OPEN PROTOCOL — APACHE 2.0

The missing trust layer for autonomous agents

MCP connects agents to tools. A2A connects agents to agents. Nobody verifies that what they find is safe, compatible, or trustworthy. ASPL does. And it absorbs both.

8Message Types

6Security Layers

32Tests Passing

2Adapters (MCP+A2A)

POSITION IN THE STACK

We don't replace MCP or A2A. We sit above them.

ASPL is the trust and supply layer. MCP handles tool-calling. A2A handles agent communication. ASPL handles the question they both leave open: can I trust this?

ApplicationLangChain, CrewAI, AutoGen

ASPLfind + verify + trust + deliver

CommunicationA2A, ACP

Tool LayerMCP

InfrastructureCloud, APIs, DB

PROTOCOL FLOW

Eight messages. One complete supply chain.

Every step is cryptographically signed (Ed25519) and trust-scored.

01REGISTERAgent joins with Ed25519 keypair + proof-of-work

02NEEDDescribe what you need in natural language

03OFFERRanked matches: relevance + trust + env compatibility

04ACCEPTAgent selects a capability

05PROBEVerify agent environment with sandboxed nonce-based check

06DELIVERDouble-signed capability with content hash + adapters

07CONFIRMSuccess/failure — trust scores update automatically

08REVOKEEmergency kill — malicious capabilities die instantly

// ASPL Agent Passport — signed, verified, trusted
{
  "aspl": "0.1",
  "type": "passport",
  "agent_id": "ag_7f3a9b2c",
  "public_key": "ed25519:MC4CAQAwBQYDK2Vw...",
  "environment": {
    "runtime": "python:3.11",
    "permissions": ["http_outbound"],
    "memory_mb": 512
  },
  "trust": {
    "score": 0.87,
    "total_transactions": 1420,
    "success_rate": 0.96
  },
  "signature": "ed25519:..."  // try faking this
}

HONEST COMPARISON

ASPL vs MCP vs A2A

MCP and A2A are excellent at what they do. They just don't do what we do.

Feature	MCP (Anthropic)	A2A (Google+146)	ASPL
Tool calling	Yes (core)	No	Via adapters
Agent discovery	No	Agent Cards	Passports + intent
Cryptographic identity	No	No (unsigned)	Ed25519
Trust scoring	No	No (acknowledged gap)	Bayesian, anti-gaming
Environment verification	No	No	Sandboxed probes
Capability delivery	No	No	Double-signed
Content scanning	No	No	At publish time
Intent matching	No	Tags only	Semantic (TF-IDF)
Revocation	No	No	Real-time
Audit trail	No	No	Hash-chained
MCP compatibility	-	No	Ingests tools
A2A compatibility	No	-	Ingests cards

EASY MIGRATION

Bring your MCP tools. Bring your A2A agents.

One API call. Your existing tools keep working. They just gain trust, security, and discovery.

From MCP

Initial trust: 0.5 (schema validated)

POST /v1/ingest/mcp with your tool definitions. Each tool becomes an ASPL capability with a bridge adapter that calls the original MCP endpoint.

Trust scoring (updates with each use)
Security scanning at import
Intent-based discovery
Revocation if compromised
Original MCP calling preserved

From A2A

Initial trust: 0.3 (unsigned card)

POST /v1/ingest/a2a with the Agent Card JSON. Skills become ASPL capabilities. The agent gets a signed passport replacing the unsigned card.

Cryptographic identity (Ed25519)
Trust scoring (A2A has none)
Environment verification
Content security scanning
A2A communication preserved

# Migrate MCP tools — one call
client.ingest_mcp("https://my-mcp-server.com", [
    {"name": "search_web", "description": "Search the web", "inputSchema": {...}},
    {"name": "read_file", "description": "Read a file", "inputSchema": {...}},
])

# Migrate A2A agent — one call
client.ingest_a2a({
    "name": "code-reviewer",
    "url": "https://agents.example.com/code-reviewer",
    "skills": [{"id": "review", "name": "Code Review", ...}],
})

HONEST TAKE

What we have. What we don't.

Built and Working

Full protocol server — 15+ endpoints, tested
MCP adapter — converts tools to capabilities
A2A adapter — converts cards to passports
Trust scoring with anti-gaming — nobody else has this
Ed25519 cryptographic identity
Content scanner (injection + exfil + abuse)
Hash-chained audit log
32 tests passing, CI/CD ready

Not There Yet

Zero real-world adoption — test data only
SQLite won't scale past thousands of agents
TF-IDF matching is basic — needs embeddings
No WebSocket — REST only
No test suite for the full server integration
One developer. No community yet.

Great protocols start small.

Trust scoring is the piece everyone agrees is missing. MCP acknowledged it. A2A's 146-company consortium acknowledged it. We just decided to build it instead of waiting.

It's happened before.

Linux

Started as a student project

Git

Written in 2 weeks

Bitcoin

One anonymous whitepaper

HTTP

One physicist at CERN

JSON

One dev, replaced XML

Protocol Roadmap

Where we are, where we're going. Source code will be published when there's real demand for it.

Shipped — v0.1

Core Protocol

8 message types. Ed25519 identity. Bayesian trust scoring. PoW anti-sybil. Content scanner. Hash-chained audit log. 32 tests passing.

Shipped — v0.1

MCP & A2A Adapters

Ingest MCP tools and A2A Agent Cards directly. Bridge adapters preserve original protocol communication. Imported trust scoring.

In Progress — v0.2

WebSocket Transport

Real-time bidirectional communication. Live trust updates. Streaming capability delivery. Connection multiplexing.

In Progress — v0.2

Environment Probes

Agents declare what they need. Protocol verifies environment compatibility before delivery. No more runtime surprises.

Planned — v0.3

JS/TS SDK

Native JavaScript and TypeScript client. npm package. Framework adapters for LangChain, CrewAI, AutoGen.

Planned — v0.3

Federation

Multiple ASPL nodes that share trust data. Decentralized registry. Cross-node capability discovery. No single point of failure.

GitHub — coming when you ask for it