| Internet-Draft | µACP | December 2025 |
| Mallick & Chebolu | Expires 13 June 2026 | [Page] |
This document specifies the Micro Agent Communication Protocol (µACP), a resource-efficient messaging protocol for autonomous agents operating on constrained devices (Class 1 IoT devices per [RFC7228]). Existing agent communication protocols assume unbounded computational and energy resources; µACP provides formal guarantees on memory, energy, and bandwidth consumption while maintaining expressiveness sufficient for finite-state coordination patterns. The protocol defines four core message types, a fixed 64-bit header, TLV-based extensibility, and mandatory OSCORE security binding for operation in adversarial environments.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 13 June 2026.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
The Micro Agent Communication Protocol (µACP) is a compact, resource-efficient communication protocol designed for distributed autonomous agents operating on constrained devices. It aims to bridge the gap between resource-light IoT protocols and semantically rich agent communication languages, by offering minimal overhead yet expressive interaction semantics.¶
Modern IoT, edge, and embedded environments often involve devices with limited RAM, CPU, energy, and unreliable or low-bandwidth networks. At the same time, many distributed applications — from sensor networks and robotics swarms to multi-agent systems and edge-native microservices — require coordination, state sharing, event subscriptions, request/response semantics, and lightweight negotiation. Existing protocols are often unsuited:¶
µACP addresses this by defining a wire-efficient, fixed-header, TLV-extensible protocol that offers exactly four core verbs — PING, TELL, ASK, and OBSERVE — which together are sufficient to express common interaction patterns such as request/response, publish/subscribe, and liveness checking. The protocol is designed so that implementations can remain lean, deterministic in resource consumption, and suitable for microcontroller-class devices, while still supporting structured multi-agent interactions.¶
Because security, confidentiality, and integrity are essential for many deployments (especially those involving sensitive data, distributed control, or untrusted networks), this specification mandates the use of the object-security mechanism defined by the IETF as the mandatory-to-implement transport binding: namely, the combination of CoAP (as the transport substrate) with OSCORE (for application-layer message protection) over constrained or lossy links. This ensures that even devices with limited resources can securely exchange µACP messages while preserving end-to-end confidentiality, integrity, and replay protection [RFC8613].¶
Working Group Engagement: This document is submitted as an Independent Submission to the IETF. The authors welcome feedback from relevant working groups, particularly the Constrained RESTful Environments (CoRE) working group and the Light-Weight Implementation Guidance (LWIG) working group, and are open to transitioning this work to a working group if there is community interest and consensus.¶
This specification defines the wire format, core semantics, normative behavior, mandatory transport binding, security constraints, and IANA registries required for interoperable implementations. It does not specify or mandate application-level semantics (e.g., content encoding, agent ontology, high-level negotiation logic), which are left to deployment-specific or higher-layer protocols. Implementers are free to choose content encoding (e.g., CBOR, JSON), TLV usage, and higher-level behavior, provided they adhere to the normative parts of this document.¶
This document is primarily intended for:¶
µACP's transport binding leverages established IETF standards: CoAP as the constrained-device transport substrate [RFC7252], and OSCORE for end-to-end object security across constrained networks and proxies [RFC8613]. OSCORE is itself designed for constrained RESTful environments and provides confidentiality, integrity, and replay protection for CoAP messages using COSE [RFC8949].¶
Compared to heavier agent-communication languages (e.g., FIPA-ACL), µACP trades semantic depth for minimalism and resource efficiency. Compared to plain CoAP or MQTT-style protocols, µACP brings structured agent-oriented primitives while preserving low overhead and deterministic resource usage. The TLV extensibility mechanism ensures future content- or metadata-level enhancements without invalidating base interoperability.¶
The remainder of this document is organized as follows:¶
- Section 2 defines conventions and terminology.¶
- Section 3 describes the µACP message model and wire encoding rules.¶
- Section 4 defines the protocol semantics of the four core verbs (PING, TELL, ASK, OBSERVE).¶
- Section 5 defines the mandatory transport binding using CoAP/OSCORE, including mapping rules, security profile, and operational constraints.¶
- Section 6 defines error handling rules, version negotiation, and extensibility mechanisms.¶
- Section 7 defines the IANA registries (TLV Types, QoS codes, content-format) and related registration policies.¶
- Section 8 provides normative interoperability requirements and deployment guidelines.¶
- Section 9 describes security considerations and threat mitigation strategies.¶
- Section 10 provides example interactions and wire-level encodings.¶
- Appendices contain deployment notes, conformance test descriptions, change log, and reference implementation pointers.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when they appear in ALL CAPS. These words may also appear in lowercase or mixed case as plain English words, absent their normative meanings.¶
The following terms are used throughout this document:¶
This document uses the following notation conventions:¶
The following abbreviations are used in this document:¶
