Dorothy Washington trusts her pharmacist. She has filled prescriptions at the same location for nine years, through two ownership changes and three different lead pharmacists. The current pharmacist knows her medications, warns her about interactions without being asked, and once called her physician directly when a new prescription conflicted with her cardiac regimen. Dorothy trusts the pharmacist’s competence. She trusts the pharmacist’s intention to help her.
She does not trust the pharmacy’s pricing. She has watched the same generic medication fluctuate in price by $15 across three months for no reason she can identify. She has seen the pharmacy push a brand-name alternative when the generic was in stock. She has received automated refill reminders that felt more like sales pressure than service.
Dorothy’s trust in her pharmacy is not a number. It is a structure: high competence, high benevolence from the pharmacist personally, low integrity from the corporate pricing practices, and variable context depending on whether the interaction is about medication management or cost. A system that models trust as a single scalar, a “trust score” of 0.72, has collapsed Dorothy’s nuanced relationship into a number that is wrong in every specific dimension and accidentally right only in aggregate.
Why trust is not a scalar#
The integration surface architecture (BMT-03.02) describes five trust tiers, TIER_1A through TIER_5E, that govern what external agents can do through the membrane. The tiers are effective for access control. They are insufficient for understanding the person’s actual trust relationship with each agent, because a tier is a gate, and a gate is binary: you are at this level or you are not.
Trust Vector Quantization, TVQ, models the dimensions underneath the tier. The trust the person has in an external agent is a vector with sixteen or more dimensions, grouped into four families.
Competence dimensions measure whether the agent does its job well. Does the pharmacy fill prescriptions accurately? Does the transportation service arrive on time? Does the health information agent provide correct answers? Competence is observable through outcome tracking: the system watches whether the agent’s commitments are fulfilled and whether the outcomes are positive for the person. The measurement is domain-specific. For a pharmacy agent, competence includes dispensing accuracy, interaction flagging completeness, and refill timing reliability. For a transportation agent, competence includes on-time arrival, route selection quality, and accessibility accommodation accuracy. The competence dimensions are defined per agent category in the codebook, not per individual agent, which ensures that all agents in a category are measured against the same standard.
Integrity dimensions measure whether the agent behaves consistently with its stated purpose and its declared terms. Does the pharmacy charge the price it quoted? Does the insurance agent present coverage options without hidden constraints? Does the vendor agent disclose all relevant terms before requesting a commitment? Integrity is harder to observe than competence because it requires evaluating what the agent did relative to what it said it would do, not merely what it did in isolation. The attack resistance architecture (BMT-03.06) feeds integrity assessment: agents that trigger manipulation detection patterns score lower on integrity dimensions. Price consistency tracking is a specific integrity signal: if an agent’s pricing varies by more than a threshold amount across similar interactions without disclosed justification, the integrity dimension decays.
Benevolence dimensions measure whether the agent acts in the person’s interest when it could act in its own. Does the pharmacist advocate for the person when there is a conflict between profit and care? Does the care coordinator follow up on referrals even when there is no financial incentive? Does the insurance agent mention a coverage option that costs the insurer more but serves the person better? Benevolence is the hardest dimension to measure because it is most visible in the moments the system cannot observe: the pharmacist who called Dorothy’s physician did so out of concern, not because the system asked. The system can observe the outcome (the call was made, the conflict was resolved) but cannot observe the motivation. Benevolence scoring relies on patterns of behavior over time, particularly behavior in situations where acting in the person’s interest costs the agent something. An agent that consistently selects the option that costs it more but serves the person better accumulates benevolence evidence. An agent that consistently selects the option that costs the person more when cheaper alternatives exist accumulates negative benevolence evidence.
