{"slug": "show-hn-agentbridge-translate-and-govern-calls-between-ai-agent-protocols", "title": "Show HN: AgentBridge – translate and govern calls between AI agent protocols", "summary": "AgentBridge, an open-source Python project, provides a neutral mesh for translating, routing, verifying, and governing calls between different AI agent protocols, including MCP, A2A, ACP, OpenAI function-calling, Gemini function-calling, and AGNTCY ACP. The working prototype includes a governance plane with Ed25519 identities, budgets, and a tamper-evident audit trail, and is available on GitHub as an early work-in-progress.", "body_md": "**One neutral mesh every agent speaks through: translate, route, verify, govern.**\nAny protocol in, any protocol out — with identity, budgets, and a tamper-evident audit trail\nbuilt into the call path.\n\n*The whole product in 12 seconds: an unknown agent blocked, six protocols reaching one live MCP tool through the mesh, budget tracked, tamper-evident audit chain verified. Reproduce with python examples/demo_story.py.*\n\nStatus: working prototype. 6 protocols live + conformance-tested against real SDKs, a governance plane, an HTTP control plane, and framework integrations.\n\n150 tests passing (156 with a Postgres DB).Business demand still being validated — this is an early, honest work-in-progress.\n\nName note:this project (`github.com/shadowhunter-92/agentbridge`\n\n) is a Pythonprotocol-translation + governance mesh. It is unrelated to other products that may share the \"AgentBridge\" name (e.g. connector-gateway SaaS at other domains). This repo is the source of truth forthisAgentBridge.\n\n[What it does](#what-it-does) · [Quick start](#quick-start) · [Talk to agents yourself](#talk-to-agents-yourself-any-protocol) · [Protocol support matrix](#protocol-support-matrix) · [Architecture](#architecture) · [Security model](#security-model) · [Framework integrations](#framework-integrations-langchain--crewai--autogen--llamaindex) · [Enterprise governance](#enterprise-governance) · [Editions & pricing](#editions--pricing-direction) · [Docs](#docs)\n\n**N-protocol mesh (any-to-any):** MCP (Anthropic), A2A (Google/LF), ACP (IBM/LF), OpenAI function-calling, Gemini function-calling, AGNTCY ACP. One canonical model → adding a protocol is one adapter, not N² mappings. Every adapter is validated against the protocol's**real official SDK**.** In-line proxy:**the bridge actually sits*between*live agents on different protocols, not just translating (see`examples/`\n\n).**Governance plane (the moat):** Ed25519 agent identities (DIDs), per-agent spend/rate budgets, human-in-the-loop approvals for sensitive capabilities, and a hash-chained tamper-evident audit trail — all**enforced in the call path** and**durable**(SQLite; Postgres-swappable).** Enterprise governance:**a declarative policy engine (cost caps, business-hours, route/ capability rules), RBAC for operators, OIDC/JWT operator SSO, and signed audit checkpoints (see`docs/ENTERPRISE.md`\n\n).**Drop-in MCP server:** point Claude Desktop / an IDE / a gateway at it to reach other protocols.**Framework integrations:** one helper lets LangChain / CrewAI / AutoGen / LlamaIndex agents reach a tool/agent on*any*protocol — they all emit OpenAI-shaped tool calls (see`docs/INTEGRATIONS.md`\n\n).\n\n```\npython -m venv .venv && .venv/Scripts/pip install -r requirements.txt   # (Windows; use bin/ on *nix)\n```\n\n**Governance is optional.** If you just want one agent/protocol to talk to another, use the\nmesh directly — no keys, no budgets, no setup:\n\n``` python\nfrom src.protocols import default_registry as reg\nfrom src.protocols.canonical import CanonicalCall\n\ncall = reg.get(\"openai\").from_canonical_call(CanonicalCall(\"add\", {\"a\": 2, \"b\": 3}))\nreg.translate_call(call, \"openai\", \"mcp\")     # -> a real MCP tools/call. That's it.