The open protocol that brings discipline to AI agents.
EGAP is an open specification for governed communication between orchestration engines and AI agents — identity, authorization, audit, approvals, and alerts enforced at the wire level. Built for regulated industries.
AI agents are being deployed into production faster than governance models are maturing. The agent protocol landscape today solves for connectivity — not accountability.
| Protocol | Purpose | Governance |
|---|---|---|
| MCP (Anthropic) | Tools and context for LLMs | None specified |
| A2A (Google) | Agent-to-agent interoperability | None specified |
| EGAP (MIRASTACK LABS) | Engine-to-agent dispatch with governance | Required |
EGAP defines the governance layer. Every message carries identity, permission scope, audit correlation, time context, and budget state. Every destructive action triggers a mandatory human approval checkpoint. Every decision is recorded immutably.
| Repository | Description |
|---|---|
| egaprotocol/spec | The EGAProtocol specification — SPEC.md, GOVERNANCE.md, CONTRIBUTING.md, EXPANSIONS.md |
| egaprotocol/core | Reference implementation (coming soon) |
| egaprotocol/conformance | Conformance test suite (coming soon) |
Identity → Cryptographically verifiable identity for every agent session
Authorization → Role-based permission scoped to minimum required privilege
Audit → Immutable audit trails (OpenTelemetry semantic conventions)
Approvals → Mandatory human-in-the-loop for destructive actions (protocol primitive)
Alerts → Operational alerts on agent deviation from expected behaviour
- Read the spec: SPEC.md
- Propose a change: EIP process
- Report an issue: GitHub Issues
- Join the discussion: GitHub Discussions
- Contact: hello@egaprotocol.org
Website: egaprotocol.org · Spec: Apache 2.0 · Maintained by: MIRASTACK LABS