0. Security Scope Note

This entry is conceptual and systems-oriented.

It does not treat all delegation, representation, proxy access, relays, intermediaries, managed services, agents, vendors, identity providers, trustees, guardians, representatives, APIs, legal counsel, platform mediation, institutional roles, or chain-of-command systems as inherently failed.

Systems often need proxies.

Proxy or relay structures may be valid when they are:

• traceable
• bounded
• auditable
• revocable
• source-accountable
• scope-limited
• consent-compatible
• signal-preserving
• incentive-audited
• representation-valid
• evidence-preserving
• boundary-respecting
• correction-compatible
• transparent about authority
• not allowed to replace the source without review

The failure begins when the relay path drifts away from the source relation.

A valid proxy preserves the source’s intent, boundary, signal, and accountability.

A failed proxy becomes a substitute authority.

Proxy-Relay Drift occurs when the intermediary path becomes more powerful, more visible, or more operationally decisive than the source it was meant to transmit or represent.

The problem is not proxy use.

The problem is proxy authority drifting beyond source accountability.

1. Definition

Proxy-Relay Drift occurs when authority, responsibility, signal, consent, representation, access, accountability, or decision power is routed through intermediaries whose relay function gradually distorts, filters, delays, captures, or redirects the original relation, causing the proxy path to become more authoritative than the source it was meant to serve.

The proxy may be:

• agent
• vendor
• platform
• representative
• intermediary
• identity provider
• API gateway
• legal representative
• guardian
• trustee
• contractor
• managed service provider
• security provider
• institutional office
• compliance reviewer
• governance board
• moderation layer
• AI assistant
• model intermediary
• data broker
• proxy account
• admin role
• delegated authority
• reporting channel
• support channel
• appeal channel
• policy interpreter
• public spokesperson

The relayed object may be:

• consent
• authority
• representation
• identity
• responsibility
• access
• evidence
• risk
• harm
• repair obligation
• signal
• complaint
• appeal
• permission
• credential
• intent
• policy
• legal standing
• user voice
• affected-state reality
• operational state
• security status
• accountability

The drift may occur through:

• incentive divergence
• relay delay
• selective filtering
• scope expansion
• source invisibility
• delegated authority creep
• responsibility diffusion
• proxy capture
• opaque handoff
• access mediation
• misrepresentation
• stale delegation
• intermediary gatekeeping
• reporting distortion
• vendor opacity
• automated proxy decisions
• evidence translation loss
• proxy conflict of interest
• chain-of-command insulation
• legal or institutional shielding
• interface capture

The core failure is:

source relation requires mediation
→ proxy is introduced
→ proxy gains operational authority
→ source signal becomes filtered or delayed
→ accountability diffuses
→ proxy path becomes authoritative
→ source reality is displaced
→ hidden debt accumulates

Proxy-Relay Drift is not merely a relay error.

It is intermediary authority becoming detached from source accountability.

2. Core Pattern

The core pattern is:

1. A system needs delegation, representation, access mediation, or signal relay.
2. A proxy path is created.
3. The proxy makes coordination easier.
4. The proxy gains operational authority.
5. The source becomes less directly visible.
6. The proxy begins filtering, translating, delaying, or selecting signal.
7. Accountability becomes distributed across the chain.
8. Authority remains usable while responsibility becomes harder to locate.
9. The proxy path becomes trusted by default.
10. Source reality can no longer easily correct proxy output.
11. The proxy’s incentives shape the relation.
12. Hidden debt accumulates in the gap between source and relay.

A healthy system says:

proxy authority is valid only while source traceability, consent, revocation, and accountability remain intact

A drifted proxy system says:

the proxy says it, therefore the source relation is satisfied

Proxy-Relay Drift often hides inside professionalism, service, efficiency, legal form, security control, or organizational hierarchy.

The relay seems normal.

The chain exists.

The representative speaks.

The vendor reports.

The dashboard summarizes.

The agent acts.

But the source may no longer be in control of what is being represented.

