The open protocol that brings discipline to AI agents.
EGAP defines the governance layer for AI agent systems through the 5AG framework — Authentication, Authorization, Audit, Approvals, and Alerts — enforced at the wire level on every agentic action.
The Problem
The governance gap in agent protocols.
AI agents are being deployed into production faster than the governance models around them are maturing. The agent protocol landscape today solves for connectivity — not accountability.
| Protocol | Author | Purpose | Governance Layer |
|---|---|---|---|
| MCP | Anthropic | Tools and context for LLMs | None specified |
| A2A | Agent-to-agent interoperability | None specified | |
| EGAP | MIRASTACK LABS | Engine-to-Agent dispatch with governance | Required |
For regulated industries — banking, healthcare, defense, government, critical infrastructure — connectivity without governance is unshippable. EGAP defines the governance layer.
What EGAP Provides
The 5AG Governance Framework. At the wire level.
EGAP is built around 5AG — the five A’s of Governance for agents. Five primitives, mandatory on every agentic action. No “unauthenticated mode,” no “skip audit” flag, no “approval bypass.”
Authentication
Cryptographically verifiable identity for every user, session, and agent. No anonymous dispatch.
Authorization
Role-based authorization scoped to the minimum required privilege. Permission scope carried on every message.
Audit
Immutable audit trails following OpenTelemetry semantic conventions. Every decision is recorded.
Approvals
Mandatory human-in-the-loop for every destructive or irreversible action. A protocol primitive, not an app convention.
Alerts
Operational alerts when an agent deviates from expected behavior. Anomaly detection at the protocol boundary.
The Specification
EGAProtocol v0.1 — at a glance.
A single normative specification. Transport-agnostic, schema-first, sovereignty-compatible. Conformance language follows RFC 2119 / RFC 8174 — MUST, SHOULD, MAY.
Transport Bindings
The protocol is defined abstractly and bound to multiple transports. Conformant implementations MUST support at least one binding.
JSON-RPC 2.0 over WebSocket
Bidirectional, human-debuggable, implementable from any mainstream language. Default binding for reference implementations.
gRPC over HTTP/2
High-throughput, strongly-typed, streaming-native. Recommended for dense intra-datacentre Engine-to-Agent fabrics.
Normative Sections
20 normative sections, 3 appendices. Every message is schema-validated before dispatch.
Governance metadata — on every message
No unauthenticated mode. No skip-audit flag. No approval bypass.
{
"method": "egap.action.dispatch",
"params": {
"permission": "WRITE",
"identity": { "user_id": "…", "agent_id": "…", "sig": "…" },
"budget": { "iterations": 12, "tools": 30, "tokens": 8000 },
"audit": { "trace_id": "…", "span_id": "…" },
"approval": { "required": true, "state": "PENDING" }
}
}Protocol Ecosystem
Designed to complement, not compete.
A production governed agent system speaks all three protocols. EGAP adds the governance layer that MCP and A2A deliberately leave out.
Model Context Protocol — Anthropic
How large language models access tools and context.
Agent-to-Agent Protocol — Google
How peer agents exchange messages and coordinate tasks.
Engine Governed Agents Protocol — MIRASTACK LABS
How an orchestration engine dispatches, monitors, and audits agent actions — with authentication, authorization, approvals, audit, and alerts enforced at the wire level.
An engine can speak MCP to fetch tools, an agent can speak A2A to coordinate with peers, and the Engine-to-Agent dispatch, approval flow, and audit trail use EGAP.
Who It's For
Built for regulated environments.
EGAP is designed for environments where an uncontrolled agentic action is measured in millions, in lives, in national security, or in public trust.
Platform Teams
Operating AI agents in BFSI, healthcare, defense, public sector, and critical infrastructure where governance is not optional.
Vendors
Building orchestration engines, agent SDKs, or agent marketplaces who need a governance contract with their customers' compliance teams.
Enterprise Architects
Defining organisational AI governance posture and needing an open standard to anchor it — one that survives vendor consolidation.
Regulators & Standards Bodies
Seeking technically verifiable, evidence-based AI governance primitives with cryptographic certainty and immutable audit records.
Researchers & Practitioners
Working on accountable, explainable, human-governed AI systems who need a concrete governance wire protocol to reason about.
What’s Next
Roadmap to v1.0.
EGAProtocol is a living open standard. Every milestone below is tracked on GitHub Milestones and advanced through the EIP process.
-
v0.1 Q2 2026
Working Draft shipped
Normative specification, 5AG Governance Framework, two transport bindings, schema-first message envelope, conformance criteria.
-
v0.2 Q3 2026
Reference Implementation planned
Open-source Go reference engine and agent SDK. Conformance-tested JSON-RPC and gRPC bindings. Published under
egaprotocol/core. -
v0.3 Q4 2026
Conformance Test Suite planned
Executable conformance harness, identity/authorization/audit test vectors, interoperability matrix for first-wave implementers.
-
v1.0 2027
Ratification & Certification targeted
Frozen wire contract. EGAProtocol Certified program for compliant engines and agents. Regulatory attestation guide for BFSI, healthcare, defense, and public sector.
Dates are targets, not guarantees. An open standard ships when it is ready. Join the discussion or subscribe for announcements.
Specification Status
EGAProtocol v0.1 is published for community review and reference implementation. The protocol is not yet ratified. Breaking changes are possible before v1.0.
All changes are proposed through the EGAProtocol Improvement Proposal (EIP) process defined in GOVERNANCE.md.
Open source. Apache License 2.0. Originally developed at MIRASTACK LABS Private Limited.
Read the Specification →