2 min read

Agent-to-Agent (A2A) Protocol#

The A2A protocol allows VEX agents to collaborate securely across different server instances. Every inter-agent task is cryptographically verified and recorded in the Merkle audit trail.

How it Works#

  1. Discovery: Agents expose a capability card at /.well-known/agent.json.
  2. Task Creation: A requester sends a TaskRequest via POST to /a2a/tasks.
  3. Verification: The task response includes a Merkle hash of the execution trace.
  4. Polling: The requester can query status via /a2a/tasks/{id}.

Endpoints#

EndpointMethodDescription
/.well-known/agent.jsonGETCapability discovery
/a2a/tasksPOSTSubmit inter-agent task
/a2a/tasks/{id}GETCheck task status / result

Security#

The protocol uses:

  • JWT Authentication: Role-based access control for tenants.
  • Replay Protection: Nonce + timestamp validation.
  • Merkle Proofs: Ensuring the remote result hasn't been tampered with.
Enforce HTTPS

In production, the A2A protocol requires TLS. VEX will refuse to send task requests over unencrypted channels if VEX_ENV=production.

Example Request#

JSON
{
  "skill": "calculator",
  "input": {
    "expression": "24 * 42"
  },
  "nonce": "a1b2c3d4e5"
}
PreviousexamplesNextarchitecture
Was this page helpful?
Edit this page on GitHub