Skip to content

Commit c069b49

Browse files
committed
Intro + Architecture
1 parent 92addad commit c069b49

8 files changed

Lines changed: 425 additions & 213 deletions

File tree

docs/images/mcp-proxy.d2

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
'Code Editor': {near: top-center}
2+
3+
'MCP Proxy': {near: center-left}
4+
# 'MCP Server ...': {
5+
# near: center-right
6+
# style: {
7+
# stroke-dash: 3
8+
# }
9+
# }
10+
" ---------------------------------------------- ": {
11+
style: {
12+
fill: transparent
13+
font-color: transparent
14+
stroke-width: 0
15+
}
16+
}
17+
18+
# Bottom row: Agent
19+
Agent: {near: bottom-center}
20+
21+
# Connections
22+
'Code Editor' -> Agent: MCP Proxy Configuration {
23+
style: {
24+
stroke-dash: 3
25+
}
26+
}
27+
28+
# The agent connects up to the MCP servers
29+
Agent <-> 'MCP Proxy': MCP over stdio {direction: up}
30+
'MCP Proxy' <-> 'Code Editor': MCP over socket {
31+
style: {
32+
stroke-dash: 3
33+
}
34+
}

docs/images/mcp-proxy.svg

Lines changed: 104 additions & 0 deletions
Loading

docs/images/mcp.d2

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
'Code Editor': {near: top-center}
2+
3+
'MCP Server 1': {near: center-left}
4+
'MCP Server ...': {
5+
near: center-right
6+
style: {
7+
stroke-dash: 3
8+
}
9+
}
10+
" ----------------------- ": {
11+
style: {
12+
fill: transparent
13+
font-color: transparent
14+
stroke-width: 0
15+
}
16+
}
17+
18+
# Bottom row: Agent
19+
Agent: {near: bottom-center}
20+
21+
# Connections
22+
'Code Editor' -> Agent: MCP Configuration {direction: down}
23+
24+
# The agent connects up to the MCP servers
25+
Agent -> 'MCP Server 1': MCP {direction: up}
26+
Agent -> 'MCP Server ...': MCP {
27+
style: {
28+
stroke-dash: 3
29+
}
30+
}

docs/images/mcp.svg

Lines changed: 104 additions & 0 deletions
Loading

docs/images/server-client.d2

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
# file generated by putting this code into https://play.d2lang.com/
2+
# and setting theme to Earth tones
3+
Code Editor -> agent1: stdio
4+
agent1: Agent 1
5+
Code Editor -> agent2: stdio
6+
agent2: Agent 2
7+
8+
Code Editor -> "...": {
9+
style: {
10+
stroke-dash: 3
11+
}
12+
}
13+
"...": {
14+
style: {
15+
stroke-dash: 3
16+
}
17+
}

docs/images/server-client.svg

Lines changed: 103 additions & 0 deletions
Loading

docs/overview/architecture.mdx

Lines changed: 13 additions & 197 deletions
Original file line numberDiff line numberDiff line change
@@ -5,214 +5,30 @@ description: "Overview of the Agent Client Protocol architecture"
55

66
The Agent Client Protocol defines a standard interface for communication between AI agents and client applications. The architecture is designed to be flexible, extensible, and platform-agnostic.
77

8-
![Agent Client Protocol Architecture](/images/architecture-diagram.png)
9-
108
## Design Philosophy
119

