Protocol Architecture

The Agent Control Protocol (ACP) is designed with a layered architecture, similar to major infrastructure protocols in distributed systems. Each layer guarantees a specific invariant, building upon the guarantees of the layers below it.

ACP Layered Model

The ACP stack visually represents how an interaction travels from the initial identity verification down to establishing long-term trust and accountability.

Trust Layer

Aggregates verification data, updates reputation records, and establishes cross-institutional accountability.

Verification Layer

Provides deterministic logs and cryptographic proofs that an execution happened exactly as requested by the authorized identity.

Execution Layer

Provides a deterministic execution environment where authorized actions are performed and mathematically bound to the preceding layers.

Policy Layer

Evaluates the requested action against the specific risk models and institutional policies. Defines what conditions are acceptable.

Capability Layer

Manages capability tokens. Validates whether the verified identity holds the specific capability required for the action.

Identity Layer

The foundation. Verifies the cryptographic identity of the agent and traces their institutional delegation chain.

Interaction Lifecycle

When an agent initiates an interaction over the ACP protocol, it follows a strict six-stage lifecycle spanning the architecture layers:

  1. Identity Verification: The agent presents its identity signature and institutional delegation chain.
  2. Capability Validation: The protocol validates the specific capability tokens the agent holds against the requested operation.
  3. Policy Authorization: Local and institutional policy engines evaluate the risk score and enforce defined operational constraints.
  4. Deterministic Execution: Only if the first three stages succeed, the requested action is safely executed.
  5. Verifiable Logging: The execution output, state change, and underlying authorization proofs are logged to an immutable append-only ledger.
  6. Trust Update: The outcome of the execution updates the trust scoring and accountability matrix for future interactions.

This flow guarantees the Constitutional Invariant that enforces institutional accountability.