Overview
Production Readiness
0.7
Novelty Score
0.4
Cost Impact Score
0.7
Citation Count
3
Why It Matters For Business
Standardizing agent interfaces reduces engineering cost, improves security, and enables reusable agent services across teams and vendors.
Summary TLDR
This survey compares four emerging protocols for LLM-powered agents: MCP (JSON-RPC for secure tool/context injection), ACP (RESTful, MIME-typed multimodal messaging and session handling), A2A (agent-to-agent capability exchange using Agent Cards and SSE/push updates), and ANP (decentralized DID-based peer discovery and JSON-LD descriptions). It catalogs architectures, transport options, discovery methods, and security threats, and proposes a four-stage adoption roadmap: start with MCP for tool access, add ACP for structured messaging, adopt A2A for enterprise agent workflows, and extend to ANP for open, decentralized agent markets.
Problem Statement
LLM-driven agents need standardized ways to discover capabilities, share structured context, and securely coordinate actions. Current integrations are ad-hoc, hard to scale, and vary across vendors, creating security gaps, brittle adapters, and costly engineering work.
Main Contribution
Survey and concise comparison of four protocols: MCP, ACP, A2A, ANP
Detailed protocol descriptions (architecture, transports, discovery, security) and lifecycle threat tables
Practical phased adoption roadmap sequencing MCP → ACP → A2A → ANP
Identification of concrete security mitigations (manifest signing, JWS/JWT, TLS, DIDs)
Key Findings
Four distinct protocols target different interoperability layers
A practical adoption sequence reduces integration risk
Common lifecycle security threats recur across protocols
Protocols favor different architectures and discovery modes
Who Should Care
What To Try In 7 Days
Prototype MCP for model-to-tool calls and centralize tool manifests
Sign and version one Agent Card/manifest and host under /.well-known
Add TLS + JWS-signed message parts to an existing HTTP-based agent endpoint
Agent Features
Memory
- Session context / session IDs
- Manifest and Agent Card metadata
Planning
- Task delegation
- Session-aware workflows
- Capability negotiation
Tool Use
- Tool invocation (model-controlled tools)
- Typed function calls (JSON schemas)
Frameworks
- JSON-RPC
- HTTP/REST
- JSON-LD
- W3C DIDs
- MIME multipart messages
- Server-Sent Events (SSE)
Is Agentic
true
Architectures
- client-server (MCP)
- brokered HTTP/REST (ACP)
- peer-like client↔remote (A2A)
- decentralized P2P with DIDs (ANP)
Collaboration
- Agent discovery
- Capability / Agent Card exchange
- Artifact exchange
Optimization Features
System Optimization
- Stateless default for ACP to enable scalable load balancing
Reproducibility
Open Source Status
- partial
Risks & Boundaries
Limitations
- Survey synthesizes protocol specs and early docs; lacks large-scale empirical deployments
- Protocol specs and adoption status are evolving rapidly; details may change
- Security guidance is high-level; operator testing still required for each deployment
When Not To Use
- If you run a single monolithic app with no external tool calls, protocol adoption may add unnecessary complexity
- Do not adopt decentralized ANP if you require strict centralized control and auditability
Failure Modes
- Manifest or Agent Card spoofing leading to impersonation
- Tool or prompt injection causing unsafe model behavior
- Version drift and stale manifests breaking integrations
- Orphaned sessions or leaked tokens after shutdown
Context Entities
Models
- Function calling (OpenAI)
- RAG (retrieval-augmented generation)