3. Failure Signature

Typical signature:

proxy dependency↑
source visibility↓
relay distortion↑
delegation scope drift↑
accountability diffusion↑
consent relay integrity↓
revocation viability↓
proxy incentive divergence↑
hidden proxy debt↑
O↓

Extended signature:

source speaks,
proxy filters

authority travels,
responsibility dissolves

consent relayed,
scope expands

evidence enters,
summary governs

representation claims,
represented disappears

proxy acts,
source pays

Common verbal signatures include:

we are acting on their behalf
the vendor handles that
the representative approved it
the system passed the request through
that is what the proxy reported
the user is represented by this role
the agent had authority
the provider manages that risk
we do not have direct access
the intermediary confirmed it
the chain of command was followed
the approval came through the proper channel

Common system signatures include:

a vendor reports security status while hiding operational exposure
an identity provider mediates user access and becomes a control point
a legal representative settles claims without full affected-state repair
an AI assistant acts as user proxy while shaping or filtering user intent
a platform reports community sentiment through engagement metrics rather than user voice
a managed security provider accepts risk on behalf of a customer without source visibility
an institutional office represents affected parties while protecting the institution
a proxy account accumulates permissions beyond the original delegate’s scope

The defining condition is not that a proxy exists.

The defining condition is that the proxy path drifts enough to displace source signal, consent, authority, or accountability.

4. Primary U-Layer Origin

Common origin layers:

• U1 — Power / Budgets: proxy structures preserve authority, reduce liability, simplify operations, or create profitable mediation.
• U2 — Configuration / Boundaries: delegation boundaries are unclear, broad, stale, or technically over-permissive.
• U3 — Execution / Runtime: operational workflows rely on proxy outputs rather than direct source verification.
• U4 — Information / Truth: proxy summaries, reports, or statuses replace source reality.
• U5 — Coordination / Time: relay delays and handoffs distort signal over time.
• U6 — Coherence Field: legitimacy attaches to representative forms rather than represented states.
• U7 — Memory / Recurrence: old delegations and proxy records persist after source conditions change.
• U8 — Environment / Field: markets, institutions, platforms, or legal systems reward mediated representation over direct accountability.

Common manifestation layers:

• U1 — Power: proxy authority becomes shield.
• U2 — Boundaries: source boundaries are crossed through delegated scope.
• U3 — Execution: actions are performed through proxy chains.
• U4 — Truth: relay output becomes official truth.
• U5 — Time: stale delegation and delayed correction accumulate.
• U6 — Field: trust degrades when source reality is displaced.

Proxy-Relay Drift is primarily a Ψ / Au / BΣ / O failure.

The interface and audit path relay the relation but gradually lose traceability to the source.

5. Typical Development Sequence

A common development sequence is:

1. A direct relation becomes difficult to manage.
2. A proxy or intermediary is introduced.
3. The proxy improves coordination.
4. The system begins trusting proxy outputs.
5. Source visibility decreases.
6. Proxy scope expands.
7. Proxy incentives diverge.
8. Source correction becomes harder.
9. Accountability becomes distributed across handoffs.
10. Decisions are made from proxy state.
11. The proxy’s interpretation replaces source reality.
12. Source burden accumulates.
13. Errors or abuses are difficult to assign.
14. Proxy-relay drift becomes structural.

The loop often looks like:

delegation → convenience → proxy authority → source invisibility → accountability diffusion

Another common loop is:

source challenges proxy → proxy controls channel → challenge filtered → proxy authority persists

Proxy-Relay Drift becomes durable when the proxy controls the path by which proxy error must be corrected.

6. Diagnostic Markers

Diagnostic markers include:

• Source claims and proxy reports diverge.
• Delegated authority continues after the original context changes.
• The proxy cannot reconstruct source consent, scope, or intent.
• Accountability requires tracing through multiple intermediaries.
• Each intermediary claims limited responsibility.
• The represented node cannot directly contest proxy action.
• Proxy incentives differ from source interests.
• Source evidence is summarized before reaching decision-makers.
• Proxy status becomes official status.
• Revocation is difficult or delayed.
• Proxy accounts accumulate excessive permissions.
• Decisions are made from vendor or platform reports without source evidence.
• The proxy benefits from remaining necessary.
• Affected states carry burden created by proxy action.
• The system cannot identify who had final authority.

