Researchers have mapped the growing literature on always-on AI agents and found a significant blind spot in how the field thinks about memory.
A survey covering 435 coded works examines what its authors call persistent-state systems: AI agents whose behavior changes based on accumulated history across interactions. That history is not just conversation memory — it includes task ledgers, credentials, permissions, commitments, and audit records. The researchers analyzed this landscape through six lenses: authority, scope, mutability, provenance, recoverability, and actionability. Their finding is blunt. The field knows how to write and retrieve state. It has not figured out how to govern, roll back, or forget it.
That gap matters because agents with durable state are not hypothetical. They are already being deployed in workflows where they hold credentials, make commitments, and trigger external effects. A system that accumulates permissions and records without a reliable way to audit or revoke them is not just technically incomplete — it is a governance liability. The survey connects always-on agents to established fields like distributed systems and machine unlearning precisely because those disciplines have already wrestled with how state goes wrong at scale.
To make the problem concrete, the authors introduce AOEP-v0, a pilot evaluation framework that scores agents on state mutation and recovery obligations rather than answer quality alone. Whether that protocol gains traction is an open question — the history of AI safety benchmarks suggests labs adopt the ones that flatter their models and quietly ignore the rest.