A protocol layer for trustworthy agent comms.
MPL — the Meaning Protocol Layer — is a piece of infrastructure for teams running multi-agent systems in environments where “it worked in testing” is not an acceptable answer.
The premise
Agent-to-agent and agent-to-tool calls are usually a JSON blob over HTTP. The receiver hopes the shape is right, the values are sane, the call was made by who it says, and that someone, somewhere, wrote it down. In a single-agent prototype that's fine. Across a chain of agents in a regulated environment, it isn't.
MPL inserts a thin protocol layer in front of your existing MCP or A2A transport. It does four jobs at every hop:
- Contracts. Validate the payload against a versioned
stype(semantic type) backed by a JSON Schema. - Quality. Score the message against a configurable profile (schema fidelity, instruction compliance, groundedness, determinism, ontology adherence, tool outcome).
- Policies. Apply organisational rules — required profiles, mandatory provenance fields, namespace allowlists — at the boundary.
- Proofs. Hash the payload with BLAKE3, attach provenance, write to an append-only record.
What's in the repo
The open-source distribution at github.com/Skelf-Research/mpl includes:
crates/mpl-protocol— the Rust core (envelope, hashing, validation).crates/mpl-proxy— the sidecar HTTP proxy.crates/mplx— the CLI (mpl proxy,mpl schemas).crates/mpl-registry-api— the schema registry service.python/mpl_sdk,typescript/— language SDKs.registry/stypes/— pre-built contracts (org, data, eval, ai namespaces).helm/mpl-proxy— Kubernetes deployment.
Status
| Phase | What landed |
|---|---|
| Phase 1 — complete | Core protocol, Python SDK, sidecar proxy, schema registry |
| Phase 2 — complete | TypeScript SDK, registry API, Helm chart, policy engine |
| Phase 3 — in progress | Conformance suite, A2A hardening, production readiness |
Test suite: 144 passing as of README. License: MIT.
Who it's for
Teams running multi-agent systems where a regulator, an auditor, or an internal risk committee is going to ask “show me what the agent did and prove it wasn't tampered with.” That includes regulated AI ops (finance, healthcare), platform teams shipping internal agent fabrics, and anyone who'd rather catch a malformed tool call at the boundary than in a post-mortem.
Who's behind it
MPL is a Skelf-Research project. Skelf-Research builds protocol-layer and observability infrastructure for AI systems, all open-source.