Useful diagnostics:

• Proxy Traceability: Tests whether proxy action can be traced to source authority.
• Delegation Scope Integrity: Measures whether proxy scope remains valid.
• Relay Signal Integrity: Tests distortion, delay, filtering, and summarization loss.
• Representation Validity: Tests whether the proxy still represents the source.
• Accountability Diffusion: Measures responsibility loss across intermediaries.
• Consent Relay Integrity: Tests whether consent survives relay paths.
• Proxy Incentive Divergence: Measures conflict between proxy and source incentives.
• Revocation Viability: Tests whether source can remove or limit proxy authority.
• Source-Proxy Divergence: Measures difference between source reality and proxy output.
• Hidden Proxy Debt: Tracks burden created by relay drift and unresolved proxy action.

7. Related Gates

Relevant gates include:

• Proxy Traceability Gate: Fails when proxy action cannot be traced to source authority.
• Delegation Scope Gate: Fails when proxy authority exceeds valid scope.
• Relay Integrity Gate: Fails when signal is distorted, delayed, or filtered.
• Representation Validity Gate: Fails when the proxy no longer represents the source.
• Accountability Continuity Gate: Fails when responsibility dissolves across intermediaries.
• Consent Relay Gate: Fails when consent loses validity through relay.
• Proxy Incentive Gate: Fails when intermediary incentives capture the relation.
• Revocation Gate: Fails when the source cannot withdraw or revise delegation.
• Source Access Gate: Fails when direct source reality cannot reach the system.
• Auditability Gate: Fails when proxy chains cannot be inspected.

The first common gate failure is usually the Proxy Traceability Gate.

Once proxy action cannot be traced back to source authority, proxy output can become independent power.

8. Related Operators

Relevant operators include:

• Ψ — Observation / Interface: Primary operator; proxy paths mediate what is seen and transmitted.
• Au — Auditability: Determines whether proxy chains remain traceable.
• BΣ — Boundary Integrity: Defines delegation scope and source boundaries.
• O — Coherence: Declines when source reality and proxy output diverge.
• Γ — Selection: Selects which source signals the proxy transmits.
• H — Hidden Debt: Accumulates as unresolved proxy error, misrepresentation, and burden.
• K — Constraint / Load: Rises as correction must pass through intermediaries.
• M — Meaning: Representation language can detach from represented reality.
• Φ — Flow / Resource Movement: Routes authority, data, access, responsibility, and value through proxies.
• G — Gain: Rewards proxy control, dependency, liability diffusion, or mediation profit.
• Λ — Compatibility: Tests whether proxy relation remains compatible with source needs.
• R — Restoration Capacity: Needed to repair harm caused by proxy drift.
• Τ — Trajectory / Time: Tracks stale delegation and drift accumulation.
• E — Exit: Measures ability to remove proxy authority or leave proxy chain.

Common operator pattern:

source delegates through Ψ
proxy gains operational authority
Γ filters signal
Au weakens across chain
BΣ scope drifts
H accumulates
accountability diffuses
O declines

The core operator inversion is:

proxy output → source reality

instead of:

proxy output + traceability + valid scope + source correction + revocation + accountability → usable representation

Proxy-Relay Drift makes the intermediary path more real to the system than the source.

9. Related Laws and Invariants

Related Laws

• Proxy Authority Must Remain Source-Accountable: proxy power is valid only while traceable to the source.
• Delegation Must Preserve Traceability: authority chains must remain reconstructable.
• Representation Must Not Replace the Represented: proxy claims cannot erase affected reality.
• Relay Paths Must Preserve Signal Integrity: mediation must not distort source signal beyond declared limits.
• Intermediaries Must Not Capture Consent: consent cannot become proxy property.
• Accountability Must Not Dissolve Across Proxies: responsibility must remain assignable.
• Proxy Chains Must Remain Auditable: handoffs require inspection.
• Access Through Proxy Must Preserve Boundary Integrity: delegated access must respect source boundaries.
• Proxy-Relay Drift: intermediaries can become self-authorizing.
• Representation / Proxy Abuse: proxy roles can exploit represented nodes.
• Auditability Collapse: proxy chains can obscure inspection.
• Consent Drift: consent can decay through relay and scope expansion.

