Non-Blocking Governance: Escrow-Based Asynchronous Authorization for Human-Mediated Agent Oversight

The P9 MCP Governance Proxy establishes that safety can be enforced protocol-transparently for any MCP-compatible agent — but at a cost: when a tool call triggers a governance HALT, the suspended tool call blocks until a human returns a signed Accountability Proof Block (APB). This design sacrifices liveness for safety under inevitable human response delays. We resolve this tension by introducing escrow-based non-blocking governance. Non-blocking refers to continued agent progress: the suspended tool call remains in escrow while the agent session continues. When a risky tool call triggers a HALT, its state is serialised into a persistent escrow entry and deposited in a priority queue rather than blocking the agent pipeline. We formalise three results: T10.1 (Non-Blocking Soundness) — no risky tool call executes without a valid APB satisfying predicates V1–V6, with at-most-once execution semantics; T10.2 (Timeout Consistency) — fallback decisions are locally equivalent to explicit governance decisions; T10.3 (Escrow Liveness) — the first liveness theorem in the series, establishing that if the human signs within the timeout window, the suspended call resumes with bounded latency. Six experiments validate the construction: P10 achieves up to 81× higher throughput than P9's blocking model at 80% halt rate; escrow overhead is negligible at P95 = 6.4 µs. Paper 10 of the Agent Governance Series.