When one agent hands off to another (escalation, specialization, multi-step plan), state must travel with the request — but not all state should. The handoff envelope design affects privacy, correctness, and operational simplicity.
Minimum viable handoff
Conversation context (last N turns or summary), user identity scope (what's authorized), task description, deadline. Skip everything the receiving agent doesn't need. Less = better security + less coupling.
Signed handoff envelope
Wrap the handoff in a signed envelope: 'agent A asks agent B to do X for user U with scope S'. Receiver verifies signature, checks scope, executes. Trust without re-authentication round-trip.
Bidirectional state
Receiver may need to ask clarifications. Either: pass a callback URL the receiver can call back on, or: synchronous handoff (caller waits, receiver completes). Async handoff with callback is more scalable but more complex.
Handing back
After receiver completes, hand state back. What's the right summary? Full transcript is verbose; just final answer loses context the original agent needs. 'Action taken + key facts learned' is the typical sweet spot.
Audit trail
Log handoff events on both sides with shared correlation ID. Operational debugging requires being able to trace 'this request went through agents A → B → C; here's what each did'. Without this, multi-agent flows are opaque.