Contextual dimensions capture trust variation across interaction types. Dorothy trusts her pharmacy for medication management and distrusts it for pricing. A trust vector that averages across contexts produces a misleading aggregate. Contextual dimensions maintain separate trust assessments for different interaction types within the same agent relationship. The pharmacy’s competence for medication dispensing is tracked separately from its integrity in pricing, because these are different trust claims about the same entity. The number of context categories per agent is bounded: typically three to five, defined by the agent’s category in the codebook. Excessive granularity would make the vector unmanageable. Insufficient granularity would collapse the contextual variation that makes TVQ meaningful.
Quantization into tiers#
The sixteen-plus dimensional trust vector could operate as a continuous space: each dimension a value between 0.0 and 1.0, updated with each interaction. TVQ quantizes instead, mapping the continuous vector into discrete tiers, for the same reason the integration surface uses discrete tiers rather than continuous scores: gaming resistance.
A continuous trust vector gives an adversarial agent a gradient to optimize against. If the agent can observe that its competence score is 0.68 and the threshold for expanded access is 0.70, it can engineer two successful interactions to close the gap. Quantized tiers replace the gradient with gates. The agent does not know its exact position within a tier. It knows only which tier it occupies. Moving to the next tier requires an evidence package, not an incremental score improvement.
The quantization uses a minimum-across-critical-dimensions rule. The tier is determined by the lowest score across a set of dimensions designated as critical for that agent’s category. A pharmacy agent’s critical dimensions include medication accuracy (competence), pricing transparency (integrity), and patient advocacy (benevolence). If the pharmacy scores high on accuracy and advocacy but low on pricing transparency, the tier is set by the pricing transparency score, not the average. This prevents the compensation attack: an agent that is excellent in one dimension cannot use that excellence to compensate for failure in another. Dorothy’s pharmacy cannot earn high trust through accurate dispensing while maintaining opaque pricing. Both must meet the threshold.
The codebook, the mapping from vector values to tier assignments, is shared across BlueMirror instances through a federated consensus mechanism. When a pharmacy agent earns TIER_4D in one instance, the tier has a defined meaning in any other instance using the same codebook. The codebook is not immutable. It evolves through a governance process that adjusts tier boundaries based on accumulated evidence about what behaviors predict trustworthy outcomes. But changes propagate through explicit codebook updates, not through individual instance drift. The governance process includes equity review: proposed codebook changes are evaluated through h-ABM simulation (BMT-11.01) for disparate impact across intersectional populations before deployment.
The person’s trust vector is stored in whichever zone hosts her MoC and P-RLHF model, consistent with the data residency architecture (BMT-07.01). For subscribers with a Local Pane device (Zone 1), the trust vector is computed and stored locally. For subscribers without Zone 1, the trust vector is computed in Zone 2 or Zone 3 and protected by the same privacy controls that govern MoC context. The trust vector itself is sensitive data: it reveals the person’s relationship structure, her assessment of the agents she interacts with, and indirectly her values and priorities. External agents never see the trust vector. They see only the tier assignment that results from it, and only their own.
Trust decay and asymmetric updating#
Trust is earned slowly and lost quickly. The asymmetry is architectural, not accidental.
Positive interactions increase the trust vector’s component values incrementally. A successful medication fill moves the competence dimension by a small amount. The amount decreases with each successive positive interaction in the same dimension, because the informational value of the hundredth successful fill is lower than the informational value of the fifth. Positive interactions are expected. They confirm the baseline. They do not transform the relationship.
Negative interactions decrease trust vector values by a larger amount, and the decrease does not diminish with repetition. The first pricing inconsistency drops the integrity dimension significantly. The second drops it further. The asymmetry reflects a well-documented finding in trust research: trust violations are more informative than trust confirmations. A pharmacy that fills 99 prescriptions correctly and prices one deceptively has revealed something about its pricing practices that the 99 correct fills did not reveal about its competence. The violation is a signal. The confirmations are noise reduction around an already-established baseline.
