AP3 Playground

What you’ll do here

This playground spins up two local AP3 agents, lets you configure their advertised capabilities, checks compatibility, then runs PSI and shows everything “under the hood” (HTTP, envelopes, directives, and receiver-side checks).

Playground servers

Initiator agent

A2A URL

http://127.0.0.1:18082

AgentCard endpoint

/.well-known/agent-card.json

Acts as the AP3 initiator and sends the first protocol envelope (msg1).

Receiver agent

A2A URL

http://127.0.0.1:18083

AgentCard endpoint

/.well-known/agent-card.json

Validates the intent + envelope (session binding, signature, participants, msg1 hash, replay) and responds.

The playground UI talks to these agents and captures A2A HTTP to populate the Inspector.

Flow

Discovery: read AgentCards + AP3 extension (roles, ops, commitments, public key)
Compatibility: score + explanation (why compatible / incompatible)
Protocol run: execute PSI over A2A JSON-RPC
Inspector: view request, HTTP trace, envelopes, directives, audit checks, logs

Compatibility Lab

Initiator

role supported ops (advertised) commitment data_structure data_freshness industry

Receiver

role supported ops (advertised) commitment data_structure data_freshness industry

Computing compatibility…

AgentCards (preview)

Initiator AgentCard JSON

Receiver AgentCard JSON

Walkthrough

PSI outcome

Successful PSI (intersection exists) Unsuccessful PSI (no intersection)

Attacks

Tamper envelope.session_id Tamper intent participants Tamper msg1 payload (hash mismatch)

Not started.