1210
The protocol architecture follows several key principles:
1311

14-
### 1. **Session-Based Isolation**
15-
Each interaction operates within a session context, providing:
16-
- State isolation between different conversations
17-
- Clean lifecycle management
18-
- Resource scoping and cleanup
19-
20-
### 2. **Tool-Centric Design**
21-
The protocol treats all operations as tools, creating a uniform interface for:
22-
- MCP server integrations (`McpToolId`)
23-
- Client-provided capabilities (`ClientTools`)
24-
- Permission-gated operations
25-
26-
### 3. **Streaming-First Communication**
27-
Built for real-time interaction through:
28-
- Chunked message delivery (`agentMessageChunk`, `agentThoughtChunk`)
29-
- Progressive tool execution updates (`toolCallUpdate`)
30-
- Incremental plan revelations
31-
32-
## Component Architecture
33-
34-
### Component Boundaries
35-
36-
1. **Client Application Layer**
37-
- Manages UI/UX concerns
38-
- Handles permission dialogs
39-
- Provides file system access through controlled tools
40-
41-
2. **ACP Protocol Layer**
42-
- Session lifecycle management
43-
- Message routing and transformation
44-
- Tool orchestration
45-
- Permission enforcement
46-
47-
3. **Agent Layer**
48-
- LLM integration
49-
- Reasoning and planning
50-
- Tool selection and execution
51-
- Response generation
52-
53-
## Key Architectural Patterns
54-
55-
### 1. Tool Abstraction Pattern
56-
57-
All capabilities are exposed as tools with a consistent interface:
58-
59-
```rust
60-
pub struct McpToolId {
61-
pub mcp_server: String,
62-
pub tool_name: String,
63-
}
64-
```
65-
66-
This abstraction enables:
67-
- Uniform permission handling
68-
- Consistent execution tracking
69-
- Flexible capability composition
70-
71-
### 2. Content Polymorphism
72-
73-
The protocol uses discriminated unions for content flexibility:
74-
75-
```rust
76-
pub enum ContentBlock {
77-
Text(TextContent),
78-
Image(ImageContent),
79-
Audio(AudioContent),
80-
ResourceLink(ResourceLink),
81-
// ... extensible
82-
}
83-
```
84-
85-
Benefits:
86-
- Type-safe content handling
87-
- Forward compatibility
88-
- Rich media support
89-
90-
### 3. Update Streaming Pattern
91-
92-
Session updates follow a streaming pattern for responsive interaction:
93-
94-
```rust
95-
pub enum SessionUpdate {
96-
Started,
97-
UserMessage(ContentBlock),
98-
AgentMessageChunk(ContentBlock),
99-
AgentThoughtChunk(ContentBlock),
100-
ToolCall(ToolCall),
101-
ToolCallUpdate(ToolCallUpdate),
102-
Plan(Plan),
103-
}
104-
```
105-
106-
This enables:
107-
- Real-time feedback
108-
- Progressive rendering
109-
- Interruptible operations
110-
111-
## Implementation Considerations
112-
113-
### State Management
114-
115-
The protocol maintains minimal shared state:
116-
- **Session State**: Managed by session ID, includes configuration and context
117-
- **Tool State**: Tracked through tool call IDs for update correlation
118-
- **Permission State**: Cached permission decisions (allow/reject always)
119-
120-
### Error Boundaries
121-
122-
Error handling is localized to maintain system stability:
123-
- Tool failures don't crash sessions
124-
- MCP server errors are isolated
125-
- Network failures are recoverable
126-
127-
### Performance Optimization
128-
129-
Key areas for optimization:
130-
1. **Streaming Buffers**: Chunk size tuning for message streams
131-
2. **Tool Parallelization**: Concurrent tool execution where safe
132-
3. **Session Caching**: Reuse of MCP server connections
133-
4. **Content Deduplication**: Efficient handling of repeated resources
134-
135-
## Integration Patterns
136-
137-
### 1. MCP Server Integration
138-
139-
```rust
140-
pub struct McpServerConfig {
141-
pub command: PathBuf,
142-
pub args: Vec<String>,
143-
pub env: Option<HashMap<String, String>>,
144-
pub enabled_tools: Option<Vec<String>>,
145-
}
146-
```
147-
148-
Supports:
149-
- Dynamic server spawning
150-
- Tool whitelisting
151-
- Environment isolation
152-
153-
### 2. Client Tool Mapping
154-
155-
```rust
156-
pub struct ClientTools {
157-
pub request_permission: Option<McpToolId>,
158-
pub write_text_file: Option<McpToolId>,
159-
pub read_text_file: Option<McpToolId>,
160-
}
161-
```
162-
163-
Enables:
164-
- Flexible tool implementation
165-
- Platform-specific capabilities
166-
- Security boundaries
167-
168-
### 3. Permission Flow
169-
170-
The architecture enforces a clear permission flow:
171-
1. Agent requests operation
172-
2. Protocol checks permission cache
173-
3. If needed, client prompts user
174-
4. Decision cached based on kind (`allowAlways`, etc.)
175-
5. Operation proceeds or fails
176-
177-
## Extensibility Points
178-
179-
The architecture provides several extension mechanisms:
12+
1. **MCP-based**: The protocol is built on JSON-RPC, and re-uses MCP types where possible so that integrators don't need to build yet-another representation for common data types.
13+
2. **UX-first**: It is designed to solve the UX challenges of interacting with AI agents; ensuring there's enough flexibility to render clearly the agents intent, but is no more abstract than it needs to be.
14+
3. **Trusted**: ACP works when you're using a code editor to talk to a model you trust. You still have controls over the agent's tool calls, but the code editor gives the agent access to local files and MCP servers.
18015

181-
### 1. Custom Content Types
182-
New `ContentBlock` variants can be added without breaking existing clients
16+
## Setup
18317

184-
### 2. Tool Categories
185-
The `ToolKind` enum can be extended for new operation types
18+
When the user tries to connect to an agent, the editor boots the agent sub-process on demand, and all communication happens over stdin/stdout.
18619

187-
### 3. Session Updates
188-
New `SessionUpdate` variants enable protocol evolution
20+
Each connection can suppport several concurrent sessions, so you can have multiple trains of thought going on at once.
18921

190-
### 4. Annotations
191-
The `Annotations` type allows metadata extension without schema changes
22+
![Server Client setup](./images/server-client.svg)
19223

193-
## Security Architecture
24+
ACP makes heavy use of JSON-RPC notifications to allow the agent to stream updates to the UI in real-time. It also uses JSON-RPC's bidrectional requests to allow the agent to make requests of the code editor: for example to request permissions for a tool call.
19425

