff predicate is a monotone function $h : U \to {true, false}$ : if $h (u)$ holds and $u \leq u^{'}$ , then $h (u^{'})$ holds. The predicate checks that a partial state satisfies the preconditions for a subsequent agent to begin work.

Definition 6.2 (Sequential composition with handoff). Given agents $A_{1}, A_{2}$ and a handoff predicate $h$ , define the sequential composition with handoff:

$A_{1};_{h} A_{2}$

as the agent that executes $A_{1}$ repeatedly until $h$ holds on the resulting state, then executes $A_{2}$ . Formally, let $E_{A_{1}}^{(k)}$ denote $k$ applications of $A_{1}$ ‘s step operator. Define:

$E_{A_{1};_{h} A_{2}} (u, σ_{1}, σ_{2}) = E_{A_{2}} (E_{A_{1}}^{(k^{⋆})} (u, σ_{1}), σ_{2})$

where $k^{⋆} = min {k : h (E_{A_{1}}^{(k)} (u, σ_{1})_{U}) = true}$ , and $(-)_{U}$ projects to the state component. If no such $k^{⋆}$ exists, execution diverges (liveness failure; see Section 10).

Lemma 6.3 (Connection to work-unit chains). A sequential composition $A_{1};_{h} A_{2}$ is a two-element chain in the work-unit model (as defined in the work-units-and-chains specification): $A_{1}$ ‘s execution is the first work unit, $A_{2}$ ‘s execution is the second, and $h$ is the token-availability check that enables the second transition.

Proof. In the Petri net model, $A_{1}$ is a transition whose output places include a place $p_{h}$ representing the handoff condition. The predicate $h$ holds exactly when $p_{h}$ has a token. $A_{2}$ is a transition with $p_{h}$ as an input place. The two-element chain fires $A_{1}$ first (consuming input tokens, producing $p_{h}$ ), then fires $A_{2}$ (consuming $p_{h}$ and producing final output tokens). This is exactly the sequential composition $A_{1};_{h} A_{2}$ .

Lemma 6.4 (Sequential composition preserves admissibility). If $E_{A_{1}}$ and $E_{A_{2}}$ are admissible interaction operators, then $E_{A_{1};_{h} A_{2}}$ is admissible, provided $k^{⋆}$ exists.

Proof. Finite compositions of admissible interaction operators are admissible (monotonicity, fragment-preservation, closure-compatibility, provenance extension, and failure monotonicity all compose). The composite $E_{A_{2}} \circ E_{A_{1}}^{(k^{⋆})}$ is a finite composition.

7. Shared Configuration Artifacts

In practice, agents share configuration artifacts (e.g., cross-link-config.json). We formalize read-only shared state.

Definition 7.1 (Shared artifact). A shared artifact is a thing handle $τ_{config} \in Thing$ whose fragment $F_{τ_{config}, X}$ is designated as read-only for a set of participating agents. Formally, given a set of agents ${A_{1}, \dots, A_{n}}$ and a designated coordinator agent $A_{c}$ :

Every agent $A_{i}$ may read $F_{τ_{config}, X}$ (include it in the interaction surface for any skill invocation);
Only $A_{c}$ may modify $F_{τ_{config}, X}$ ;
For every non-coordinator agent $A_{i}$ ( $i \neq = c$ ), the policy enforces:

$Π_{i} (σ, u) \cap {E \in K_{i} : E modifies F_{τ_{config}, X}} = \emptyset.$

This is a monotone restriction on policy: the predicate $Pol_{a_{i}} (s, in, X) = false$ whenever skill $s$ with input $in$ would modify $τ_{config}$ and $a_{i}$ is not the coordinator.

Lemma 7.2 (Shared artifacts do not break non-interference). Let $A_{1} ∣_{R_{1}}, \dots, A_{n} ∣_{R_{n}}$ be region-restricted agents sharing a read-only artifact $τ_{config}$ . If $F_{τ_{config}, X} \in / R_{i}$ for any $i$ (i.e., the config fragment is not in any worker’s region), then non-interference (Theorem 4.1) still holds.