Related Invariants

• Proxy Claims Must Remain Traceable to Source: representation requires source linkage.
• Delegated Authority Must Remain Revocable: source must be able to withdraw proxy power.
• Relay Signals Must Preserve Integrity: distortion and summarization must be bounded.
• Proxy Chains Must Preserve Accountability: responsibility cannot disappear through handoff.
• Representation Must Remain Consent-Compatible: proxy action must remain authorized by the represented.
• Intermediary Incentives Must Be Audited: proxy interests must be checked for divergence.
• Proxy Scope Must Remain Bounded: delegated authority must not expand silently.
• Affected-State Evidence Must Bypass Captured Proxies When Needed: direct source paths are required where proxy capture appears.

10. Common False Positives

Not every proxy relationship is Proxy-Relay Drift.

Common false positives include:

• Clear delegation with documented scope.
• Proxy action that remains traceable to source authority.
• Intermediaries with strong audit and revocation.
• Representation with active source participation.
• Vendor reporting validated by direct evidence.
• Managed services with transparent responsibility boundaries.
• Legal or institutional representation that preserves affected-state voice.
• AI agents that act within narrow, revocable permissions.
• Identity providers with least-privilege access and clear logs.
• APIs that preserve source attribution and authorization.
• Relay chains that maintain signal integrity and accountable ownership.
• Proxy structures with independent oversight and conflict review.

Clarifying rule:

This is not Proxy-Relay Drift unless the intermediary path distorts, captures, delays, filters, or redirects source authority, signal, consent, responsibility, or accountability while retaining operational power.

Proxies can serve coherence.

They fail when the relay becomes the authority.

11. Common False Repairs

Common false repairs include:

• adding another proxy to supervise the first proxy
• requiring more reports from the same intermediary
• documenting the relay chain without restoring source access
• adding dashboards that summarize proxy state
• asking the proxy to certify its own alignment
• adding contract clauses without audit access
• allowing revocation only through the proxy
• creating appeal paths controlled by the proxy
• changing representative language while preserving control
• treating source complaints as communication problems
• moving responsibility to a different intermediary
• creating responsibility matrices that diffuse responsibility further
• auditing proxy outputs but not source-proxy divergence
• using proxy convenience to justify continued mediation
• preserving stale delegations for operational continuity

False repair often produces the loop:

proxy drift exposed
→ oversight proxy added
→ source access remains blocked
→ relay chain lengthens
→ accountability diffuses further

Another common loop is:

source challenges proxy
→ proxy produces report
→ report becomes evidence
→ source reality remains displaced

The repair fails because it strengthens the relay chain without restoring source accountability.

12. Restoration Direction

Restoration requires tracing proxy authority to source, bounding delegation scope, restoring source visibility, protecting revocation, auditing intermediary incentives, preserving signal integrity, and reconstructing accountability chains.

Primary restoration direction:

make the proxy answerable to the source again

A fuller restoration path includes:

1. Identify the proxy chain. Map agents, vendors, representatives, platforms, APIs, offices, and intermediaries.
2. Trace source authority. Determine who or what the proxy claims to represent or relay.
3. Audit delegation scope. Identify valid authority, expired scope, and overreach.
4. Measure source-proxy divergence. Compare proxy output with source reality.
5. Inspect relay integrity. Test distortion, delay, filtering, translation, or summarization loss.
6. Audit proxy incentives. Identify where intermediaries benefit from drift or dependency.
7. Restore source access. Create direct paths for source evidence, correction, and contestation.
8. Restore revocation. Ensure delegated authority can be withdrawn or narrowed.
9. Clarify accountability. Assign responsibility across the chain without diffusion.
10. Limit proxy authority. Reduce permissions and scope to necessary function.
11. Preserve evidence across handoffs. Keep source context traceable.
12. Repair affected-state burden. Address harm caused by proxy misrepresentation or delay.
13. Remove captured relays where needed. Bypass or replace intermediaries that cannot remain source-accountable.
14. Revalidate representation. Confirm the proxy still serves the represented source.
15. Monitor drift recurrence. Watch for scope creep, stale delegation, and renewed proxy capture.