This section defines the normative wire-level encoding of µACP messages, including the fixed header, TLV format, payload processing rules, byte ordering, and OSCORE protection boundaries. All compliant implementations MUST follow these encoding rules exactly unless otherwise specified.¶
A µACP message consists of three components encoded in the following order:¶
+----------------------+----------------------+-------------------------+ | Header (64b) | TLVs (0..1024 B) | Payload (0..65535 B) | +----------------------+----------------------+-------------------------+
The header format is fixed-length and MUST always appear. TLVs and payloads are optional. Messages MUST NOT exceed transport-imposed size limits; for CoAP/OSCORE, these limits are determined by underlying MTU constraints and CoAP Blockwise Transfer (RFC 7959) if used.¶
All fields are encoded in network byte order (big-endian).¶
The µACP header consists of 64 bits arranged as follows:¶
0 7 8 15 16 23 +---------------------+---------------------+--------------------+ | Sequence ID | Correlation ID | QoS |Verb| Flags | +---------------------+---------------------+--------------------+ 24 63 +--------------------------------------------------------------+ | Reserved (40 bits) | +--------------------------------------------------------------+
Sequence ID (16 bits): Monotonically increasing identifier used for duplicate detection and replay-window tracking. MUST wrap modulo 2^16. MUST be unpredictable if security-sensitive traffic requires preventing traffic analysis.¶
Correlation ID (16 bits): Identifies all messages belonging to the same conversation. MUST be unique among active conversations. SHOULD be randomly generated in security-sensitive deployments.¶
QoS (2 bits): Encodes transmission semantics (fire-and-forget, at-least-once, at-most-once). Values are defined in the IANA Considerations section.¶
Verb (2 bits): Identifies one of the four µACP operations: PING(0), TELL(1), ASK(2), OBSERVE(3).¶
Flags (4 bits): Control bits reserved for protocol-level features such as fragmentation, retransmission hints, or message cancellation. Future specifications MAY define additional meanings.¶
Reserved (40 bits): MUST be set to zero on transmission. MUST be ignored by receivers. Reserved bits MAY be repurposed by future µACP versions but MUST NOT change meaning in this version.¶
TLVs (Type–Length–Value structures) convey optional metadata and extensibility information. They appear immediately after the header and MUST appear in Type-increasing order to allow binary search and deterministic parsing.¶
0 7 8 15 +----------+-----------+------------------------------+ | Type | Length | Value (Length octets) | +----------+-----------+------------------------------+
Type (8 bits): TLV identifier. The meaning of each Type is defined in the IANA registry. Types 0–31 are reserved and governed by Standards Action. Types 32–127 require IETF Review. Types 128–255 are vendor-specific.¶
Length (8 bits): Specifies the number of octets in the Value field. Length MUST NOT exceed 255. TLVs MUST NOT cause the total TLV region to exceed 1024 bytes.¶
Value: Encoded according to Type. For Types other than 0x00 (Raw Octets), the Value is subject to OSCORE protection (Section 5).¶
Critical TLVs: A future TLV Type range MAY designate critical TLVs. Receiving an unknown critical TLV MUST cause message rejection.¶
Receivers MUST apply the following rules when processing TLVs:¶
The µACP payload is an optional octet string of 0–65535 bytes. Its semantics depend on the Verb and the application layer. Payloads are typically used for:¶
Payloads MUST be OSCORE-protected unless the message Verb is PING. Payload sizes MUST be validated before allocation to avoid resource exhaustion.¶
If the payload is encoded using CBOR (Type=0x03), receivers MUST treat it as a single CBOR data item. If the payload is JSON (Type=0x02), it MUST be UTF-8 encoded.¶
All multi-octet integer fields in µACP (Sequence ID, Correlation ID, header composites) MUST be encoded in network byte order (big-endian). TLV and payload content MAY use other encoding rules (e.g., CBOR or UTF-8) as determined by their Types.¶
µACP itself does not mandate fragmentation. When implemented, fragmentation MUST be controlled by Flags in the header and MUST operate in a deterministic, resource-bounded manner.¶
This specification defines the following fragmentation requirements:¶
Deployments using CoAP Blockwise Transfer (RFC 7959) SHOULD avoid µACP-level fragmentation to minimize complexity.¶
When µACP is transported over CoAP with OSCORE, the OSCORE-protected CoAP payload MUST contain the complete µACP message (Header | TLVs | Payload). The OSCORE security context determines integrity, confidentiality, and replay parameters.¶
The following MUST be protected by OSCORE:¶
Implementations MUST NOT leak semantics (e.g., Verb, QoS) through the CoAP outer header beyond what OSCORE permits.¶
To ensure interoperability and deterministic parsing, µACP defines the following canonical encoding rules:¶
These rules ensure that µACP messages can be compared as byte strings and efficiently parsed on constrained devices.¶
This section defines the normative semantics of the four µACP verbs: PING, TELL, ASK, and OBSERVE. Each verb represents a fundamental communication primitive intended to support higher-level agent behaviors, including liveness detection, request/response interactions, state dissemination, and event-driven notification.¶
Agents MUST implement all four verbs. Agents MUST apply OSCORE protection to all messages except PING, unless an application explicitly operates in an unauthenticated environment.¶
For each verb, this section defines sender behavior, receiver behavior, state-machine interactions, mandatory error cases, and expected processing-time bounds.¶
PING provides a low-cost, minimal-overhead mechanism for reachability and liveness detection. PING messages MUST NOT carry OSCORE-protected content. PING messages MAY include Raw-Octet TLVs (Type=0x00) but MUST NOT include any TLVs requiring confidentiality or integrity.¶
TELL conveys information, updates, or asynchronous notifications. TELL is the primary mechanism for distributing state and for responding to ASK messages.¶