\n.venv/Scripts/python examples/quickstart.py   # translate + bridge to a LIVE tool, zero governance\n```\n\nAdd identity, budgets, and a tamper-evident audit trail **only when you want them**:\n\n```\n# Run the meta-bridge control plane (mesh + governance)\nuvicorn src.api.control_plane:app          # docs at http://localhost:8000/docs\n#   set AGENTBRIDGE_ADMIN_KEY for operator endpoints; AGENTBRIDGE_DB=/path.db (or a postgres:// URL)\n\n# Or run it as a drop-in MCP server (stdio)\npython -m src.serve.mcp_gateway\n\n# Live demos (real agents on both ends)\n.venv/Scripts/python examples/live_nprotocol_proxy.py   # OpenAI/ACP -> live MCP, MCP -> live ACP\n.venv/Scripts/python examples/live_governed_proxy.py    # identity + budget + audit in action\n.venv/Scripts/python examples/policy_guardrails_demo.py # policy BLOCKS risky calls + provable audit trail\n\n# Tests\n.venv/Scripts/python -m pytest tests/ -q                # 150 passing; 156 with a Postgres DB (6 PG tests skip without one)\n```\n\nYes — you can use AgentBridge to reach an agent/tool that speaks a *different* protocol than\nyou do. That's the whole point. Give it a call in any protocol's shape; it translates and (if\nyou want) governs, then delivers to the live target and hands the result back:\n\n``` python\nimport asyncio\nfrom src.integrations import bridge_tool_call\nfrom src.proxy import transport\n\n# You \"speak\" OpenAI tool-calls; the tool lives behind MCP. Reach it anyway:\nasync def main():\n    result = await bridge_tool_call(\n        \"add\", {\"a\": 2, \"b\": 3}, to=\"mcp\",\n        invoke=lambda w: transport.call_mcp_tool(\n            \"python\", [\"examples/mcp_server_agent.py\"], w[\"params\"][\"name\"], w[\"params\"][\"arguments\"]),\n    )\n    print(result)        # -> OpenAI-shaped tool result: \"5\"\n\nasyncio.run(main())\n```\n\nSwap `to=\"mcp\"`\n\nfor `a2a`\n\n, `acp`\n\n, `gemini`\n\n, or `agntcy`\n\nto reach an agent on that protocol.\n\n**Human client (discover + talk, from the CLI).** Point it at any agent, see what it can do,\nand call it — across protocols:\n\n```\n# Discover what an agent offers (MCP tools / A2A AgentCard):\npython -m src.serve.agent_client discover --mcp \"python examples/mcp_server_agent.py\"\npython -m src.serve.agent_client discover --a2a http://localhost:9100\n\n# Call / talk to it:\npython -m src.serve.agent_client call --mcp \"python examples/mcp_server_agent.py\" --tool add --args '{\"a\":2,\"b\":3}'\npython -m src.serve.agent_client talk --a2a http://localhost:9100 --message \"hello\"\n```\n\nReaching real third-party tools (GitHub, Slack, Notion, …) works the same way — you point the\nbridge at the tool's existing **MCP server**, no connector to build. See\n[ docs/CONNECTORS.md](/shadowhunter-92/agentbridge/blob/main/docs/CONNECTORS.md) and the worked GitHub example\n(\n\n`examples/github_mcp_bridge.py`\n\n).| Protocol | Owner | Adapter | Conformance vs real SDK | Any-to-any | Live agent |\n|---|---|---|---|---|---|\nMCP |\nAnthropic | ✅ | ✅ `mcp` 1.27 (`CallToolRequestParams` ) |\n✅ | ✅ FastMCP server (stdio) |\nA2A |\nGoogle / LF | ✅ | ✅ `a2a-sdk` 0.3 (`Task` , `Message` ) |\n✅ | ✅ uvicorn agent + AgentCard |\nACP |\nIBM / BeeAI / LF | ✅ | ✅ `acp-sdk` 1.0 (`Run` , `Message` ) |\n✅ | ✅ REST `/runs` agent |\nOpenAI function-calling |\nOpenAI | ✅ | ✅ `openai` 2.x (`ChatCompletionMessageToolCall` ) |\n✅ | ✅ routed to live MCP/ACP |\nGemini function-calling |\n✅ | ✅ `google-genai` (`FunctionCall` ) |\n✅ | ✅ routed to live MCP | |\nAGNTCY ACP |\nCisco | ✅ | ✅ `agntcy-acp` (`RunCreateStateless` ) |\n✅ | ✅ routed to live MCP |\nANP |\n— | ⛔ deferred → governance plane | — | — | — |\n\n**6 call protocols, 6×6 = 36 any-to-any pairs, all green.