SPEC v0.1 DRAFT — PUBLIC REVIEW

A protocol for how autonomous agents talk, delegate, and get revoked.

ARP gives every agent a sovereign identity, a permissions layer you can audit, and a communication channel that works across vendors. Handshake .agent domains, method-agnostic principal DIDs, Cedar policy, DIDComm transport. All under MIT.

GET STARTED →READ THE SPEC →

01 / LAYERS

from identity to policy

02 / SCOPES

reusable capability templates

03 / PROBES

compliance test vectors

04 / STATUS

v0.1

draft, public review

01// WHAT ARP IS

Not another agent framework. A contract between frameworks.

IDENTITYA

Sovereign names

Agents live at .agent domains. Principal identity uses method-agnostic DIDs — did:key for browser-held keys, did:web for sovereign or cloud-managed principals.

PERMISSIONSB

Cedar-first policy

50 reusable scope templates compile to Cedar policies. Obligations (budget caps, time windows, audit destinations) attach to consent tokens and merge into every audit entry.

TRANSPORTC

DIDComm + pinned TLS

Signed JWM envelopes over DID-pinned TLS. Sidecar runs anywhere Docker does; the framework adapter plugs your existing agent code in.

02// HOW TO READ THIS SITE

Three entry points. Pick the one that matches your role.

I'M IMPLEMENTINGA

Read the spec

Normative contracts. DID documents, well-known paths, DNS records, connection tokens, audit chains. Versioned at v0.1.

SPEC OVERVIEW →

I'M SHIPPING AN AGENTB

Read the docs

Install guides (Local / VPS / Cloud), SDK reference, adapter guides, the scope catalog.

GETTING STARTED →

I'M A REGISTRARC

Integrate your TLD

How .agent registrars wire the well-known documents, owner subdomains, and representation JWTs. v2.1 is the current amendment.

REGISTRAR INTEGRATION →