TELL messages MUST be OSCORE-protected unless the deployment explicitly allows an unauthenticated mode.¶
ASK initiates a request for information or action. ASK is analogous to a query, command, or method invocation, and typically elicits a TELL response.¶
ASK messages MUST be OSCORE-protected.¶
OBSERVE establishes a subscription for future notifications. It is analogous to a publish/subscribe registration but scoped to a single peer.¶
OBSERVE messages MUST be OSCORE-protected.¶
Subscription cancellation is performed when a TELL or OBSERVE message carries a Cancel-Subscription TLV (Type=0xFF). Upon cancellation:¶
The following summarizes the semantic requirements of each verb:¶
Agents MUST NOT overload verbs with incompatible semantics. All application-defined behaviors MUST build upon these primitives in a manner that preserves µACP’s resource and security guarantees.¶
This section defines the mandatory-to-implement (MTI) transport binding for µACP: the combination of the Constrained Application Protocol (CoAP) as the transport substrate and OSCORE as the end-to-end object security mechanism. All compliant µACP implementations MUST support this binding.¶
Deployments MAY support additional bindings (e.g., DTLS/UDP or QUIC) but such bindings are outside the scope of this specification and MUST NOT weaken or replace the OSCORE/CoAP MTI profile.¶
Each µACP message (Header | TLVs | Payload) is encoded as a byte string and placed entirely within the CoAP message payload. Only OSCORE-protected CoAP messages may carry µACP messages (except PING, which MAY be unprotected under specific deployment configurations).¶
µACP messages MUST use the following CoAP message structure:¶
This yields the canonical envelope:¶
+-------------------------------+ | CoAP Header (CON/NON) | +-------------------------------+ | Uri-Path: "muacp" | +-------------------------------+ | Content-Format: muacp+binary| +-------------------------------+ | OSCORE Option | +-------------------------------+ | Ciphertext Payload | | (encapsulated µACP message) | +-------------------------------+
Each µACP message corresponds to exactly one CoAP POST. For request/response interactions (ASK → TELL), CoAP confirmable/non-confirmable messages MAY be used depending on QoS requirements.¶
All µACP messages except PING MUST be protected using OSCORE. OSCORE provides confidentiality, integrity, and replay protection independent of the transport layer.¶
OSCORE MUST protect the following elements:¶
OSCORE replay protection MUST be enabled. Implementations MUST configure replay windows to match expected message rate and resource constraints.¶
OSCORE MUST use a unique security context per agent-pair. Context reuse between unrelated peers is prohibited.¶
Security contexts for OSCORE MAY be derived by any of the following methods:¶
When EDHOC is used, the resulting OSCORE context MUST be bound to the EDHOC handshake transcript to prevent identity misbinding attacks.¶
µACP builds upon CoAP reliability semantics to achieve its QoS model. Implementations MUST map µACP QoS codes to CoAP message types as follows:¶
| µACP QoS | Meaning | CoAP Message Type |
|---|---|---|
| 0 | fire-and-forget | NON (Non-confirmable) |
| 1 | at-least-once delivery | CON (Confirmable) |
| 2 | at-most-once delivery | NON (No retransmission) |
CoAP-level acknowledgments MUST NOT be interpreted as µACP-level responses. Application responses are always encoded as TELL messages.¶
ASK messages MUST be sent as CoAP POST requests. Corresponding TELL responses MUST be sent as CoAP responses. OSCORE MUST protect both directions.¶
The Correlation ID uniquely links the ASK with the TELL response. CoAP Message IDs MUST NOT be used for application correlation.¶
Receivers MUST respond with a TELL message even when requests fail, using an Error TLV to describe failure conditions.¶
Agent A Agent B
------- -------
POST /muacp (ASK, OSCORE) ---------->
<---------- 2.04 Changed (TELL, OSCORE)
OBSERVE establishes a long-lived subscription. Subscriptions are maintained by application logic and do NOT rely on CoAP’s Observe extension (RFC 7641). µACP defines its own subscription model, independent of CoAP's Observe option.¶
OBSERVE MUST be mapped as:¶
Implementations MUST NOT use CoAP Observe for µACP subscriptions, to avoid semantic conflicts.¶
All µACP-over-CoAP deployments MUST implement congestion control to prevent network collapse and unfair bandwidth usage.¶
Agents MUST adhere to the following rules:¶
When Blockwise Transfer (RFC 7959) is used, agents MUST ensure block sizes do not exceed memory limits.¶
Transport errors such as CoAP timeouts, OSCORE decryption failures, or missing acknowledgments MUST be translated into µACP-level behavior rather than silently ignored.¶
Specifically:¶
All compliant µACP implementations MUST:¶
This binding ensures interoperability across all µACP implementations and establishes a minimum security baseline for deployments.¶
This section defines the normative error-handling rules for µACP, the version-negotiation mechanism, downgrade protection requirements, and the extensibility framework provided by the TLV architecture. Proper handling of malformed messages, incompatible versions, and future extensions is essential for interoperability and robustness.¶
All protocol-level errors MUST be communicated using a TELL message that includes an Error-Code TLV. Error codes are encoded as unsigned integers and MUST follow the registry defined in the IANA Considerations section.¶
Type: 0x22 (Error-Code, see IANA registry) Length: 1 or 2 octets Value: Integer error code
The sender MUST set the Correlation ID of the error response to match the ID of the failing message. Receivers MUST interpret the error code as part of the µACP conversation state.¶
The following error codes are defined for µACP:¶
| Code | Name | Description |
|---|---|---|
| 0x01 | ERR_MALFORMED | Malformed header, TLV, or payload. |
| 0x02 | ERR_UNSUPPORTED_VERB | Verb not recognized or not supported by receiver. |
