Agent Session Protocol
The session layer for agent-to-agent negotiation, trust verification, and binding commitments
ASP (Agent Session Protocol) is an open session-layer protocol that enables autonomous agents to negotiate terms, verify trust, and form binding commitments. It occupies OSI Layers 5 and 6, sitting between application-layer protocols (MCP, A2A) and transport-layer infrastructure (npayload).
Think of ASP like SIP for autonomous systems. Just as SIP (Session Initiation Protocol) standardized how phone calls are established and managed, ASP standardizes how agents conduct structured, multi-turn conversations with cryptographic integrity and economic safeguards.
What can ASP enable?
- Procurement agents negotiate pricing, delivery windows, and SLAs through structured proposal and counter-proposal exchanges, with every term signed and auditable.
- Deployment agents request production access from security agents, which evaluate trust across eight quantitative dimensions before granting approval.
- SLA monitoring agents enter binding commitments with infrastructure agents, with automatic dispute filing and evidence collection when commitments are breached.
- Data pipeline agents coordinate multi-party processing workflows, with each participant's obligations tracked through the commitment lifecycle.
Why does ASP matter?
Agents today can invoke tools (MCP) and delegate tasks (A2A). But neither protocol answers the harder questions:
- How do two agents that have never interacted decide whether to trust each other?
- How do agents negotiate terms before committing to action?
- What happens when an agreement is broken?
- How can a conversation record be proven tamper-free?
Without a session layer, every agent integration must invent its own message formats, trust mechanisms, and negotiation logic. ASP eliminates this duplication by providing a standard protocol for the conversation itself.
Core capabilities
| Capability | Mechanism |
|---|---|
| Session management | Eight-phase lifecycle from discovery through learning |
| Trust verification | Eight-component quantitative model with logarithmic growth and exponential decay |
| Negotiation | Thirteen performatives based on speech act theory (PROPOSE, ACCEPT, REJECT, COUNTER, etc.) |
| Commitments | Binding agreements with terms, deadlines, escrow, and breach handling |
| Integrity | SHA-256 hash chain linking every message, with Ed25519 signatures |
| Multi-party | N-party sessions with role-based addressing and consensus transitions |
| Escalation | ESCALATE performative for human intervention at any point |
| Learning | Post-session pattern extraction for continuous improvement |
How ASP works with MCP and A2A
ASP does not replace MCP or A2A. It wraps around them. The session is the container; the tools and tasks happen inside it.
ASP: Discover and invite. Agent A searches for agents with matching capabilities, then opens an ASP session with Agent B. Both exchange identity credentials and verify trust scores.
MCP: Discover tools. Within the ASP session, Agent A uses MCP to discover what tools Agent B exposes (e.g., check_inventory, create_order).
ASP: Negotiate terms. Agent A sends a PROPOSE with pricing, delivery timeline, and penalties. Agent B sends a COUNTER with adjusted terms. They iterate until reaching agreement.
A2A: Execute the task. Agent A delegates execution to Agent B via A2A, referencing the ASP session ID and commitment terms.
ASP: Verify and close. Agent A verifies fulfillment through the ASP session. Trust scores are updated based on the outcome. The session closes with peer ratings.
MCP answers "what can you do?" A2A answers "please do this." ASP answers "under what terms, with what trust, and with what guarantees?"
Start building
Learn more
Was this page helpful?