DEV Community

Agent-Risk
Agent-Risk

Posted on

The Protocol Wars Are Coming—and Your AI Agent Needs a Neutral ID

#ai #agents #web3

June 30, 2026

A quiet war is reshaping the AI agent ecosystem. Six months ago, there was one protocol to worry about. Now there are at least four major ones fighting for dominance—and they're backed by trillion-dollar companies with competing agendas.

On June 19, Google and Microsoft launched ARD (Agentic Resource Discovery), joining forces with Hugging Face, Salesforce, NVIDIA, and eight others. OpenAI and Anthropic? They didn't sign. Didn't even get invited.

One week later, China released seven national standards for AI agent interconnection, covering identity, discovery, and cross-agent collaboration. A complete parallel universe.

Meanwhile, Anthropic's MCP is still gaining traction. Salesforce's Agentforce is pushing A2A. And everyone's claiming their protocol is "the open standard."

Here's the problem: when these protocols inevitably fragment, who's going to tell you which agents on which platforms are actually trustworthy?

The Protocol Alphabet Soup

Let me translate what's actually happening:

Protocol Backer(s) Focus Excluded
MCP Anthropic Tool calling Google, Microsoft, OpenAI
A2A Google Agent-to-agent messaging Anthropic, OpenAI
ARD Google + Microsoft Resource discovery Anthropic, OpenAI
AIP China (national standard) Full lifecycle US tech giants

Each protocol solves a real problem. MCP makes models connect to tools. A2A lets agents talk to each other. ARD helps agents find other agents. AIP aims to standardize everything from identity to collaboration.

But here's what they're not solving: trust verification across protocol boundaries.

The Trust Gap in Protocol Standards

Every protocol assumes trust is handled elsewhere. ARD discovers agents. MCP connects to tools. A2A enables communication. But none of them ask: "How do we know if this agent has actually done what it claims?"

At AgentRisk, we've indexed over 2.3 million agents across platforms. Here's what we see:

  • 269,334 agents have been delisted by their platforms
  • 28% of all tracked agents are no longer responding
  • Only 81,319 agents (3.5%) have earned T1 (trustworthy) status
  • Platform reliability varies by 149x — some platforms have near-zero agent survival rates

These aren't edge cases. This is the baseline reality of the current agent ecosystem.

And when a developer adopts ARD to discover agents, or MCP to connect tools, there's no built-in mechanism to verify:

  • Has this agent actually performed the tasks it claims?
  • Has it been delisted or archived?
  • How does it compare to similar agents on different platforms?

The Neutral Observer Problem

Protocol wars have a predictable pattern: each player builds trust mechanisms that favor their own ecosystem.

Google's ARD validates agents in Google Cloud. Anthropic's MCP validates Claude integrations. China's AIP validates against national standards.

If you're building a cross-platform agent system, you face a choice:

  1. Trust each platform's native verification (conflict of interest)
  2. Build your own verification layer (expensive, ongoing maintenance)
  3. Hope for the best

Option 3 is what most developers are doing. And it's not working.

The Nesbitt research validated what developers suspected: 77.6% of agents can be misled by deceptive descriptions. Platform trust badges, certifications, and ratings are frequently wrong or gaming-optimized rather than accuracy-optimized.

What Cross-Protocol Trust Verification Actually Requires

We're not talking about a rating system. Rating systems can be gamed, bought, or simply inaccurate.

What the ecosystem needs is:

  1. Behavior-based evidence chains: Not "this agent says it's trustworthy" but "here's what this agent actually did, timestamped and verifiable"

  2. Protocol-agnostic identity: An agent's history should travel with it, not be locked to one platform's registry

  3. Independent hash anchoring: Any party should be able to verify that evidence hasn't been altered retroactively

  4. Confidence-calibrated scoring: Honest acknowledgment of what we know vs. don't knou—not inflated scores to win business

This is the gap AgentRisk was built to fill. We track agent survival, performance events, and behavioral signals across platforms, regardless of which protocol they implement.

The Coming Consolidation

Protocol wars have historically ended one of two ways:

  • One winner (like TCP/IP)
  • Interoperability layers that abstract away protocol differences (like how email still works across Gmail, Outlook, and corporate servers)

For AI agents, the second path is more realistic. Too many powerule players have too much invested in their own protocols for any single standard to win.

But interoperability layers need neutral observers. Someone has to translate "this MCP-registered agent" into "here's how it compares to the A2A agents you've deployed."

That's the role we're building toward—not picking sides in the protocol wars, but providing the trust infrastructure that makes any protocol stack viable.

What This Means for Developers

If you're building on any agent platform today:

  1. Don't assume protocol adoption means quality: An ARD-registered agent hasn't been verified, it's just been discovered

  2. Track agent survival independently: Platforms go down. Agents get delisted. Your monitoring should be platform-independent

  3. Build trust verification into your agent selection logic: Query multiple trust signals before committing to an agent

  4. Plan for protocol transitions: The agent that works with MCP today might need A2A support tomorrow. Your trust layer should be portable.

The Data Doesn't Lie

Here's our current snapshot (June 30, 2026):

Total agents tracked: 2,300,349
T1 (Trustworthy): 81,319 (3.5%)
T2 (Exploratory): 1,551,611 (67.4%)
T3 (Archived): 644,127 (28.0%)
Delisted: 269,334
Enter fullscreen mode Exit fullscreen mode

That's nearly 1 million agents in T2/T3 status. Many of them are still running in production systems, generating errors, or simply not responding—because nobody bothered to check if they were still alive.

The protocol wars are coming. But the trust gap is here now.

About AgentRisk

AgentRisk is building the independent trust layer for AI agents. We track agent survival, performance events, and behavioral signals across platforms—regardless of which protocols they implement.

Currently indexing 2.3M+ agents with real-time survival monitoring and confidence-calibrated trust scores.

Get your agent verified →
API documentation →

AgentRisk — Your Agent, Verified

Top comments (0)