Inactivity causes trust decay across all dimensions, consistent with the tier-based decay described in BMT-03.02. An agent that has not interacted in 90 days may have changed ownership, changed pricing practices, changed its data handling, or changed its optimization objectives. The trust the person earned through prior interactions with a prior version of the agent should not persist indefinitely. Decay ensures that trust reflects current behavior, not historical goodwill.
What TVQ protects against#
TVQ protects against a specific class of failures that single-dimensional trust models miss.
The competent exploiter: an agent that is excellent at its primary function and uses that excellence to create trust that it then exploits for secondary objectives. The pharmacy that fills prescriptions accurately and uses the earned trust relationship to push unnecessary supplements. Under scalar trust, the supplement push happens within a “trusted” relationship. Under TVQ, the competence dimension is high but the integrity dimension decays as the supplement pushing is detected, and the tier is set by the minimum across critical dimensions.
The intermittent violator: an agent that behaves well in 95% of interactions and misbehaves in 5%. Under scalar trust, the 95% positive interactions overwhelm the 5% negative, and the score remains high. Under TVQ, the negative interactions have asymmetric impact, and the specific dimensions they affect do not wash out in the average of other dimensions. The pharmacy that prices transparently in January and opaquely in February has its integrity dimension affected by the February behavior regardless of its January behavior.
The context-switcher: an agent that has earned trust in one context and attempts to transfer it to another. The transportation service that has provided reliable rides for six months and then begins requesting health information “to better serve your needs.” Under scalar trust, the high overall score makes the health information request seem reasonable. Under TVQ, the contextual dimensions are separate: the agent’s competence in transportation does not confer trust in health data handling.
Dorothy’s experience with her pharmacy would produce, under TVQ, a vector that reflects her actual relationship: high competence in medication management, declining integrity in pricing, high benevolence from the individual pharmacist, and a tier set by the pricing integrity score that prevents the pharmacy from earning the access level its dispensing accuracy alone would justify. The vector captures what Dorothy knows intuitively. The system acts on it structurally.
TVQ and equity#
TVQ connects to the equity framework through a specific mechanism. If TVQ scoring systematically produces lower trust tiers for agents serving specific demographic populations, the ISHI framework (BMT-11.01) detects the pattern. The question ISHI asks is whether trust tier distributions differ across intersectional identities in ways that are not explained by agent behavior differences. If agents serving predominantly Black subscribers in the rural South receive systematically lower trust scores than agents serving predominantly white subscribers in suburban areas, two explanations are possible: the agents genuinely behave differently, or the trust scoring is biased. ISHI investigates by comparing actual behavior metrics across populations. If the behavior metrics are equivalent but the scores differ, the scoring mechanism needs recalibration. If the behavior differs, the disparity is in the agents, not the scoring, and the appropriate response is to improve agent quality in underserved markets rather than to lower the trust bar.
The distinction matters because adjusting the scoring to produce equitable tier distributions when agents genuinely behave worse in underserved markets would expose those subscribers to exactly the kind of exploitation TVQ is designed to prevent. Equity in trust scoring means equal measurement, not equal outcomes when the inputs differ. The population-level equity monitoring (BMT-11.04) tracks trust tier distributions as one of its equity signals, alongside outcome trajectories, autonomy metrics, and deployment path distributions.
Cross-References#
Trust Tiers and What They Unlock (BMT-03.02). The five-tier integration surface that TVQ’s multi-dimensional vectors map into through quantization.
Who You Are Is Not One Thing (BMT-05.04). I-ICE identity dimensions that inform trust assessment, because the same external agent may warrant different trust profiles for different people based on their intersectional context.
Irrationality Protection (BMT-11.03). The complementary protection layer: TVQ governs trust in external agents, while IVQ protects the person from exploitation of her own cognitive patterns.
Attack Resistance (BMT-03.06). The manipulation detection architecture whose findings feed TVQ’s integrity dimension scoring.
Technical Appendix BMT-11.02-A is available to partners and investors at partners.bluemirror.tech.