The Trust Layer for Autonomous Agents

Open source protocol for secure AI agent communication. One gateway, unlimited agents, unlimited locations — large-scale deployment with zero licensing costs.

AXCP Core v1.0 • Go/Python/TypeScript SDKs • Apache 2.0
Get the SDK Get White Paper
AXCP ULTRA-FAST SECURE MESH REAL-TIME AI-AGENTS

Why Choose AXCP?

Ultra-Low Latency

Reduce connection overhead in distributed agent systems with QUIC transport and persistent sessions designed for low-latency communication.

Open Source Core

One gateway, unlimited agents, unlimited locations — zero licensing costs. AXCP Core is Apache 2.0. Deploy across 5 offices or 50 countries with message-layer identity and signing. The Commercial Pack adds governed operations, Signed Agent Manifest controls, and regulated evidence features for specialized deployments.

Universal Interoperability

Connect any agent, in any language, over any stack. AXCP abstracts away transport details so Rust micro-services, Python ML pipelines, Go edge agents — even legacy MCP, A2A, and ACP systems — can exchange context through a single, strongly-typed envelope. Build heterogeneous swarms without rewriting code.

Security by Default

Security built into every message. TLS 1.3 transport, Ed25519 signatures, DID-based identity, and replay protection — all in Core. Need governed operations or regulated evidence? Contact us for the Commercial Pack.

Features

QUIC/Datagram

Core

Modern transport protocol with built-in TLS 1.3 encryption, multiplexed sessions, and improved behavior over traditional TCP for agent-to-agent communication.

State Synchronization

Advanced

Commercial state synchronization for distributed agent workflows.

Governed Privacy Controls

Enterprise

Optional privacy controls for telemetry and aggregate analytics while preserving application payloads.

Adaptive Profiles

Core

Dynamically negotiate security profiles between agents based on capabilities and requirements. Profile negotiation is built into the handshake protocol.

Enclave Ready

Advanced

Trusted runtime readiness for high-assurance production deployments.

Observability

Enterprise

Production observability for monitoring runtime health, policy posture, and operational behavior.

Security Profiles

Three tiers designed for different assurance requirements — from open source Core deployments to governed commercial operations.

1

Secure Baseline

Core

Transport & Crypto

  • QUIC + TLS 1.3 mandatory
  • DID-based identity
  • Ed25519 message signatures
  • Replay protection (sequence/nonce)

Features

  • Profile negotiation handshake
  • Timestamp validation
  • Recipient verification

Audit

Basic logging (optional)

Use Cases

Development, CI/CD pipelines, single-org deployments, edge agents, startups

2

Full-Secure + Audit

Advanced

Transport & Crypto

  • Everything in Profile 1 plus:
  • Signed Agent Manifest controls
  • Trusted runtime readiness

Features

  • Rate limiting middleware
  • State synchronization
  • Optional privacy controls

Audit

Tamper-evident audit evidence

Use Cases

Multi-tenant SaaS, public cloud, IIoT gateways, B2B platforms

3

Enterprise / Regulated Controls

Enterprise

Transport & Crypto

  • Everything in Profile 2 plus:
  • Optional privacy controls for telemetry
  • Sensitive data handling controls

Features

  • Compliance reporting (GDPR/HIPAA/SOC2)
  • Production observability
  • Cross-organization trust governance

Audit

Tamper-evident audit evidence

Use Cases

Finance, healthcare, government, cross-border AI operations

Open Source & Free

Understanding AXCP

AI agents are becoming part of our daily lives. They need a secure way to talk to each other. Here's why AXCP Core is the answer.

The Problem Today

AI agents from different companies can't securely communicate with each other. It's like having phones that only work within the same carrier — but worse, because there's no standard for security.

  • No standard for agent-to-agent authentication
  • Message origin is hard to prove without message-layer signatures
  • No way to verify "who said what"

AXCP Core Solves This

AXCP gives every AI agent a verified identity and signs every message cryptographically. Think of it as "HTTPS for AI agents" with message-level verification.

  • Every agent has a unique, verifiable identity (DID)
  • Every message is signed and cryptographically verifiable
  • Replay attacks are blocked automatically

What AXCP Core Enables

🤝

Multi-Vendor Collaboration

Claude, GPT, Gemini, and any other AI can work together securely on the same task.

🔐

Trust Without Trusting

Cryptographic signatures prove authenticity. You don't need to trust — you can verify.

Built for Speed

QUIC transport is designed for low-latency behavior while keeping security checks explicit.

🌍

Open Standard

Apache 2.0 licensed. Use it, modify it, build on it. No proprietary runtime requirement.

💡 Open Source Core

Large-Scale Deployment — With Free, Open Source Core

AXCP Core isn't a "demo tier." It's a production-ready protocol that can power your entire organization.

