Claude. Make me an app to track recipes. Make no mistakes.

We can model the problem of multi-agent synthesis formally as follows:

Given a prompt \(P :=\) "\(\textit{An app to track recipes}\)", we can define the formula \(\Phi(P)\) as the set of software consistent with the prompt:

\[ \Phi(P) := \{ \phi ~|~ \phi ~ \text{program} ∧ \phi ~\text{is consistent with the prompt}~P \} \]

The key point here is that a natural language prompt, by its very nature, is underspecified — i.e there may be multiple programs that are consistent with the prompt. When we use LLMs to build and write software systems, we're effectively asking the LLMs to select one element amongst many from this set.

Conversely, when we do multi-agentic software development, i.e we spin up several agents, \(A_1, ⋯, A_n\), and ask them to build a piece of software, we're essentially asking them each to produce software components \(\phi_1, ⋯, \phi_n\) such that they all refine one single consistent interpretation of the prompt:

\[ C(\phi_1, \cdots, \phi_n) := \exists \phi \in \Phi(P), \forall i, \phi_i ~\text{refines}~ \phi \]

This in other words, is nothing other than one big distributed consensus problem.

In other words, the users prompt \(P\) first gets sent split, via a plan, into tasks for several agents \(a_1, \cdots a_n\). Then, these agents work in parallel to implement their respective coding tasks \(\phi_1, \cdots, \phi_n\), and by the end, if the synthesis was successful, we're hoping, that the final generated software system \(\phi\) composed of each of the individual constructions \(\phi := \phi_1 || \cdots || \phi_n\), satisfies the users request.

This is inherently a consensus problem as the agents \(a_1,\cdots,a_n\) must work concurrently to produce their software artefacts \(\phi_1,\cdots,\phi_n\), but communicate and agree enough that the final piece of software \(\phi_1 || \cdots || \phi_n\) is well formed and satisfies the request. Design decisions or choices in one \(\phi_i\) will result in constraints that affect and influence the possible choices of \(\phi_i\) for other agents. For example, if the agent in charge of implementing network connections \(a_{\text{network}}\) chooses a library with a callback-style async API for requests, then whichever agent is responsible for the overall integration \(a_{\text{integration}}\) must organise the infrastructure around that choice and so on and so forth. Similar choices in other modules will influence the design spaces of other agents and overall the process proceeds as a joint synthesis problem.

As we complete our formal model of agentic software development, at this point, I'd like to also take a second to shoot down some obvious rebuttals.

1. Why is \(P\) underspecified (i.e. can't \(\|\Phi(P)\| = 1\))? This holds by the very nature of natural language as being ambiguous. As it turns out, we do have a way to give a precise and unambiguous specifications for software. It's called a programming language. Anything else leaves room for the agent to make design decisions. Another way of viewing this is that we could spend some time refining our initial prompt to make it less underspecified, but unless we go all the way to code (at which point, you're not using multiple agents, just one), there's going to be some degree of ambiguity to our prompt.
2. Is the problem inherently concurrent? The motivations for throwing multiple agents at a software system are somewhat outside the scope of this post, but as soon as we have made that decision and we have multiple agents working on our tasks, then the problem is inherently concurrent (irrespective of whether they're working in parallel, or interleaved on single thread), and we have to solve problems of coordination.
3. Can't we have a single supervisor to dictate choices? Why not have agents make proposals in parallel and then have some kind of supervisor which manages merging PRs into the shared codebase? Nice try! A git repo is a pretty standard approach to trying to coordinate parallel software development, but you haven't solved the fundamental concurrency problem, at best you've hard-coded yourself into a single choice of concurrency, and not a particularly good one: when one design decision is chosen and merged into the codebase, what happens to work that must be rebased? what if it has conflicts? Some work has to be lost.

The key point that I'm trying to convey here is not that you can't sometimes do multi-agentic software development while ignoring the concurrency problem – evidently people have had some success at software development with agents without pulling out Paxos — but rather that this perspective helps us be prescient about how we are resolving these fundamental concurrency problems with our coordination workflows. Now, if you take me out for a few drinks, maybe I'd go even further to say that if we want multi-agentic software development to truly scale, then these questions have to be thought about and answered carefully.

Now we have this formal model of agentic software development, it's time for the payoff of this blog post! Let's draw some connections to distributed systems and try and sketch out some impossibility results.

In this blog post, I've presented a high level formal model for agentic software development and then used to to draw links to a couple of the most important impossibility results from the distributed systems literature, FLP and Byzantine Generals. Hopefully through this narrative I've managed to help motivate how building these links can help us establish strong constraints on what agents will and won't be able to do as model capabilities improve.

As we conclude, I'd like to leave a few pointers to some other key distributed systems results that might be worth thinking about in the context of multi-agentic software development, but for which the precise links have been left as an exercise for the reader :) :

• Common Knowledge (Halpern & Moses, 1990) — This paper defines a formal model for reasoning about the flow of epistemic knowledge within a distributed system and establishes impossibility results for the existence of common knowledge in such systems.
• Partial Synchrony (Dwork, Lynch & Stockmeyer, 1988) — Dwork et al.'s Partial Synchronous model is the standard escape hatch to provide consensus despite FLP. The key trick in this work is to place upper bounds on message delays — in real distributed systems, devices do not wait indefinitely for messages to arrive, and will timeout and request resends. With this simplification, consensus becomes solvable at a cost of increased message complexixty.
• CAP Theorem (Gilbert & Lynch, 2002) — Of course, any post on "pop" distributed systems would not be complete without reference to the lauded CAP theorem! CAP, like FLP, provides an impossibility result which states that any distributed system must choose between at most two of Consistency (agents have consensus on their internal views), Availiability (agents are able to service requests eventually) and Partition tolerance (agents can still make progress even if some part of the network is inaccessible).²

So, where does this leave us? The argument I've been building through this post is that multi-agentic software development is fundamentally a distributed systems problem, and as such, it inherits impossibility results from the literature. The FLP theorem tells us distributed systems can not have both safety, liveness and fault tolerance. Lamport's Byzantine Generals tells us the precise bound on byzantine processes before consensus is impossible. Notice that neither of these results is dependent on agent intelligence.

The point is not that multi-agentic software development is not possible — people are certainly shipping real software with agents today, and they will probably be shipping more slop tomorrow. The argument I am making is more that these people are currently doing so by implicitly resolving these coordination problems, usually through ad-hoc mechanisms with no thought out guarantees or failure modes. The distributed systems literature has precise formalisms for all of these mechanisms, forty years of theorems about what they can and cannot solve for you, and clear rules for when and where different techniques should be applied.

This brings us nicely back to the quote from our introduction: "The best solution to agentic coordination is to just wait a few months." Maybe. I'll concede that, but even so, the impossibility results above are not transient artefacts of the capabilities of current models; they will not disappear as agents get smarter; they are inherent properties of the domain. Smarter agents may shrink the constants in our algorithms, but they will not, and can not, remove bounds. If we want multi-agentic software development to truly scale, then sooner or later someone has to actually do the work of designing protocols, languages, and tooling that solves the underlying coordination problems as a first-class concern rather than hoping it will go away.