Agent delegation context in the authorize intent

[Ectsang]

Describe the feature

The authorize intent on the add-authorize-intent branch handles the case where the payer is the principal. In agent flows, the payer is usually an intermediary (AI agent spending on behalf of a human or org). The credential structure doesn't have a place for delegation proof. Is MPP intentionally leaving agent delegation to a higher layer (AP2, application logic), or is there a plan to handle it in the authorize intent itself?

Separately, the authorize intent scopes a spending cap to a single server. Agents that purchase across multiple services have no way to enforce a global budget. Is cross-service coordination something MPP plans to address, or is that explicitly out of scope?

Additional context

No response

[brendanjryan]

Hey! Both great questions

1. We are trying to keep delegation structure outside of the core payment flow for now. We think that can this can be easily composed without enshrining in the protocol.

2. For spend controls, we think those are best implemented at the instrument level (e.g. wallet) vs. the server.

Mental model here is that in cards, you implement spend controls on the physical card vs. having every merchant which uses that card communicate to establish baseline of spend controls. This scales better both physically and logically across existing payment methods.

[Ectsang]

Coming back to this since #226 landed -- now that authorize intent has servers maintaining durable state for remaining limits, curious how aggregate committed exposure across multiple authorize intents is meant to compose. Wallet-level, or something else?