| 0x03 | ERR_UNSUPPORTED_TLV | Critical TLV not understood. |
| 0x04 | ERR_FORBIDDEN | Operation not permitted due to policy or authorization. |
| 0x05 | ERR_RESOURCE_EXHAUSTED | Memory, CPU, or subscription/conversation limits exceeded. |
| 0x06 | ERR_VERSION_MISMATCH | Message uses unsupported protocol version. |
| 0x07 | ERR_TIMEOUT | Sender or receiver timed out while waiting for a response. |
| 0x08 | ERR_INTERNAL | Internal failure not covered by other error categories. |
Implementations MAY define additional vendor-specific error codes in the vendor range but MUST NOT redefine standardized codes.¶
Receivers MUST apply strict validation to protect against malformed messages and resource attacks. Specifically:¶
Where feasible, a receiver SHOULD send a TELL(error) message to report failure, unless doing so would amplify a denial-of-service attack.¶
Conversations MAY fail due to timeouts, resource limits, or message corruption. When such failures occur:¶
Conversations MUST be terminated when Correlation IDs collide.¶
µACP includes a Version field in the TLV space to allow forward compatibility. A Version-TLV (Type=0x01) MAY be included in any message to indicate the sender’s supported protocol versions.¶
Type: 0x01 (Version) Length: N (number of supported versions) Value: Array of version numbers (e.g., [0x00])
Receivers MUST ignore Version-TLVs indicating versions higher than supported. Receivers MUST accept messages labeled as version 0x00 (this specification) unless malformed.¶
If a message indicates only unsupported versions, the receiver MUST return ERR_VERSION_MISMATCH.¶
Implementations MUST ensure that attackers cannot force a peer to use a lower protocol version when a higher mutually supported version is available.¶
Specifically:¶
µACP is designed to evolve through extensible mechanisms based on TLVs. The following constraints ensure future versions remain interoperable:¶
Complex or multi-field extensions SHOULD define new structured TLVs rather than overloading primitive types.¶
This section can be summarized as follows:¶
These requirements ensure that µACP remains robust, extensible, and secure across diverse deployments.¶
This section requests the creation of new registries and assignments required for µACP to function as an interoperable Internet protocol. All registries use the policies defined in [RFC8126]. Unless otherwise stated, values are allocated using the "IETF Review" policy.¶
IANA is requested to create a new registry entitled "µACP TLV Types". The registry consists of 8-bit values (0–255). Each entry MUST contain:¶
The range is divided as follows:¶
IANA is requested to populate the registry with the initial values below:¶
| Value | Name | Description | Format | Reference |
|---|---|---|---|---|
| 0x00 | RAW_OCTETS | Unstructured data; MUST NOT appear in encrypted messages except PING. | Opaque | This document |
| 0x01 | VERSION | Advertised supported protocol versions. | Array of integers | This document |
| 0x02 | CONTENT_TYPE | Specifies payload encoding. | Integer | This document |
| 0x03 | CBOR_PAYLOAD | Payload encoded as CBOR. | CBOR data item | This document |
| 0x20 | TOPIC | Subscription topic for OBSERVE. | UTF-8 string | This document |
| 0x21 | CONDITION | Trigger condition for OBSERVE. | UTF-8 or CBOR | This document |
| 0x22 | ERROR_CODE | Error code returned in TELL(error). | Integer | This document |
| 0xFF | CANCEL_SUBSCRIPTION | Explicit termination of OBSERVE subscription. | Empty | This document |
Future extensions MUST NOT assign new semantics to existing TLV values.¶
IANA is requested to create a registry entitled "µACP QoS Codes". QoS is encoded as a 2-bit field in the header (values 0–3).¶
| Value | Name | Description | Reference |
|---|---|---|---|
| 0 | FIRE_AND_FORGET | No reliability; mapped to CoAP NON. | This document |
| 1 | AT_LEAST_ONCE | Retransmissions required; mapped to CoAP CON. | This document |
| 2 | AT_MOST_ONCE | No retransmission; mapped to CoAP NON. | This document |
| 3 | RESERVED | Reserved for future use. | This document |
IANA is requested to create a registry entitled "µACP Verb Codes". Verb values occupy 2 bits but are listed numerically (0–3).¶
| Value | Name | Description | Reference |
|---|---|---|---|
| 0 | PING | Liveness probe. | This document |
| 1 | TELL | State update, notification, or response. | This document |
| 2 | ASK | Request for information or action. | This document |
| 3 | OBSERVE | Subscription to events or state changes. | This document |
IANA is requested to create a registry entitled "µACP Error Codes" consisting of integers 0–255.¶
The initial contents are listed in the Error Handling section. The assignment policy for values 0–127 is IETF Review. Values 128–255 are vendor-specific and use the "First Come First Served" policy.¶
IANA is requested to register the following CoAP Content-Format:¶
| Name | Media Type | Encoding | ID | Reference |
|---|---|---|---|---|
| application/muacp+binary | application/muacp+binary | Binary | TBD (to be assigned by IANA) | This document |
This Content-Format is mandatory for all µACP-over-CoAP messages.¶
Note: The Content-Format ID value marked as "TBD" will be assigned by IANA during the IESG review process, prior to publication of this document as an RFC. The assignment will follow the "IETF Review" policy as specified in [RFC8126].¶
IANA is requested to register the following media type in the "application" registry:¶
Type name: application
Subtype name: muacp+binary
Required parameters: none
Optional parameters: none
Encoding considerations: binary
Security considerations: See Security Considerations section.
Interoperability considerations: Defined by TLV and header structure.
Published specification: This document.
Intended usage: COMMON
Author/Change controller: IETF
¶
IANA is requested to register the following CoAP Well-Known URI:¶
| URI | Description | Reference |
|---|---|---|
| /.well-known/muacp | Discovery resource indicating µACP support. | This document |
A CoAP GET to /.well-known/muacp SHOULD return a CBOR structure describing supported TLVs, maximum sizes, and supported versions.¶
