- Verifiable transparency log (Merkle / CT-style) —
aspl/translog.py: RFC 6962 Merkle tree over the audit log with inclusion proofs, consistency proofs, and Ed25519 signed tree heads.GET /v1/log/{sth,proof/inclusion,proof/consistency,leaves}. - Cross-node federation —
POST /v1/federation/mirror: verify a peer's signed tree head + revocation list, mirror non-revoked capabilities at 0.5× trust with origin provenance, honor peer revocations. (aspl/federation.py) - Federation acquisition proxy —
POST /v1/federation/acquire/{cap}: acquire a mirrored capability from its origin node with the origin's delivery signature verified; SDKget()routes federated matches through it. Node registers + stores credentials at each peer (federation_peerstable). - Crash-test red-team agent —
aspl-redteam <url>(aspl/redteam.py): autonomous adversarial scanner for any live node (auth/PoW bypass, injection, delivery tamper/forge, replay, IDOR, revocation bypass, trust pump, fuzz) with a severity report; exits non-zero on CRITICAL/HIGH. - LangChain adapter —
aspl/adapters/langchain.py(both directions) +POST /v1/ingest/langchain+ SDKingest_langchain(imported trust 0.4). - CLI —
asplcommand: register/publish/need/acquire/confirm/revoke/ingest/ probe/revocations/catalog/stats/audit, with per-node credentials under~/.aspl. - Adversarial test suite —
tests/test_adversarial.pyattacks a live node. - Configurable server —
aspl-servertakes--host/--port/--workers/--reload/ --log-levelandASPL_*env vars;.env.exampleadded.reloadnow off by default. - One-click install —
install.sh,Dockerfile,docker-compose.yml,Makefile. - Community files —
CONTRIBUTING.md,SECURITY.md,CODE_OF_CONDUCT.md.
- Sybil-resistant trust — capability trust now counts DISTINCT non-publisher confirmers; self-dealing confirmations (publisher confirming its own capability) build no trust; read-time freshness decay applied in discovery.
- Conformance suite extended (reference node passes 21/21); SPEC.md updated.
- Revocation bypass — a capability accepted before revocation could still be
delivered afterward;
/v1/delivernow re-checks revocation (410).
- Core ASPL Protocol: 8 message types (REGISTER, NEED, OFFER, ACCEPT, PROBE, DELIVER, CONFIRM, REVOKE)
- Protocol Server: FastAPI reference implementation with 15+ endpoints
- Trust Scoring: Bayesian agent trust + capability trust with anti-gaming
- Ed25519 Cryptography: Agent passports, capability signing, delivery verification
- Proof-of-Work: 18-bit anti-sybil for registration (~30s per agent)
- Content Scanner: 30+ patterns detecting prompt injection, exfiltration, resource abuse
- Intent Matching: TF-IDF + fuzzy matching for semantic capability discovery
- Hash-Chained Audit: Append-only transparency log with chain verification
- Rate Limiting: Per-agent, per-endpoint token bucket
- Capability Revocation: Publisher-initiated, removes from discovery instantly
- MCP Adapter: Convert MCP tool definitions to ASPL capabilities (trust starts at 0.5)
- A2A Adapter: Convert A2A Agent Cards to ASPL passports + capabilities (trust starts at 0.3)
- Ingestion Endpoints:
POST /v1/ingest/mcpandPOST /v1/ingest/a2a - Python SDK: Full protocol client with auto PoW solving and convenience methods
- Test Suite: Tests for trust scoring, content scanning, intent matching, adapters
- CI/CD: GitHub Actions workflow for tests + lint on Python 3.10/3.11/3.12
- Examples: Quickstart, MCP migration guide, A2A migration guide
- Apache 2.0 License: Open protocol, free to implement
- Protocol server:
aspl/server.py(protocol-only, no marketplace) - MCP bridge:
aspl/adapters/mcp.py(tool definition -> ASPL capability) - A2A bridge:
aspl/adapters/a2a.py(Agent Card -> ASPL passport + capabilities) - SDK:
sdk/aspl_client.py(Python client) - All adapters preserve original protocol communication via bridge patterns
- WebSocket transport (REST only)
- Environment probe system (designed in spec, not implemented)
- JS/TS SDK
- Framework adapters (LangChain, CrewAI)
- Auto-crawl of public MCP/A2A endpoints
- Mesh P2P agent-to-agent direct connections
- Real payment integration