** Adding a 7th is one adapter file +\none registry line + one conformance test. Full detail: `docs/PROTOCOL_SUPPORT.md`\n\n. ANP is an\nidentity/discovery layer, not a call protocol — it informs the governance plane, not an adapter\n(see `docs/PROTOCOL_SUPPORT.md`\n\n).\n\n```\nflowchart LR\n    subgraph clients [Agents / clients - any protocol]\n        C1[MCP client]\n        C2[A2A / ACP agent]\n        C3[OpenAI / Gemini / AGNTCY]\n    end\n    subgraph bridge [AgentBridge]\n        direction TB\n        G[Governance gateway<br/>identity · budget · approval · audit]\n        M[Canonical mesh<br/>any-to-any translation]\n        G --> M\n    end\n    subgraph targets [Target agents / tools - any protocol]\n        T1[live MCP tool]\n        T2[live A2A / ACP agent]\n    end\n    C1 & C2 & C3 -->|signed call| G\n    M -->|translated + governed| T1 & T2\n    OP[Operator] -->|admin API| G\n```\n\nEvery call enters the **governance gateway** (verify identity → reserve budget → check\napproval), is translated through the **canonical mesh** (any protocol → any protocol), is\ndelivered to the target agent, then committed and written to a tamper-evident audit log.\n\n`src/protocols/`\n\n— canonical hub + per-protocol adapters (the mesh)`src/governance/`\n\n— identity, audit, budgets, approvals, policy, gateway, persistence (the moat)`src/proxy/`\n\n— real transport clients + in-line proxy`src/api/control_plane.py`\n\n— the shipped HTTP API (mesh + governed routing, authenticated)`src/serve/mcp_gateway.py`\n\n— drop-in MCP server packaging\n\n**Deployment topology:** run it as a drop-in **MCP server** (per-developer), as a central\n**control-plane API** (team), or inline as a **proxy** between agents. See `docs/DEPLOYMENT.md`\n\n.\nPerformance overhead is measured in `docs/BENCHMARKS.md`\n\n.\n\n**Operator endpoints** require an admin key (`X-Admin-Key`\n\n) or — with OIDC configured — an IdP bearer token; every endpoint is**RBAC-enforced**(admin/operator/viewer).** Agent endpoints**require Ed25519** signed requests**(`X-Agent-Id`\n\n/`X-Nonce`\n\n/`X-Signature`\n\n) with nonce replay protection. Identities can be revoked.**Per-IP rate limiting** on`/control/*`\n\n(blunts admin-key brute force;`AGENTBRIDGE_RATE_LIMIT`\n\n).- Audit is hash-chained and tamper-evident; export via\n`/control/audit/export`\n\n.\n\nChosen from `AGENTBRIDGE_DB`\n\n: unset → in-memory; a file path → SQLite (single node);\na `postgres://`\n\nURL → Postgres (multi-instance; `pip install \"psycopg[binary]\"`\n\n).\n\nThe audit-chain append and budget reserve/commit are **atomic store-side operations** (SQLite\n`BEGIN IMMEDIATE`\n\n/ Postgres advisory locks), so **multiple workers/replicas are safe when they\nshare a durable store** — the chain can't fork and budgets can't double-spend\n(`tests/test_concurrency.py`\n\nproves it across separate connections + threads). Use the in-memory\nstore for single-worker/dev only. See `docs/ENTERPRISE.md`\n\n→ *Concurrency & scaling*.\n\nThese frameworks all emit OpenAI-shaped tool calls, so **one helper** lets any of them reach a\ntool/agent on *any* protocol through the bridge — zero new dependencies:\n\n``` python\nfrom src.integrations import bridge_tool_call\n# inside a LangChain/CrewAI/AutoGen tool:\nresult = await bridge_tool_call(\"add\", {\"a\": 2, \"b\": 3}, to=\"mcp\", invoke=your_transport)\n```\n\nPer-framework wrapping recipes (LangChain `StructuredTool`\n\n, CrewAI `@tool`\n\n, AutoGen function,\nLlamaIndex `FunctionTool`\n\n) are in `docs/INTEGRATIONS.md`\n\n.\n\nReal, tested controls enterprises ask for — all live over the control-plane HTTP API:\n\n**Declarative policy engine**— per-call cost caps, approval-above-cost, capability allow/deny, business-hours-only, blocked protocol routes (`POST /control/policy/rules`\n\n).**RBAC**—`admin`\n\n/`operator`\n\n/`viewer`\n\nroles → permissions, enforced per endpoint.