IANA is requested to:¶
These actions enable interoperable deployment of µACP across implementations and ensure long-term extensibility under IETF governance.¶
This section defines the normative finite-state machines (FSMs) governing the behavior of µACP conversations, including request/response cycles (ASK/TELL), subscriptions (OBSERVE), and health checks (PING). Implementations MUST implement the FSMs defined here to ensure deterministic, interoperable behavior across devices and deployments.¶
State machines are expressed using ASCII-art diagrams with labeled transitions and MUST be interpreted normatively. When timing behavior is required, timers MUST be implemented with bounded CPU and memory overhead suitable for constrained devices.¶
Agents operate according to a deterministic event loop:¶
Agents MUST support at least 64 concurrent conversations and MUST reject new conversations if resource ceilings are exceeded (ERR_RESOURCE_EXHAUSTED).¶
The ASK/TELL FSM governs synchronous (or quasi-synchronous) exchanges where one party issues a request and the peer returns a response. ASK MUST initiate a conversation. TELL completes it.¶
+-----------------+
| IDLE |
+-----------------+
|
| (send ASK)
v
+-----------------+
| WAIT_RESP |
+-----------------+
| ^
(recv TELL) | | (timeout; QoS=1)
v |
+-----------------+
| COMPLETED |
+-----------------+
(cleanup) --> returns to IDLE
State definitions:¶
WAIT_RESP: ASK has been sent; awaiting TELL.¶
COMPLETED: Final state.¶
Receiver behavior is symmetric: upon receiving ASK, it enters a SERVE_REQ transient state, computes a response, and emits a TELL message. Errors (malformed request, unauthorized action, resource exhaustion) MUST produce a TELL(error) instead of silence.¶
PING serves as a minimal liveness check. PING does not create long-lived conversation state and SHOULD remain extremely lightweight.¶
+--------+
| IDLE |
+--------+
|
| send PING
v
+--------------+
| WAIT_PONG |
+--------------+
| ^
recv TELL| | timeout (SHOULD NOT retransmit)
v |
+--------------+
| COMPLETED |
+--------------+
Key requirements:¶
OBSERVE establishes a long-lived subscription used for event-driven communication. Subscription state MUST be explicitly tracked and MUST enforce resource ceilings.¶
+----------------+
| NO_SUB |
+----------------+
|
| (recv OBSERVE)
v
+----------------+
| SUBSCRIBED |
+----------------+
|
| (event trigger)
v
+----------------+
| NOTIFY (TELL) |
+----------------+
|
| (recv CANCEL_SUB)
v
+----------------+
| TERMINATED |
+----------------+
cleanup → NO_SUB
State definitions:¶
SUBSCRIBED: Active subscription.¶
NOTIFY: When trigger conditions are met, a TELL message MUST be sent.¶
TERMINATED: Subscription canceled via CANCEL_SUB (TLV=0xFF) or due to resource exhaustion.¶
Errors encountered during processing MUST transition the FSM into a predictable termination state. This prevents deadlocks and resource leaks.¶
Because µACP targets constrained environments, all FSM transitions MUST complete in bounded time and memory.¶
The following limits apply:¶
Platforms MAY employ preallocated memory pools, cyclic buffers, or static tables to satisfy the above constraints.¶
The FSMs in this section define the interoperable processing model for all conformant µACP agents.¶
This section defines the security properties, assumptions, and mandatory mitigations for µACP. Because µACP targets severely resource-constrained devices, the protocol does not embed cryptographic primitives directly; instead, it relies on OSCORE and the underlying transport for security. All implementations MUST follow the requirements in this section to avoid exposure to denial-of-service, spoofing, downgrade, replay, or privacy attacks.¶
The µACP threat model assumes that attackers may:¶
The protocol provides security only when implemented with OSCORE as defined in the Transport Binding section. Attackers are assumed to have full control of the transport layer but not of OSCORE-protected channels.¶
All µACP messages except PING MUST be authenticated and integrity-protected using OSCORE. Without OSCORE, µACP messages MUST be considered untrusted and MUST NOT modify system state.¶
OSCORE provides:¶
Implementations MUST use a unique OSCORE security context per communicating peer. Context reuse risks identity substitution or multi-peer cross-contamination attacks.¶
TELL, ASK, and OBSERVE messages MAY contain sensitive or mission-critical data. These messages MUST be encrypted via OSCORE. Only PING is permitted to be unencrypted.¶
Authorization MUST be enforced at the receiving agent before performing operations triggered by ASK or OBSERVE. Unauthorized or unauthenticated requests MUST be rejected using ERR_FORBIDDEN or silently dropped in high-threat environments.¶
µACP relies on OSCORE replay protection. Implementations MUST enable and correctly maintain OSCORE replay windows. Message Sequence IDs and Correlation IDs do not substitute for OSCORE's replay mechanism.¶
Additional replay mitigations:¶
Failure to enforce replay semantics MAY allow repeated actions, unexpected state transitions, or resource exhaustion.¶
µACP devices frequently operate with strict limits on memory, CPU cycles, and energy. Attackers may attempt to exploit this by flooding the device with requests, subscriptions, or malformed messages. Implementations MUST enforce:¶
When limits are exceeded, agents MUST return ERR_RESOURCE_EXHAUSTED or silently drop messages depending on congestion severity.¶
CoAP-level DoS mitigation (exponential backoff, NON vs CON behavior) MUST also be applied per Section 5.7.¶
OBSERVE introduces long-lived state which attackers may exploit. To prevent hijacking or unauthorized cancellation:¶
Subscription deletion MUST require either:¶
Failure to enforce these rules could allow attackers to redirect notifications, silence alarms, or manipulate event-driven logic.¶
The Version TLV enables forward compatibility but introduces risks of downgrade attacks. Implementations MUST enforce:¶
