Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Safety as Computation: Certified Answer Reuse via Capability Closure in Task-Oriented Dialogue

Cosimo Spera

Abstract

We introduce a new paradigm for task-oriented dialogue systems: safety certification as a computational primitive for answer reuse. Current systems treat each turn independently, recomputing answers via retrieval or generation even when they are already derivable from prior state. We show that in capability-based systems, the safety certification step computes a fixed-point closure cl(At) that already contains every answer reachable from the current configuration. We operationalize this insight with a Certified Answer Store (CAS) augmented by Pre-Answer Blocks (PAB): at each certified turn, the system materializes all derivable follow-up answers together with minimal provenance witnesses. Subsequent queries are answered in sub-millisecond time via formal containment checks, eliminating redundant retrieval and generation.

Safety as Computation: Certified Answer Reuse via Capability Closure in Task-Oriented Dialogue

Abstract

We introduce a new paradigm for task-oriented dialogue systems: safety certification as a computational primitive for answer reuse. Current systems treat each turn independently, recomputing answers via retrieval or generation even when they are already derivable from prior state. We show that in capability-based systems, the safety certification step computes a fixed-point closure cl(At) that already contains every answer reachable from the current configuration. We operationalize this insight with a Certified Answer Store (CAS) augmented by Pre-Answer Blocks (PAB): at each certified turn, the system materializes all derivable follow-up answers together with minimal provenance witnesses. Subsequent queries are answered in sub-millisecond time via formal containment checks, eliminating redundant retrieval and generation.
Paper Structure (61 sections, 11 theorems, 7 equations, 4 tables, 3 algorithms)

This paper contains 61 sections, 11 theorems, 7 equations, 4 tables, 3 algorithms.

Table of Contents

  1. Introduction
  2. The core insight.
  3. The problem.
  4. The proposal.
  5. Why this is different from caching.
  6. Why this is different from prior safety work.
  7. Falsifiability.
  8. Contributions
  9. Background
  10. Capability Hypergraphs and Safety
  11. Capability Safety as Propositional Datalog
  12. Beyond-RAG Conversation Understanding
  13. MultiWOZ 2.2
  14. Pipeline, Capability Assembly, and Automatic Extraction
  15. Capability Assembly
  16. ...and 46 more sections

Key Result

Theorem 2.1

$R(F)$ is not closed under union: $\exists A, B \in R(F)$ with $A \cup B \notin R(F)$. The minimal counterexample requires $|V|{=}3$ and one conjunctive hyperarc. Any forbidden-productive hyperarc of fan-in $k$ forces $\geq 2^{k-1}{-}1$ unsafe pairs.

Theorems & Definitions (30)

  • Definition 2.1: Closure Operator and Monotonicity Assumption
  • Definition 2.2: Safe Region, Antichain, Safe Audit Surface
  • Theorem 2.1: Non-Compositionality; spera2026a
  • Theorem 2.2: Locality Gap; spera2026b
  • Definition 3.1: Capability Assembly Function and Completeness Assumption
  • Theorem 3.1: Pipeline Safety
  • proof
  • Definition 3.2: $\theta$-Soundness
  • Theorem 3.2: Extraction Soundness
  • proof
  • ...and 20 more