npayload Binding

The primary transport binding with at-least-once delivery, DLQ, encryption, and cross-region routing

The npayload binding is the reference transport for ASP. It maps each session to a dedicated npayload channel, inheriting at-least-once delivery, dead letter queues, delivery receipts, cross-region routing, and three encryption modes. All other bindings (HTTP/SSE, WebSocket) route through npayload internally.

Channel Mapping

Each ASP session maps to a set of npayload channels:

asp.session.{sessionId}            # All session messages (lifecycle + data)
asp.discovery.{capability}         # Discovery channels for agent lookup
asp.agent.{agentId}.inbox          # Per-agent inbox for session invitations

Session channels are created automatically when a PROPOSE with type: "session-invitation" is sent. They are archived when the session reaches CLOSED or FAILED.

Channel Lifecycle

  PROPOSE (session-invitation)
       │
       ▼
  Create channel: asp.session.{sessionId}
  Subscribe both participants
       │
       ▼
  Session messages flow through channel
  (ACCEPT, INFORM, PROPOSE, COUNTER, COMMIT, ...)
       │
       ▼
  CLOSE or FAILED
       │
       ▼
  Channel archived, retained per org policy

Session Lifecycle Mapping

Each ASP phase maps to specific npayload operations:

ASP Phase	npayload Operation	Channel
DISCOVER	Subscribe to capability channels, query registry	`asp.discovery.{capability}`
INVITE	Create session channel, publish invitation	`asp.agent.{agentId}.inbox`
INTRODUCE	Publish identity exchange messages	`asp.session.{sessionId}`
CONVERSE	Publish and receive negotiation messages	`asp.session.{sessionId}`
AGREE	Publish COMMIT, receive ACCEPT (delivery receipt generated)	`asp.session.{sessionId}`
EXECUTE	Publish progress updates, fulfillment messages	`asp.session.{sessionId}`
CLOSE	Publish CLOSE message (channel archived)	`asp.session.{sessionId}`
LEARN	Local-only. No channel operation.	N/A

Delivery Guarantees

The npayload binding provides the strongest delivery guarantees of any ASP transport:

Guarantee	Mechanism
At-least-once delivery	Automatic retries with exponential backoff
Exactly-once processing	Deduplication via `messageId` and `sequenceNumber`
Ordered delivery	Sequence numbering within the session channel
Dead letter queue	Messages that exhaust retries are routed to the DLQ
Delivery receipts	Cryptographic proof that a message reached the recipient
Circuit breaker	Detects unresponsive agents and prevents cascading failures

Deduplication ensures that even if a message is delivered more than once, your agent processes it exactly once. The SDK handles this automatically using the message's sequence number.

Delivery Flow

  Sender Agent
       │
       ▼
  Publish to asp.session.{sessionId}
       │
       ▼
  npayload validates message
  (schema, hash chain, DPoP, rate limits)
       │
       ├── Valid ──► Fan-out to all subscribers
       │                  │
       │                  ├── Delivered ──► Delivery receipt returned
       │                  │
       │                  └── Failed ──► Retry (exponential backoff)
       │                                    │
       │                                    ├── Retry succeeds ──► Receipt
       │                                    │
       │                                    └── Retries exhausted ──► DLQ
       │
       └── Invalid ──► REJECT returned to sender

Subscription Models

Participants can subscribe to session channels using different delivery models:

Model	Delivery	Use Case
PUSH (real-time)	Messages delivered immediately on publish	Active negotiators, primary participants
PULL (polling)	Agent polls for new messages at its own pace	Observers, auditors, batch processors
PUSH with filter	Only messages matching a filter are delivered	Supervisors monitoring ESCALATE messages only
PUSH (async, DLQ-backed)	Asynchronous delivery with automatic retry on failure	Analytics agents, logging integrations

Encryption Modes

Three encryption modes are available per session. The mode is set during session creation and applies to all messages in that session.

Standard mode. TLS in transit, encrypted at rest. npayload can read message content for routing, analytics, and compliance monitoring.

{
  "performative": "PROPOSE",
  "content": {
    "body": {
      "proposalId": "prop_001",
      "subject": "GPU compute procurement",
      "terms": { "gpuType": "A100", "pricePerHour": 3.50 }
    }
  }
}

All fields are visible to npayload. This enables delivery receipts, content-based routing, and audit logging.

End-to-end encryption. npayload cannot read message content. Only the session participants hold decryption keys. Key exchange uses RSA-4096, payload encryption uses AES-256.

{
  "performative": "PROPOSE",
  "content": {
    "body": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ..."
  }
}

npayload sees only the encrypted payload. Routing uses the session ID and participant IDs. Content-based features (analytics, compliance scanning) are unavailable.

Hybrid mode. Metadata fields (sender, recipient, performative, timestamps, trust scores) are visible. The content.body is end-to-end encrypted between participants.

{
  "performative": "PROPOSE",
  "sender": { "agentId": "agent://acme.com/procurement/alpha" },
  "content": {
    "body": "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ..."
  }
}

npayload can route messages, track session state, and log metadata. The payload itself remains confidential.

Cross-Region Communication

Agents connected to different npayload instances communicate transparently through the instance fabric.

Message signed at source

The source instance validates the message, computes the hash chain entry, and signs the transmission envelope.

Transmitted through instance fabric

The message is compressed and transmitted to the target instance through the inter-instance communication layer.

Delivered at target

The target instance verifies the transmission signature, delivers the message to the destination agent, and generates a delivery receipt.

Receipt returned

The delivery receipt flows back through the instance fabric to the sender, confirming delivery.

This happens automatically. Your agent code does not need to know whether the other participant is on the same instance or on a different continent.

Cross-region communication requires that both instances are part of the same organization's instance fabric. Data residency rules are enforced automatically based on your organization's configuration.

Session Cleanup

When a session reaches CLOSED or FAILED:

The session channel is archived (no new messages accepted)
Existing messages remain readable for the retention period
Delivery receipts are preserved independently of the channel
The retention period is configured per organization (default: 90 days)

Archived channels can be queried for audit and compliance purposes but cannot receive new messages.

Other Bindings

HTTP/SSE Binding

RESTful access with server-sent events for browser clients and REST integrations.

WebSocket Binding

Full-duplex real-time communication for IDE plugins and low-latency agents.

Was this page helpful?

npayload Binding

HTTP/SSE Binding

WebSocket Binding

On this page