This prevents attackers from forcing devices into insecure or deprecated protocol variants.¶
µACP messages may reveal operational state, environmental conditions, unique identifiers, or system topology. OSCORE encryption mitigates most risks, but implementations MUST also consider:¶
Applications MAY use additional payload encryption or anonymization when required by operational policies or regulations.¶
Even with OSCORE, attackers may observe message size, frequency, or timing patterns. Implementations SHOULD mitigate traffic analysis when possible:¶
Because µACP operates in constrained environments, padding and obfuscation are OPTIONAL but SHOULD be supported in deployments requiring stronger protection.¶
OSCORE security depends on proper management of key material. Implementations MUST provide:¶
Compromise of OSCORE keys compromises confidentiality, integrity, and authentication for µACP messages.¶
Failures MUST NOT cause inconsistent or undefined agent behavior. Specifically:¶
In safety-critical systems (e.g., water infrastructure, industrial IoT), safe fallback behavior SHOULD be validated through formal analysis or runtime verification.¶
µACP security depends critically on the use of OSCORE and strict adherence to this section’s requirements. At a minimum:¶
Failure to follow any of these requirements may enable attackers to compromise µACP deployments.¶
This section defines the minimum feature set required for interoperability between µACP implementations, along with deployment profiles tailored to different classes of devices and networks. All compliant implementations MUST satisfy the baseline profile and SHOULD support additional profiles where appropriate.¶
The Minimum Interoperability Profile defines the set of features all µACP agents MUST implement. These requirements ensure that any two µACP-compliant endpoints can communicate reliably and securely.¶
Implementations MUST support:¶
Any implementation lacking one or more of the above cannot be considered µACP-compliant.¶
The Constrained Node Profile targets microcontroller-class devices with severe limitations on RAM, energy, and CPU. Devices in this class typically include ARM Cortex-M series, ESP32, and similar embedded platforms.¶
Implementations operating under the CNP MUST:¶
Implementations SHOULD:¶
The Infrastructure Node Profile targets devices with moderate-to-high resources such as edge gateways, industrial controllers, and cloud-side collectors. These nodes typically support more extensive logic and higher traffic volumes.¶
Implementations under this profile MUST:¶
INP nodes MAY:¶
µACP is designed to allow interoperability between constrained and infrastructure nodes. The following rules ensure safe cross-profile communication:¶
Implementations MUST guarantee that all profile interactions preserve the security properties defined in the Security Considerations section.¶
Deployments may apply µACP in different operational environments. This subsection defines three common deployment profiles and associated requirements.¶
Examples include NB-IoT, LoRaWAN, Sigfox.¶
Feature discovery occurs using a GET request to the well-known resource /.well-known/muacp. The response SHOULD include a CBOR map containing:¶
Nodes SHOULD cache feature negotiation results until expiration or reboot.¶
To guarantee interoperability even when nodes support different feature sets, µACP defines the following fallback rules:¶
Fallback MUST preserve safety and integrity, even if advanced features are unavailable.¶
µACP interoperability depends on:¶
These requirements ensure reliable communication across heterogeneous ecosystems, from microcontroller devices to large-scale industrial or cloud deployments.¶
This section provides complete, normative examples of µACP messages on the wire. Examples include raw µACP binary encodings, CBOR-embedded payloads, OSCORE-protected CoAP envelopes, and OBSERVE subscription exchanges. All examples use placeholder keys and nonces for illustration only.¶
Byte order is network byte order (big-endian). Hexadecimal text is for illustration; actual deployments use binary encodings.¶
A minimal PING contains only the µACP header and MUST NOT be OSCORE-protected.¶
H = 00 01 # Sequence ID = 1
00 01 # Correlation ID = 1
00 # QoS = 0 (fire-and-forget)
00 # Verb = 0 (PING)
00 # Flags = 0
00 00 00 00 00 # Reserved
No TLVs, no payload.¶
This example shows an ASK containing a CBOR payload before OSCORE protection is applied.¶
CBOR payload representation:¶
CBOR = { "action": "read", "resource": "temperature" }
CBOR (hex) = A2 66 61 63 74 69 6F 6E 64 72 65 61 64
68 72 65 73 6F 75 72 63 65 6A 74 65 6D 70
¶
Message:¶
H = 10 02 # SeqID=0x1002
10 02 # CorrID=0x1002
40 # QoS=1 (at-least-once)
20 # Verb=2 (ASK)
00 # Flags
00 00 00 00 00
T1 = 03 1A A2 66 61 63 ... 70
| | |
Type Len CBOR data (26 bytes)
Final (pre-OSCORE) encoding:
10 02 10 02 40 20 00 00 00 00
03 1A A2 66 61 63 ... 70
This example illustrates a complete OSCORE-protected request/response using CoAP POST.¶
Step 1 — ASK wrapped in CoAP + OSCORE:¶
CoAP Header: 44 02 7A 10 # CON, POST, MID=0x7A10 Uri-Path: "muacp" Content-Format: application/muacp+binary OSCORE Option: 9F (example) Payload (ciphertext): d4 83 58 20 a1 b3 11 ... (encrypted µACP)
Step 2 — TELL response:¶
CoAP Header: 64 44 7A 10 # ACK, 2.04 Changed Payload (ciphertext): e1 91 3A 0F 90 ... (encrypted TELL)
This example shows how an OBSERVE message establishes a subscription.¶
H = 20 05 20 05 40 30 00 00 00 00 # Verb=3 (OBSERVE) T1 = 20 03 74 65 6D # Topic="tem" OSCORE-protected payload: 58 2A 95 B2 11 D9 ... # ciphertext
Subsequent notifications are sent as TELL messages sharing the Correlation ID 0x2005.¶
A peer cancels an active subscription by sending CANCEL_SUB.¶
H = 20 05 20 05 40 30 00 00 00 00 T1 = FF 00 # CANCEL_SUB, empty TLV OSCORE ciphertext: 6A 7F A9 ...
This example shows a TELL(error) response containing ERR_UNSUPPORTED_TLV.¶
H = 10 02 10 02 40 10 00 00 00 00 # Verb=TELL (1) T1 = 22 01 03 # Error-Code TLV, Len=1, Value=0x03 (ERR_UNSUPPORTED_TLV) Payload = (optional diagnostic string) Encrypted via OSCORE: 5F 21 8A E3 ...