Proof. Each worker’s operators act as identity on fragments outside their region, and the config fragment is outside every worker’s region. Workers read the config fragment but do not modify it. Reading is observation, not mutation: it does not change the state in $U$ , so it introduces no conflict between operators. The commutativity proof from Theorem 4.1 applies without modification.

8. Fan-Out Pattern

The fan-out pattern is the primary parallelism mechanism in this vault. We formalize it as a composition theorem.

Definition 8.1 (Fan-out). Given:

a task $T$ specified by a skill template $s \in Skill^{def}$ ,
a disjoint region cover ${R_{1}, \dots, R_{n}}$ of the relevant portion of $F (H)$ ,
a shared configuration artifact $τ_{config}$ ,
a coordinator agent $A_{c}$ and worker agents $A_{1}, \dots, A_{n}$ ,

a fan-out is the following execution:

$A_{c}$ produces $τ_{config}$ (applying a skill that creates the configuration artifact).
Each $A_{i} ∣_{R_{i}}$ executes $s$ with $τ_{config}$ as input, modifying only fragments in $R_{i}$ .
By Theorem 4.1, steps (2) for all $i$ can execute in parallel.
$A_{c}$ collects effect reports from each $A_{i}$ and produces a summary.

Formally, the fan-out is the sequential-then-parallel composition:

$A_{c}^{init};_{h_{config}} (A_{1} ∣_{R_{1}} ∥ \dots ∥ A_{n} ∣_{R_{n}});_{h_{done}} A_{c}^{collect}$

where $h_{config}$ checks that $τ_{config}$ exists in the state, and $h_{done}$ checks that all workers have produced effect reports.

Theorem 8.2 (Fan-out equivalence). Let $A_{seq}$ be a single agent that applies skill $s$ to each region $R_{i}$ in sequence (in any order), reading $τ_{config}$ at each step. Then the fan-out produces a result that is fragmentwise extensionally equal to $A_{seq}$ :

$E_{A_{1} ∣_{R_{1}} ∥ \dots ∥ A_{n} ∣_{R_{n}}} (u) \equiv_{F} E_{A_{seq}} (u)$

for every fragment $F \in F (H)$ .

Proof sketch. By Theorem 4.1(i), the parallel composition is independent of ordering. The sequential agent applies operators to disjoint regions in some order. Since each operator acts as identity outside its region (Lemma 3.3), the sequential composition in any order produces the same result as the parallel composition (each fragment is modified by at most one operator). The sheaf condition (Theorem 15.2 of the Interactive Semioverse specification) guarantees that agreement on every fragment implies agreement on the global state, so the results are fragmentwise extensionally equal.

Corollary 8.3 (Fan-out preserves admissibility). The fan-out execution is admissible: the composite operator is monotone, fragment-preserving, closure-compatible, provenance-extending, and failure-monotone.

Proof. Apply Theorem 5.2 to the parallel phase and Lemma 6.4 to the sequential phases. Composition of admissible operators is admissible.

9. Pipeline Pattern

We formalize the pipeline pattern, where the output of one skill feeds the input of the next.

Definition 9.1 (Pipeline). Given a sequence of skills $s_{1}, s_{2}, \dots, s_{k} \in Skill^{def}$ such that the output schema $T_{out}^{(i)}$ of $s_{i}$ is compatible with the input schema $T_{in}^{(i + 1)}$ of $s_{i + 1}$ (there exists a monotone map $ϕ_{i} : T_{out}^{(i)} \to T_{in}^{(i + 1)}$ translating outputs to inputs), define the pipeline:

$s_{1};_{h_{1}} s_{2};_{h_{2}} \dots;_{h_{k - 1}} s_{k}$

where each handoff predicate $h_{i}$ checks that $s_{i}$ has produced output satisfying $ϕ_{i}$ ‘s domain.

Each skill invocation is a work unit in the sense of the work-units-and-chains specification. The pipeline is a $k$ -element chain.