A valid restoration path should reduce:

source-proxy divergence
relay distortion
delegation scope drift
accountability diffusion
consent relay failure
proxy incentive divergence
revocation failure
hidden proxy debt

Proxy-Relay Drift is not repaired by making the proxy more polished.

It is repaired by restoring source control, traceability, and accountability.

13. Cross-Module Links

• Security: Primary family; proxy chains often mediate access, authorization, identity, audit, and responsibility.
• Core: Strongly linked to Auditability Collapse and Forced Coupling.
• Cybernetics: Proxy-Relay Drift appears when control signal and responsibility drift through relay structures.
• Interactions: Consent Drift and coupling failures emerge when proxy authority exceeds source compatibility.
• Justice: Proxy-relay obfuscation can hide responsibility and block redress.
• Contracts: Contractual representatives, vendors, and delegated authorities can diffuse accountability.
• AI Governance: AI agents, assistants, evaluators, and institutional proxies can act or speak for users without preserving source intent.
• Platforms: Platforms often become proxy layers for identity, speech, moderation, payment, and access.
• Institutions: Offices and representatives can claim to speak for affected nodes while filtering their reality.
• Interfaces: Interfaces can be proxy relays that present summaries as source truth.
• Coherence: Coherence requires proxies to remain source-accountable, scope-bounded, and auditable.

14. Relationship to Parent / Child Modes

Production treatment: Standalone Entry / Canon-Aligned

This mode maps upward to:

• FM-C-015 — Proxy-Relay Drift
• FM-SEC-011 — Representation / Proxy Abuse / AIM Failure
• FM-JC-010 — Proxy-Relay Obfuscation
• FM-AIX-001 — Responsibility Diffusion
• FM-MT-007 — Resource Gatekeeping Loop

Sibling or related Security modes include:

• FM-SEC-004 — Consent Theater / Invalid Authorization
• FM-SEC-005 — Interface Capture
• FM-SEC-007 — Silent Extraction / Parasitic Coupling
• FM-SEC-009 — Over-Surveillance Inversion
• FM-SEC-010 — Emergency Normalization
• FM-SEC-011 — Representation / Proxy Abuse / AIM Failure
• FM-SEC-012 — Exit Failure / Recapture
• FM-SEC-016 — Attention-Control Pseudo-Coherence
• FM-SEC-025 — CCS Suspension Fallacy

Related cross-family modes include:

• FM-C-015 — Proxy-Relay Drift
• FM-CORE-004 — Auditability Collapse
• FM-CORE-008 — Forced Coupling
• FM-ISC-009 — Consent Drift
• FM-MT-007 — Resource Gatekeeping Loop
• FM-JC-010 — Proxy-Relay Obfuscation
• FM-JC-011 — Locked-In Renegotiation Failure
• FM-AIX-001 — Responsibility Diffusion
• FM-AIX-016 — Standingless Instrumentalization
• FM-AIX-019 — Node Capture
• FM-REI-002 — Reduction-to-Authority Lock
• FM-SEC-011 — Representation / Proxy Abuse / AIM Failure

Aliases preserved from source material:

• Proxy-Relay Drift
• Proxy Relay Drift
• Proxy Drift
• Relay Drift
• Representation Drift
• Delegation Drift
• Proxy Capture
• Relay Capture
• Proxy-Relay Obfuscation
• Intermediary Authority Drift

15. Minimal Entry Version

Definition: Proxy-Relay Drift occurs when authority, responsibility, signal, consent, representation, access, accountability, or decision power is routed through intermediaries whose relay function gradually distorts, filters, delays, captures, or redirects the original relation, causing the proxy path to become more authoritative than the source it was meant to serve.