µACP does not define native fragmentation but MAY rely on CoAP Blockwise Transfer (RFC 7959). The µACP message remains intact inside each CoAP block.¶
Example (two blocks):¶
Block 0: CoAP Header + Block1 Option (NUM=0, M=1, SZX=2) Payload: µACP bytes [0..255] Block 1: CoAP Header + Block1 Option (NUM=1, M=0, SZX=2) Payload: µACP bytes [256..end]
Receivers MUST reassemble blocks before OSCORE processing when the OSCORE option is Outer.¶
The examples in this section demonstrate:¶
These examples are normative for message formatting and MUST be used for interoperability testing.¶
This section defines the normative conformance tests required to validate µACP implementations. A device or software stack MUST pass all tests in this section to be considered µACP-compliant. Implementations SHOULD additionally validate behavior against the wire examples.¶
Conformance tests are grouped into the following categories:¶
Implementations MUST correctly encode and decode the 64-bit header and all mandatory TLV behaviors.¶
Implementations MUST handle malformed or adversarial input safely and deterministically.¶
Agents MUST implement the state machines defined in the State Machines section. These tests validate deterministic transitions.¶
Since µACP relies on OSCORE for security, implementations MUST pass all OSCORE-related checks.¶
Since µACP targets constrained devices, correct enforcement of resource ceilings is mandatory.¶
Two independent implementations MUST successfully interoperate under the Minimum Interoperability Profile. Specifically:¶
/.well-known/muacp MUST correctly determine shared feature sets.¶
Successful completion of these tests is required for interoperability certification.¶
µACP implementations MUST:¶
Passing the tests in this section validates full compliance with the µACP specification.¶
This appendix summarizes non-normative deployment experience gathered during early µACP evaluations on constrained IoT hardware, industrial gateways, and edge-to-cloud systems. The experiences reported here informed several of the design decisions in this document, including the header structure, TLV size limits, and state-machine requirements.¶
µACP was deployed on several microcontroller platforms, including ARM Cortex-M4 systems with 128–256 KB of RAM and ESP32-class devices. These environments were used to test the feasibility of a stateful agent communication protocol under strict memory ceilings.¶
Findings:¶
These deployments confirmed that µACP is implementable without dynamic memory allocation when necessary.¶
µACP was evaluated in multi-hop environmental sensing networks resembling municipal or agricultural deployments. Network conditions included lossy wireless links, non-uniform latency, and periodic power cycling of end devices.¶
Observations:¶
These experiments validated the protocol’s suitability for real-world constrained deployments where energy and bandwidth are critical resources.¶
µACP was tested on industrial gateways and lightweight SCADA-edge processors deployed alongside programmable logic controllers (PLCs). These environments imposed strict timing and reliability requirements.¶
Key outcomes:¶
Experience demonstrated that µACP can serve as a standardizable alternative to custom messaging formats common in industrial IoT deployments.¶
µACP agents running on gateways aggregated sensor reports from hundreds of constrained nodes and forwarded aggregated results to cloud backends.¶
Observed behaviors:¶
/.well-known/muacp allowed gateways to adjust output rates per node.¶
Deployment results confirmed µACP’s applicability to hierarchical network architectures where constrained devices feed into more capable intermediate nodes.¶
The following lessons influenced normative requirements in this specification:¶
These observations strengthened several MUST and SHOULD requirements in the main document.¶
The following reference implementations of µACP are available for interoperability testing and evaluation:¶
These implementations serve as normative references for the protocol behavior described in this document and are available for implementers seeking to build interoperable µACP agents.¶
Across all deployments examined—microcontroller nodes, sensor networks, industrial gateways, and edge-to-cloud systems—µACP demonstrated stable behavior, predictable resource usage, and low implementation complexity. Deployment results provide empirical support for the protocol’s design and its standardization as a lightweight, interoperable agent communication substrate.¶
This appendix provides additional normative hexdump examples for implementers. All byte strings are shown in hexadecimal. These examples are aligned with the conformance tests and expand on the wire examples.¶
Minimal PING (unencrypted)¶
# µACP Header Only (PING) 00 01 # Sequence ID 00 01 # Correlation ID 00 # QoS=0 00 # Verb=PING 00 # Flags 00 00 00 00 00 # Reserved¶
Minimal TELL with empty payload (unencrypted)¶
# Header 00 02 00 02 00 10 00 00 00 00 # No TLVs # No payload¶
B.2.1 ASK with TLV(Content-Format=1) and CBOR payload¶
# Header 10 02 10 02 40 20 00 00 00 00 # TLV: Content-Format (Type=0x03, Len=1, Val=0x01) 03 01 01 # Payload (CBOR) A2 66 61 63 74 69 6F 6E # "action" 64 72 65 61 64 # "read" 68 72 65 73 6F 75 72 63 65 # "resource" 6A 74 65 6D 70 # "temp"¶
B.2.2 TELL response with TLV(error=NONE) and CBOR payload¶
# Header
10 02 10 02 40 10 00 00 00 00 # Verb=TELL
# TLV: Error-Code=0x00
02 01 00
# Payload (CBOR): { "value": 21.5 }
A1 65 76 61 6C 75 65 F9 41 AC
¶
These examples use placeholder keys and nonces; they are not security-strength values. Their purpose is deterministic parser testing.¶
B.3.1 ASK inside OSCORE/CoAP¶
CoAP Header: 44 02 7A 10 OSCORE Option: 9F Encrypted Payload (ciphertext only): D4 83 58 20 A1 B3 C4 99 02 5D 11 0A C8 EE 73 71 4F 52 B0 C8 76 DA 91 22 10 9C 5E 33 81 15¶
B.3.2 TELL response with encrypted TLV + payload¶
CoAP Header: 64 44 7A 10 Encrypted Payload: E1 91 3A 0F 90 77 32 A2 9B AE 6C F2 45 51 60 82 81 12 00 44 75 9A 2C 18 3D 11¶
B.4.1 OBSERVE Creation (OSCORE-protected)¶
Header: 20 05 20 05 40 30 00 00 00 00 TLV: Topic="temp" 20 03 74 65 6D Encrypted Payload: 58 2A 95 B2 11 D9 0A 9F 77 20 12 88 ...¶
B.4.2 Notification TELL reusing Correlation ID¶
Header: 20 05 20 05 40 10 00 00 00 00 TLV: Content-Type=1 03 01 01 Encrypted Payload: 9A 71 3C 88 A0 45 3E 12 99 ...¶
B.4.3 CANCEL_SUB TLV example¶
Header: 20 05 20 05 40 30 00 00 00 00 TLV: CANCEL_SUB (Type=0xFF, Len=0) FF 00 Encrypted Payload: 6A 7F A9 D4 82 21 ...¶
B.5.1 Unsupported TLV (expected to trigger ERR_UNSUPPORTED_TLV)¶
Header: 00 10 00 10 40 20 00 00 00 00 Unknown TLV Type=0x47 47 03 01 02 03 Payload: none¶
B.5.2 Malformed TLV length¶