Lemma 9.2 (Pipeline admissibility). A pipeline $s_{1};_{h_{1}} \dots;_{h_{k - 1}} s_{k}$ is admissible if each $s_{i}$ is admissible and each handoff predicate $h_{i}$ is satisfiable (i.e., there exists a state $u$ such that $h_{i} ([[s_{i}]] (u, in_{i})_{U})$ holds).

Proof. By induction on $k$ , using Lemma 6.4 at each step. Satisfiability of $h_{i}$ ensures that $k^{⋆}$ exists at each handoff, preventing divergence.

Theorem 9.3 (Pipeline composite effect). The pipeline’s composite effect on partial states is the composition of individual skill effects:

$[[s_{1};_{h_{1}} \dots;_{h_{k - 1}} s_{k}]] (u, in_{1}) = ([[s_{k}]] \circ \dots \circ [[s_{1}]]) (u, in_{1}, ϕ_{1}, \dots, ϕ_{k - 1})$

where each $in_{i + 1} = ϕ_{i} (out_{i})$ and $out_{i}$ is the output of $s_{i}$ .

Theorem 9.4 (Provenance trace concatenation). The composite provenance trace of a pipeline is the concatenation of individual provenance traces:

$trace (s_{1};_{h_{1}} \dots;_{h_{k - 1}} s_{k}) = trace (s_{1}) \cdot trace (s_{2}) \dots trace (s_{k})$

where $\cdot$ denotes concatenation in the provenance history category $P (F)$ (Section 9 of the Interactive Semioverse specification).

Proof sketch. Each skill invocation produces a provenance record (Section on Execution Semantics in the Agential Semioverse specification). Sequential composition concatenates records. The refinement morphisms in $P (F)$ respect concatenation because provenance histories compose functorially (Lemma 9.1 of the Interactive Semioverse specification).

10. Coordination Correctness

We define four correctness conditions for multi-agent coordination and relate them to established Petri net properties.

Definition 10.1 (Safety). A multi-agent coordination is safe if no agent modifies fragments outside its assigned region. Formally, for each agent $A_{i} ∣_{R_{i}}$ and each execution step $Exec (a_{i}, s, in, u) = (u^{'}, out, trace)$ :

$for all F \in / R_{i}, u^{'} ∣_{F} = u ∣_{F} .$

This is guaranteed by construction when agents use region-restricted skillsets (Definition 3.1).

Definition 10.2 (Liveness). A multi-agent coordination is live if, whenever all agents’ skills are admissible and all handoff predicates are satisfiable, the coordination completes in finitely many steps. No agent blocks indefinitely waiting for a resource held by another agent.

In the parallel case with disjoint regions, liveness holds trivially: agents cannot contend for shared resources, so deadlock is impossible. In the sequential case, liveness reduces to satisfiability of each handoff predicate.

Definition 10.3 (Equivalence). A multi-agent coordination is equivalent to a single-agent execution if the result is fragmentwise extensionally equal to some sequential single-agent execution. Formally, there exists an ordering $σ$ of all skill invocations across all agents such that:

$E_{A_{1} ∥ \dots ∥ A_{n}} (u) \equiv_{F} E_{σ (1)} \circ \dots \circ E_{σ (m)} (u)$

for every fragment $F \in F (H)$ , where $E_{σ (i)}$ are the individual skill invocations in order $σ$ .

For parallel compositions with disjoint regions, equivalence holds for every ordering (Theorem 4.1). For sequential compositions, equivalence holds for the given ordering.

Definition 10.4 (Provenance completeness). A multi-agent coordination has complete provenance if every modification to the state is traced to an agent, a skill, and an input. Formally, for every fragment $F$ and every element $a \in F$ that differs between the initial and final state, there exists a provenance history in $P (F)$ that records which agent applied which skill with which input to produce $a$ .

Theorem 10.5 (Correctness of parallel fan-out). A fan-out (Definition 8.1) with pairwise disjoint regions satisfies all four correctness conditions: safety, liveness, equivalence, and provenance completeness.

Proof.

