EU regulatory compliance as a protocol primitive for AI agents.
AI agents are being deployed across finance, agriculture, healthcare, and government — negotiating contracts, processing claims, and making decisions that affect real people. But no existing agent protocol handles EU regulatory compliance at the wire level.
ARSIA Protocol embeds compliance into the message envelope — the same way TLS moved encryption to the transport layer. Every message carries identity, audit obligations, data residency, human oversight mode, and regulatory basis as first-class fields. The protocol sits above MCP and A2A as a compliance layer — it doesn't replace them, it makes them audit-ready.
{
"v": "1.0",
"from": "agent:acme.risk-assessor",
"to": "agent:acme.compliance-checker",
"intent": "request",
"compliance": {
"profile": "MIFID-II",
"retention_days": 1827,
"data_residency": "EU",
"human_oversight": "required_before_execution",
"audit_required": true,
"pii_involved": true,
"legal_basis": "contract"
},
"security": {
"alg": "EdDSA",
"kid": "agent:acme.risk-assessor#key-1",
"sig": "..."
}
}The protocol follows a 5+1 architecture: one foundational spec — Core — and five domain primitives that spell the name.
| Spec | Domain | Description |
|---|---|---|
| ARSIA-Core | Foundation | Message envelope, EdDSA signing, discovery, authorization, compliance field, transport |
| ARSIA-Actions | Actions | Capabilities, human oversight, explainability, action registry |
| ARSIA-Routing | Routing | Message routing, broker topology, data residency enforcement |
| ARSIA-State | State | State lifecycle, GDPR obligations, compliance profiles, audit trail |
| ARSIA-Identity | Identity | Agent identity, certificates, trust levels, 6-phase onboarding |
| ARSIA-Assets | Assets | Transaction validation, escrow, MiFID II / DORA / PSD2 controls |
Seven normative profiles map EU regulation directly to protocol fields:
| Profile | Regulation | Retention | Human Oversight | Audit |
|---|---|---|---|---|
GDPR-STANDARD |
GDPR Art. 5, 6 | Per operator | Not required | Optional |
EU-AI-ACT-HIGH-RISK |
EU AI Act Art. 13, 14, 17, 26 | 180 days | Required before execution | Required |
EU-AI-ACT-LIMITED-RISK |
EU AI Act Art. 50 | 90 days | Not required | Required |
MIFID-II |
MiFID II Art. 16(7), DORA, PSD2 | 1827 days (5 years) | Required before execution | Required |
PAC-AGRICULTURE |
CAP Reg. 2021/2116 | 1096 days (3 years) | Required post-execution | Required |
DSA-VLOP |
DSA Art. 15, 34, 37, 40, 42 | 730 days (2 years) | Required within 24h | Required |
DORA |
DORA Art. 5, 17, 19, 28 | 1827 days (5 years) | Required within 24h | Required |
Source: arsia-compliance-profiles.json — defined normatively in ARSIA-State §6.
The protocol is fully machine-verifiable. 31 JSON Schemas (Draft 2020-12) validate every structure defined in the specs. 613 test vectors (514 valid, 99 invalid, 73 runtime-only) provide cross-implementation validation with real Ed25519, ES256, and RS256 cryptography. 9 test keypairs are published in keypairs.json.
See schemas/ and test-vectors/ for details.
docs/FAQ.md— Frequently Asked Questions: design rationale and decision explanations
ARSIA Protocol is not a competitor to MCP or A2A — it's a complement.
┌─────────────────────────────────────────────────┐
│ Your Application │
├─────────────────────────────────────────────────┤
│ ARSIA Protocol — compliance, identity, audit │
├─────────────────────────────────────────────────┤
│ A2A — agent-to-agent communication │
├─────────────────────────────────────────────────┤
│ MCP — tool & data access │
├─────────────────────────────────────────────────┤
│ Infrastructure — LLMs, cloud, databases │
└─────────────────────────────────────────────────┘
The specification is in draft. We welcome contributions — see CONTRIBUTING.md for guidelines and CLA.md for the Contributor License Agreement. Feedback via GitHub Issues.
The ARSIA Protocol specification (specs, schemas, compliance profiles, RTMs, and test vectors) is licensed under CC BY-SA 4.0 — this specification may be freely implemented by anyone, with attribution. Implementing this specification in software does not create a derivative work; you may license your implementation under any terms.
Reference implementation code, scripts, and CI workflows are licensed under BSL 1.1, converting to Apache 2.0 after four years.
See LICENSE-SPEC.md and LICENSE-CODE.md for details.
Certain methods described in Arsia Labs (Arsia Tecnologia Unipessoal Lda) product implementations are subject to pending patent applications. The specification license (CC BY-SA 4.0) does not grant patent rights. See LICENSE-SPEC.md for details.
ARSIA Protocol (arsiaprotocol.org) | by Arsia Labs