ONE GATEWAY — UNLIMITED LOCATIONS — UNLIMITED AGENTS
     LONDON          NEW YORK           TOKYO            SYDNEY
    ┌───────┐       ┌───────┐        ┌───────┐        ┌───────┐
    │Agent 1│       │Agent 4│        │Agent 7│        │Agent10│
    │Agent 2│       │Agent 5│        │Agent 8│        │Agent11│
    │Agent 3│       │Agent 6│        │Agent 9│        │Agent12│
    └───┬───┘       └───┬───┘        └───┬───┘        └───┬───┘
        │               │                │                │
        └───────────────┴────────┬───────┴────────────────┘
                                 │
                                 ▼
                    ┌─────────────────────────┐
                    │    AXCP GATEWAY         │
                    │    Frankfurt (HQ)       │
                    │    gateway.company.com  │
                    └─────────────────────────┘

         All 12 agents communicate securely
         Ed25519 signatures on every message
         Zero licensing costs
🌍

Global Reach

Connect agents from any location worldwide. If they can reach your gateway, they can communicate securely.

🏢

Department Isolation

Organize by team, department, or authorization level. Each agent only knows the DIDs it needs to communicate with.

💰

Zero License Fees

Apache 2.0 licensed. Deploy 10 agents or 10,000 — the cost is the same: free.

Real-World Example: Global Manufacturing Company

A manufacturing company with factories in 5 countries deploys AXCP Core on their central server. Each factory runs AI agents for quality control, inventory management, and logistics. All agents communicate through the single gateway — coordinating production across continents with cryptographic security.

5
Countries
47
AI Agents
1
Gateway
$0
License Cost

Why This Moment Matters

AI agents are moving from isolated tool calls into distributed workflows where identity, message integrity, and replay protection matter at the protocol layer. Transport security alone does not prove which agent sent which message after the fact.

AXCP Core is designed as a complementary security layer for agent ecosystems: signed envelopes, DID-based identity, replay protection, and typed transport for verifiable agent-to-agent communication. MCP defines what agents can do; AXCP helps verify who is communicating, what was sent, and whether it was replayed.

Start Building with AXCP

How AXCP Works

AXCP Core keeps the secure communication flow explicit and verifiable without requiring a commercial control plane.

01

Identify the Agent

Each participant uses a DID-backed identity so peers can bind messages to an agent-level cryptographic identity.

02

Sign the Envelope

The message envelope is signed before transport, making sender identity and message integrity verifiable beyond the TLS session.

03

Verify and Route

The gateway validates signatures, timestamps, nonces, and profile expectations before forwarding valid traffic.

04

Reject Replays

Previously seen or stale messages are rejected so captured envelopes cannot simply be reused later.

This is the public AXCP Core security baseline. Commercial tiers add governed admission, Signed Agent Manifest, operational visibility, and regulated evidence workflows without changing the Core license.

Beyond Core: Advanced & Enterprise

AXCP Core gives you the Apache 2.0 secure baseline. The Commercial Pack adds licensed control-plane capabilities for governed operations and regulated deployments.

The Key Difference: Self-Managed Core vs Commercial Control Plane

CORE Self-Managed Configuration
  • You configure which DIDs each agent knows
  • Agents can only message DIDs they're configured with
  • No automatic discovery of other agents
  • Perfect for controlled environments with known agents
ADVANCED / ENTERPRISE Commercial Control Plane
  • Commercial agent admission and lifecycle visibility
  • Operational visibility for approved agent networks
  • Licensed policy controls for approved environments
  • Perfect for dynamic, growing agent networks
Core (Free)
Advanced
Enterprise

AXCP Advanced

For production agent networks

Commercial control plane for production agent networks. Adds governed identity, policy, operational controls, and production visibility on top of Core.

Commercial Capabilities

Signed Agent Manifest

Verifiable agent identity and authorization declarations for governed production networks.

Trusted Runtime Readiness

Deployment checks for confidential-compute and trusted-runtime environments.

Rate & Traffic Controls

Operational safeguards for abuse prevention and predictable throughput.

Bridge Governance

Governed MCP/A2A interoperability for teams extending existing agent ecosystems.

State Synchronization

Coordinated shared state for distributed agent workflows.

Agent Lifecycle Visibility

Visibility into approved agents and their runtime lifecycle.

Policy Controls

Commercial controls for approved communication paths and operating boundaries.

Operations Visibility

Runtime status and operator visibility for production agent networks.

Best for: SaaS platforms, multi-tenant systems, B2B integrations, IoT deployments

AXCP Enterprise

For regulated and high-assurance deployments

Regulated control plane and compliance evidence. Everything in Advanced, plus governed privacy controls, audit evidence, and regulated operations support.

Enterprise Capabilities (All Advanced +)

Optional Differential Privacy

Opt-in privacy controls for telemetry or aggregate analytics. Application payloads are preserved.