Safety: Each worker $A_{i} ∣_{R_{i}}$ uses the region-restricted skillset $K ∣_{R_{i}}$ , which by definition acts as identity outside $R_{i}$ (Lemma 3.3).
Liveness: Workers operate on disjoint regions and share no mutable state (the shared config is read-only). No contention occurs, so no deadlock is possible. The sequential phases (coordinator init and collect) complete if their skills are admissible and handoff predicates are satisfiable.
Equivalence: By Theorem 8.2, the parallel execution is fragmentwise extensionally equal to any sequential ordering.
Provenance completeness: Each worker produces an effect report (required by the Agential Semioverse specification, Section on Effect Reports). The coordinator collects these reports. Every modification is traceable to a worker, skill, and input through the individual effect reports.

Remark 10.6 (Relationship to Petri net properties). The correctness conditions correspond to standard Petri net properties as described in the petri-nets-and-lean specification:

Safety corresponds to boundedness: each place (fragment ownership token) has at most one token (one owning agent). The coordination is 1-bounded on ownership places.
Liveness corresponds to liveness in the Petri net sense: every intended transition can eventually fire. For disjoint-region parallelism, all transitions are independent (no shared input places), guaranteeing liveness. For sequential compositions, liveness reduces to reachability of the handoff marking.
Equivalence corresponds to confluence: different firing sequences reach the same marking. For disjoint-region parallelism, this follows from the independence of transitions sharing no input or output places.
Provenance completeness corresponds to observability: every transition firing is recorded. The effect report requirement of the Agential Semioverse ensures that every firing (skill invocation) produces an observable output.

11. Mixed Coordination

Real workflows combine parallel and sequential phases. We define the general composition.

Definition 11.1 (Coordination term). The set $Coord$ of coordination terms is generated by:

$c ::= A ∣_{R} ∣ c_{1} ∥ c_{2} ∣ c_{1};_{h} c_{2}$

where $A ∣_{R}$ is a region-restricted agent, $∥$ is parallel composition (requiring disjoint regions), and $;_{h}$ is sequential composition with handoff.

Theorem 11.2 (General coordination correctness). A coordination term $c \in Coord$ satisfies safety, liveness, equivalence, and provenance completeness if:

(i) Every $∥$ node has children with pairwise disjoint regions.

(ii) Every handoff predicate $h$ in a $;_{h}$ node is satisfiable given the preceding phase’s output.

(iii) Every leaf agent $A ∣_{R}$ uses only admissible interaction operators.

Proof. By structural induction on $c$ . The base case (single agent) is given by the Agential Semioverse specification. The parallel case uses Theorem 5.2. The sequential case uses Lemma 6.4.

12. Discussion

This specification extends the Agential Semioverse with three capabilities: region-restricted execution, parallel composition over disjoint regions, and sequential composition with typed handoffs. The key insight is that the fragment lattice already provides the locality structure needed for concurrency: if two operators modify disjoint sets of fragments, they commute.

The sheaf condition on the fragment fibration (Theorem 15.2 of the Interactive Semioverse) plays a structural role: it guarantees that fragmentwise equality implies global equality, which is what lets us prove that parallel and sequential executions produce the same result.

Three directions remain open:

Overlapping regions. The non-interference theorem requires disjoint regions. In practice, some operations (e.g., cross-linking) touch fragments in multiple directory subtrees. Extending the theory to handle overlapping regions requires either a locking discipline or a merge operation on conflicting fragment modifications. The sheaf gluing condition (Theorem 15.2) provides a candidate merge semantics, but conflict resolution (when two agents produce incompatible modifications to the same fragment) requires additional structure.
Dynamic region assignment. The current formalization assigns regions statically before execution begins. A dynamic scheme, where regions are negotiated or reallocated during execution, would require extending the policy function to include region claims and a protocol for resolving competing claims. This connects to the colored Petri net extensions mentioned in the petri-nets-and-lean specification.
Lean formalization. The theorems in this document admit formal proofs in Lean 4. The fragment lattice is a finite distributive lattice (a special case of a Heyting algebra); region restriction is a sublattice operation; commutativity of operators on disjoint sublattices is a standard algebraic fact. A Lean encoding would provide machine-checked guarantees that fan-out and pipeline executions preserve all admissibility conditions.

emsenn

Explorer