Signature:

proxy dependency↑
source visibility↓
relay distortion↑
delegation scope drift↑
accountability diffusion↑
consent relay integrity↓
revocation viability↓
proxy incentive divergence↑
hidden proxy debt↑
O↓

Restoration direction:

• identify the proxy chain
• trace source authority
• audit delegation scope
• measure source-proxy divergence
• inspect relay integrity
• audit proxy incentives
• restore source access
• restore revocation
• clarify accountability
• limit proxy authority
• preserve evidence across handoffs
• repair affected-state burden
• remove captured relays where needed
• revalidate representation
• monitor drift recurrence

16. Machine-Readable Summary

failure_mode:
  id: "FM-SEC-008"
  name: "Proxy-Relay Drift"
  family: "Security"
  production_treatment: "Standalone Entry / Canon-Aligned"
  parent_modes:
    - "FM-C-015 — Proxy-Relay Drift"
    - "FM-SEC-011 — Representation / Proxy Abuse / AIM Failure"
    - "FM-JC-010 — Proxy-Relay Obfuscation"
    - "FM-AIX-001 — Responsibility Diffusion"
    - "FM-MT-007 — Resource Gatekeeping Loop"
  primary_failure: "Authority, responsibility, signal, consent, representation, access, accountability, or decision power is routed through intermediaries whose relay function gradually distorts, filters, delays, captures, or redirects the original relation, causing the proxy path to become more authoritative than the source it was meant to serve."
  source: "UTS — Failure Modes Registry"
  source_id: "FM-SEC-008"
  scope_note: "Conceptual and systems-oriented; does not treat all delegation, representation, proxy access, relays, intermediaries, managed services, agents, vendors, identity providers, trustees, guardians, representatives, APIs, legal counsel, platform mediation, institutional roles, or chain-of-command systems as inherently failed."
  aliases:
    - "Proxy-Relay Drift"
    - "Proxy Relay Drift"
    - "Proxy Drift"
    - "Relay Drift"
    - "Representation Drift"
    - "Delegation Drift"
    - "Proxy Capture"
    - "Relay Capture"
    - "Proxy-Relay Obfuscation"
    - "Intermediary Authority Drift"
  signature:
    - "proxy dependency↑"
    - "source visibility↓"
    - "relay distortion↑"
    - "delegation scope drift↑"
    - "accountability diffusion↑"
    - "consent relay integrity↓"
    - "revocation viability↓"
    - "proxy incentive divergence↑"
    - "hidden proxy debt↑"
    - "O↓"
  primary_layers:
    origin:
      - "U1 — Power / Budgets"
      - "U2 — Configuration / Boundaries"
      - "U3 — Execution / Runtime"
      - "U4 — Information / Truth"
      - "U5 — Coordination / Time"
      - "U6 — Coherence Field"
      - "U7 — Memory / Recurrence"
      - "U8 — Environment / Field"
    manifestation:
      - "U1 — Power"
      - "U2 — Boundaries"
      - "U3 — Execution"
      - "U4 — Truth"
      - "U5 — Time"
      - "U6 — Field"
  state_variables:
    - "Ψ"
    - "Au"
    - "BΣ"
    - "O"
    - "Γ"
    - "H"
    - "K"
    - "M"
    - "Φ"
    - "G"
    - "Λ"
    - "R"
    - "Τ"
    - "E"
  first_gate_failure: "Proxy Traceability Gate"
  restoration:
    - "Proxy Traceability Audit"
    - "Delegation Scope Review"
    - "Relay Integrity Restoration"
    - "Representation Validity Review"
    - "Accountability Chain Reconstruction"
    - "Consent Relay Revalidation"
    - "Proxy Incentive Audit"
    - "Revocation Path Restoration"
    - "Source Access Restoration"
    - "Proxy Chain Simplification"