Header: 00 10 00 10 40 20 00 00 00 00 TLV declares 10 bytes but only 4 follow: 22 0A 11 22 33 44¶
B.5.3 Oversized payload (>65535 bytes)¶
Omitted for brevity; implementers MUST reject any payload exceeding the 16-bit payload size constraint.¶
These examples illustrate partial µACP messages inside CoAP Block1 fragments.¶
B.6.1 Block 0¶
CoAP Header: 44 02 6A 77 Block1 Option: 2F 00 # NUM=0, M=1, SZX=0 Payload: <first 64 bytes of encrypted µACP blob>¶
B.6.2 Block 1¶
CoAP Header: 44 02 6A 77 Block1 Option: 2F 11 # NUM=1, M=0, SZX=0 Payload: <remaining bytes of encrypted µACP blob>¶
Receivers MUST reassemble before OSCORE decryption.¶
The test vectors in this appendix supplement those in Section 11 and are intended for parser verification, fuzzing, and interoperability testing. Implementations MUST be able to:¶
These vectors serve as a baseline for µACP test suites and conformance validation frameworks.¶
This appendix provides a non-normative operational semantics for µACP, derived from the companion formal calculus that motivated the protocol. The semantics formalize the behavior of agents, message transitions, resource consumption, and subscription state. They are included for researchers, implementers building verified agents, and designers of static analyzers or runtime monitors.¶
A µACP agent is represented as a tuple:¶
A = (S, Q, R, C, B) Where: S : Local state of the agent (application-defined) Q : Incoming message queue R : Resource budget (CPU, memory, bandwidth) C : Conversation table mapping correlation IDs to conversation state B : Subscription table mapping topics to observers¶
Global system configurations consist of a multiset of agents and an abstract network buffer N:¶
⟨ A1 | A2 | ... | An ; N ⟩¶
Network delivery is modeled as nondeterministic but eventually fair unless congestion semantics dictate otherwise.¶
Messages are modeled abstractly as:¶
M ::= PING(id, cid)
| TELL(id, cid, tlvs, payload)
| ASK(id, cid, tlvs, payload)
| OBSERVE(id, cid, topic, filter)
¶
The semantics below assume well-formed headers and TLVs; malformed messages trigger error semantics (Section C.7).¶
PING models liveness detection and has no side effects on agent state except optional diagnostic logging.¶
A = (S, Q, R, C, B) -------------------------------------------- A ⟶ A' = (S, Q, R', C, B) Where R' = R - cost(ping)
The receiver MAY return a TELL error response, but this is not semantically required.¶
TELL conveys state and is idempotent under a given correlation ID. It updates the local knowledge state S according to application logic:¶
A = (S, Q, R, C, B) ------------------------------------------ A ⟶ A' = (S ⊎ payload, Q, R', C, B) Where: R' = R - cost(tell) '⊎' denotes a monotonic, application-defined merge
ASK initiates a request–response conversation. Upon receiving an ASK, an agent enters a waiting state:¶
A = (S, Q, R, C, B) cid ∉ dom(C) --------------------------------------------------- A ⟶ A' = (S, Q, R', C[cid ↦ wait(action)], B) Where R' = R - cost(ask)
C[cid] = wait(action)
S ⊢ action ⇓ value
---------------------------------------------------
A ⟶ A' = (S, Q ∪ {TELL(cid, value)}, R', C', B)
Where:
C' = C[cid ↦ done]
R' = R - cost(eval)
ASK induces a deterministic two-step conversation unless cancelled or timed out.¶
OBSERVE creates a persistent subscription represented in the agent configuration.¶
A = (S, Q, R, C, B)
topic ∉ dom(B)
-------------------------------------------------------
A ⟶ A' = (S, Q, R', C, B[topic ↦ {cid}])
Where R' = R - cost(observe)
Notifications are produced when internal state changes satisfy the trigger condition:¶
B(topic) = CIDs
S ⟶ S' with event e matching filter
-------------------------------------------------------
A ⟶ A' with Q' = Q ∪ { TELL(cid, e) | cid ∈ CIDs }
The correlation table C tracks conversation state with the invariant:¶
dom(C) ≤ MAX_CONV cid uniqueness: cid ∉ dom(C) for new conversations¶
Expiration semantics remove entries automatically after a timeout:¶
C[cid] = wait(x)
expired(cid)
------------------------------------
C' = C \ {cid}
The resource model associates a cost with each transition.¶
cost : Transition → ℕ¶
A transition is only admissible if the agent has sufficient budget:¶
R ≥ cost(t) ⟨ A ; N ⟩ ⟶ₜ ⟨ A' ; N' ⟩ ------------------------------------ Transition allowed Otherwise: A blocks or drops the message
Resource recharging (e.g., periodic replenishment) is allowed but not modeled directly in these semantics.¶
Fragmentation is represented as a sequence of partial messages delivered independently:¶
frag(M) = [m0, m1, ..., mk]¶
Reassembly occurs only when all fragments are received:¶
∀i. mi ∈ N ------------------------------------ reassemble(frag(M)) = M
OSCORE decryption applies only after full reassembly; this preserves security invariants.¶
Malformed messages or security violations produce error transitions.¶
C.7.1 Malformed TLV¶
invalid_tlv(M)
------------------------------------
A ⟶ A' = (S, Q ∪ {TELL(cid, ERR_MALFORMED_TLV)}, R', C, B)
ver(M) < ver(A) ------------------------------------ A ⟶ TELL(cid, ERR_VERSION_MISMATCH)
The semantics in this appendix capture the behavior of µACP agents, including the message lifecycle, conversation tracking, resource limits, fragmentation, error handling, and observable side effects. These rules closely reflect the informal operational description in the main sections of this specification and serve as a foundation for formal verification, conformance testing, and correct-by-construction implementations.¶
The design of µACP benefited from feedback across multiple research and engineering communities working on IoT systems, multi-agent communication, and distributed protocol design. The authors acknowledge the valuable insights provided by early reviewers, prototype implementers, and colleagues who explored µACP in constrained-device testbeds.¶
Special thanks are extended to members of the open-source contributors who reviewed early drafts of the µACP calculus and provided implementation reports via the project repository. Their feedback led to refinements in the state machines, TLV model, and transport bindings.¶
The authors also thank participants from constrained-network and OSCORE working groups whose discussions influenced the treatment of fragmentation, replay protection, and authentication in this specification.¶
This specification incorporates lessons from deployments in microcontroller-based sensing systems, autonomous control nodes, and large-scale telemetry environments. The authors acknowledge these deployments for motivating the resource model and deterministic behavior guarantees underlying µACP.¶
This work is an independent contribution and does not represent the views of any organization or government entity.¶