195-
### Principle of Least Privilege
196-
- Tools are explicitly granted through `enabled_tools`
197-
- File operations require specific client tool mappings
198-
- Permissions are granular and auditable
26+
## MCP
19927

200-
### Isolation Boundaries
201-
- Sessions cannot interact with each other
202-
- MCP servers run in separate processes
203-
- File access is mediated through client tools
28+
Commonly the code editor will have user-configured MCP servers. When forwarding the prompt from the user, it passes configuration for these to the agent. This allows the agent to connect directly to the MCP server.
20429

205-
### Trust Model
206-
```
207-
Client (Trusted) ← ACP Protocol → Agent (Sandboxed)
208-
209-
MCP Servers (Isolated)
210-
```
30+
![MCP Server connection](./images/mcp.svg)
21131

212-
## Future Considerations
32+
The code editor may itself also wish to export MCP based tools. Instead of trying to run MCP and ACP on the same socket, the code editor can provide its own MCP server as configuration. As agents may only support MCP over stdio, the code editor can provide a small proxy that tunnels requests back to itself:
21333

214-
The architecture is designed to accommodate:
215-
- **Multiplexed Sessions**: Multiple agents in one session
216-
- **Bidirectional Tools**: Client-initiated tool calls
217-
- **Resource Streaming**: Large file handling without full loading
218-
- **Federated Permissions**: Cross-session permission sharing
34+
![MCP connection to self](./images/mcp-proxy.svg)

docs/overview/introduction.mdx

Lines changed: 20 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -3,9 +3,9 @@ title: "Introduction"
33
description: "Get started with the Agent Client Protocol (ACP)"
44
---
55

6-
The Agent Client Protocol (ACP) is a protocol that standardizes communication between code editors (interactive programs for viewing and editing source code) and coding agents (programs that use generative AI to autonomously modify code).
6+
The Agent Client Protocol standardizes communication between code editors (IDEs, text-editors, etc.) and coding agents (programs that use generative AI to autonomously modify code).
77

8-
The protocol is still under heavy development, and we aim to standardize it as we get confidence in the design by implementing it in various settings.
8+
The protocol is still under development, but it should be complete enough to build interesting user experiences using it.
99

1010
## Why ACP?
1111

@@ -21,22 +21,26 @@ This decoupling allows both sides to innovate independently while giving develop
2121

2222
## Overview
2323

24-
The protocol is newline-delimited JSON sent over stdin/stdout. When a code editor wants to start a session with an agent, it boots it as a sub-process (inheriting any environment variables) and sends an initialize request to get the state of the world.
24+
ACP assumes that the user is primarily in their editor, and wants to reach out and use agents to assist them with specific tasks.
2525

26-
If authentication is required, it can send authenticate to allow the agent to perform any authentication actions (like an Oauth flow).
26+
Agents run as sub-processes of the code editor, and communicate using JSON-RPC over stdio. The protocol re-uses the JSON representations used in MCP where possible, but includes custom types for things like Diffs that are useful for agentic coding.
2727

28-
Once the agent is ready, the client can send sendUserMessage requests with content from the user. The agent sends streamAssistantMessageChunk and related tool call messages to update the UI while handling the user's message, and finally responds when there will be no more output.
28+
The default format for user-readable text is Markdown, which allows enough flexibility to represent rich formatting without requiring that the code editor is capable of rendering HTML.
2929

30-
## Architecture
30+
## Implementations
3131

32-
ACP follows a simple client-server architecture where the client (typically a code editor or IDE) spawns the agent as a subprocess and communicates via standard input/output streams. The protocol uses newline-delimited JSON-RPC 2.0 messages, ensuring compatibility with existing tooling and easy debugging. The client maintains control over the agent's lifecycle and can manage multiple concurrent sessions. Each session represents an isolated conversation context where the agent can access editor-provided tools for reading files, writing changes, and requesting user permissions for sensitive operations.
32+
Currently ACP is supported by:
3333

34-
```
35-
┌─────────────────┐ ┌─────────────────┐
36-
│ │ │ │
37-
│ Client │ stdin/stdout │ Agent │
38-
│ (IDE) │ ←────────────────→ │ (AI Tool) │
39-
│ │ JSON-RPC 2.0 │ │
40-
│ │ │ │
41-
└─────────────────┘ └─────────────────┘
42-
```
34+
### Editors
35+
36+
- [Zed](https://zed.dev)
37+
- [neovim](https://neovim.io) if you install the [CodeCompanion](https://codecompanion.olimorris.dev) plugin.
38+
39+
### Agents
40+
41+
- [Gemini](https://github.com/google-gemini/gemini-cli)
42+
- ... more coming soon ;)
43+
44+
## Further reading
45+
46+
For an overview of the architecture, see the [Architecture](./Architecture) section. For ... TODO

0 commit comments

Comments
 (0)