Sensitive Data Controls

Configurable handling for sensitive personal data in approved control surfaces.

Tamper-Evident Audit

Audit evidence designed to support regulated reviews without exposing private operational data.

Regulated Access Controls

Commercial access controls for approved agents, services, and environments.

Production Observability

Operational metrics and traces for regulated production monitoring.

Deployment Packaging

Commercial deployment packaging for production environments.

Regulated Policy Controls

Centralized policy posture for regulated agent operations.

Resilient Message Handling

Resilient handling for intermittent or reconnecting agents.

Compliance Evidence

Evidence packages for GDPR/HIPAA/SOC2-style technical reviews.

Audit & Operations Dashboard

Operator view for audit, policy, license, and runtime health.

Best for: Healthcare, finance, government, legal, any regulated industry

Not sure which tier you need? We're happy to help.

Contact Enterprise Sales Start with Core (Free)

AXCP Core SDKs

Build against the public Apache 2.0 Core implementation with SDK surfaces for Go, Python, and TypeScript. Rust remains available in the repository as an experimental telemetry adapter.

Go Reference SDK

Core v1.0 reference module
Secure Baseline Protobuf Apache 2.0

Canonical Core implementation for DID authentication, Ed25519 signing, replay validation, profile negotiation, and typed AXCP envelopes.

go get github.com/tradephantomllc/axcp-spec/sdk/go@latest
  • DID auth and signature verification
  • Profile negotiation and replay protection
  • Generated Protobuf envelope helpers
SDK Docs Examples

Python SDK

Python 3.10+ agent SDK
AI-native Async QUIC Typed

Core Python SDK for AI and ML agents: identity generation, deterministic protobuf envelopes, Secure Baseline signing, verification, timestamps, replay, and QUIC transport.

git clone https://github.com/tradephantomllc/axcp-spec.git
python3 -m pip install -e axcp-spec/sdk/python
  • Ed25519 identity and did:key derivation
  • Signing, verification, timestamp and replay checks
  • Async QUIC stream and DATAGRAM helpers
SDK Docs Examples

TypeScript SDK

Node 20.10+ integration SDK
Node TLS stream Type-safe

Typed Core SDK for Node applications with Secure Baseline parity, deterministic envelopes, signing and verification, replay checks, stream framing, and a TLS adapter.

git clone https://github.com/tradephantomllc/axcp-spec.git
cd axcp-spec/sdk/typescript && npm install && npm test
  • Type-safe envelopes and protobuf field parity
  • Shared Secure Baseline test vector
  • TLS stream transport; QUIC kept optional
SDK Docs Transport Notes

Python and TypeScript SDKs are available from the public repository today. Package-registry publication will follow the SDK release checklist; the commands above use the source tree until those packages are published.

AXCP FAQ

Direct answers for developers and technical evaluators.

What is AXCP?

AXCP (Adaptive eXchange Context Protocol) is a secure communication protocol designed for autonomous AI agents. It provides DID-based identity, Ed25519 cryptographic signatures, replay protection, and QUIC transport with TLS 1.3.

Is AXCP free to use?

Yes. AXCP Core is free and open source under the Apache 2.0 license. Advanced and Enterprise tiers add commercial capabilities for governed and regulated deployments.

What programming languages does AXCP support?

AXCP Core provides public SDKs for Go, Python, and TypeScript. Rust remains available as an experimental telemetry adapter.

How does AXCP differ from MCP or A2A?

AXCP is complementary to MCP and A2A. MCP and A2A help describe tools, resources, discovery, and coordination. AXCP focuses on secure agent-to-agent communication with DID-based identity, signed envelopes, replay protection, and typed transport.

Join Our Community

Be Part of the Future of Secure Data Exchange

AXCP is a new project with a vision to build a passionate community of security experts, developers, and privacy advocates. We're just getting started and would love for you to help shape the future of secure, efficient data exchange protocols.

We're in the early stages and building our community from the ground up.

Your contributions can make a real impact on the project's direction.

Contribute on GitHub Join Our Discord

License

Apache 2.0 (Open Source)

AXCP Core is fully open source under the Apache License 2.0. Use, modify, and distribute freely for any purpose — including commercial applications.

Three Tiers:

  • Core — Apache 2.0, free for everyone
  • 🔒 Advanced — Signed Agent Manifest, state, traffic, and bridge governance (commercial)
  • 🏢 Enterprise — audit, PII, optional DP, and compliance evidence (commercial)
  • 🚀 Open for contributions from the community
  • 💼 Commercial tiers for organizations with specialized needs
View Full License Contact for Commercial Use

We respect your privacy. This website uses minimal cookies for essential functionality and does not track personal data. By continuing to use this site, you accept our Privacy Policy and Terms of Service.

Enterprise Sales