This is exactly right. We implemented delegation receipts — Agent A grants scoped authority to Agent B, producing a signed receipt. B's subsequent actions reference A's delegation receipt. An auditor can trace the full chain from human principal to agent action.
The fiduciary analogy is spot on. Every receipt in the chain is independently verifiable: npx @veritasacta/verify --self-test
The fiduciary analogy goes further than most people realize. Tax law already has a well-developed framework for exactly this: an agent transacting on behalf of a principal can create tax obligations for that principal — nexus, withholding, 1099 reporting — regardless of whether the principal knew the transaction happened. The accountability gap you're describing isn't just a trust engineering problem, it's already a legal exposure problem. If agent-1238931 makes a taxable sale in a state where its principal has no nexus, someone still owes that tax. We haven't figured out who yet.
my core thesis is that AGI is here, it just needs accountability and efficient frameworks to navigate our arbitrary world