Meaning Protocol Layer · v0.x · MIT

Typed, measurable, and provable agent communication.

MPL sits between your agents and their tools (MCP, A2A, plain HTTP). Every interaction is validated against a contract, scored against a quality profile, and hashed into an audit trail you can hand to a regulator.

Read the docs github.com/Skelf-Research/mpl

your code Agent logic, tools, business rules

mpl Contracts · Quality Metrics · Policies · Proofs

transport MCP (client/server) · A2A (peer/peer) · HTTP

What it actually does

contracts

Typed messages

Every payload declares an stype (e.g. org.calendar.Event.v1) backed by a JSON Schema in a registry. Mismatches are rejected at the protocol layer, not in your handler.

quality

Six measurable metrics

Schema fidelity, instruction compliance, groundedness, determinism, ontology adherence, tool outcome. Mix them into profiles like qom-basic or qom-strict-argcheck.

audit

BLAKE3-anchored trails

Each message carries a content hash, a provenance record (agent id, intent), and its quality report. The record is what you point at when compliance asks.

deploy

Sidecar proxy

The Rust proxy (mpl proxy) runs alongside your existing MCP/A2A server. Start in transparent mode, graduate to strict when you trust the schemas.

SDKs

Python & TypeScript

pip install mpl-sdk or npm install @mpl/sdk. The SDK returns valid, qom_passed, and the response payload — no extra wiring.

registry

25+ stypes ship in-box

Pre-built contracts under org.*, data.*, eval.*, ai.*. Drop your own at registry/stypes/<ns>/<Type>/v1/schema.json and extend.

Not a guardrail

Guardrails ask “is this safe?” after generation. MPL asks “did this meet the contract, and can you prove it?” — before, during, and after every hop.

	Guardrails	MPL
When	After response	Before · during · after
What	Filters harmful content	Defines correctness, measures quality, records proof
Scope	Single output	Entire communication chain
Output	Pass/block	Typed payload, quality score, provenance, audit trail

Two-minute start

cargo install mplx
mpl proxy http://your-mcp-server:8080
# dashboard at http://localhost:9080

# learn schemas from traffic, then lock them in
mpl schemas generate
mpl schemas approve --all
mpl proxy http://your-mcp-server:8080 --mode production

Your agents don't change. MPL observes, validates, and records what passes through.

Compliance you can point to

Requirement	What MPL provides
Tamper-evident records (SOX)	BLAKE3 content hash on every payload
Data handling proof (GDPR)	Consent refs + policy enforcement at the boundary
Accuracy controls (HIPAA)	Quality thresholds on clinical-domain stypes
Transparency (EU AI Act)	Quality scores + full provenance chain

The repo's registry/stypes/ ships namespaces for finance, healthcare, calendar, communication, permission, workflow.