**OIDC / JWT operator SSO**— verify an IdP token (Okta/Azure AD/Auth0/Keycloak), role claim → RBAC role; replaces the shared admin key.** Signed audit checkpoints**— third-party-verifiable proof the audit log wasn't truncated; JSONL export feeds SIEMs (Splunk/Datadog/S3).\n\nFull usage + code: `docs/ENTERPRISE.md`\n\n. (Honestly *not* shipped as code: managed hosting and\nSOC 2 — those are operations and an audit process, not a library feature.)\n\n*Governance in the call path: a policy blocks a forbidden capability, an over-budget call, and\na needs-approval call — then a hash-chained, integrity-verified audit trail of every allow/deny.\nThis is what EU AI Act Article 12 (automatic event logging for high-risk AI, from Aug 2026) looks\nlike at runtime. Reproduce with python examples/policy_guardrails_demo.py.*\n\n▶ **Watch the 54-second explainer** (motion graphics + voiceover):\n[shadowhunter-92.github.io/agentbridge/media/explainer.html](https://shadowhunter-92.github.io/agentbridge/media/explainer.html)\n— source: [ media/explainer.html](/shadowhunter-92/agentbridge/blob/main/media/explainer.html).\n\nOpen-core: the mesh + basic governance are free and self-hostable (Apache 2.0). Monetization is hosted governance/compliance, not the translation (which is commoditizing). Indicative tiers (hypotheses to validate with customers, not live products):\n\n| Edition | Who | What | Price (hypothesis) |\n|---|---|---|---|\nOSS core |\nbuilders | mesh + basic governance + drop-in MCP server, self-host | $0 |\nPro / Team |\nstartups | hosted control plane, dashboard, persistence, support | ~$99–499/mo |\nBusiness |\nscale-ups | RBAC/SSO, cost analytics, alerts, SLA | ~$1k–5k/mo |\nCompliance |\nregulated (finance/health/HR) | EU-AI-Act audit pack, signed export, DPA | ~$2k–10k+/mo |\n\nDetail + the demand-gated roadmap: `docs/ROADMAP.md`\n\n.\n\n`docs/DEPLOYMENT.md`\n\n— how to run it, configure it, and the honest production checklist`docs/API_REFERENCE.md`\n\n— the control-plane HTTP endpoints`docs/INTEGRATIONS.md`\n\n— wire LangChain / CrewAI / AutoGen / LlamaIndex to any protocol`docs/CONNECTORS.md`\n\n— reach GitHub / Slack / Notion / … via their MCP servers (no connectors to build)`docs/ENTERPRISE.md`\n\n— policy engine v2, RBAC, OIDC SSO, signed audit checkpoints`docs/ROADMAP.md`\n\n— what's done, known limitations, and what's deferred (honest)`docs/PROTOCOL_SUPPORT.md`\n\n— the protocol support matrix + conformance approach`docs/LIVE_AGENT_TESTING.md`\n\n— how the bridge is tested against real, running agents`docs/PROTOBUF_A2A.md`\n\n— notes on A2A's JSON-RPC vs protobuf wire formats`docs/BENCHMARKS.md`\n\n— measured in-process overhead (reproduce with`tools/benchmark.py`\n\n)`CONTRIBUTING.md`\n\n— setup, ground rules, and the add-a-protocol recipe`AI_DISCLOSURE.md`\n\n— transparency on AI-assisted development\n\nApache 2.0", "url": "https://wpnews.pro/news/show-hn-agentbridge-translate-and-govern-calls-between-ai-agent-protocols", "canonical_source": "https://github.com/shadowhunter-92/agentbridge", "published_at": "2026-06-15 05:02:32+00:00", "updated_at": "2026-06-15 05:42:07.450560+00:00", "lang": "en", "topics": ["ai-agents", "ai-infrastructure", "ai-tools", "ai-ethics", "developer-tools"], "entities": ["AgentBridge", "Anthropic", "Google", "IBM", "OpenAI", "LangChain", "CrewAI", "AutoGen"], "alternates": {"html": "https://wpnews.pro/news/show-hn-agentbridge-translate-and-govern-calls-between-ai-agent-protocols", "markdown": "https://wpnews.pro/news/show-hn-agentbridge-translate-and-govern-calls-between-ai-agent-protocols.md", "text": "https://wpnews.pro/news/show-hn-agentbridge-translate-and-govern-calls-between-ai-agent-protocols.txt", "jsonld": "https://wpnews.pro/news/show-hn-agentbridge-translate-and-govern-calls-between-ai-agent-protocols.jsonld"}}