The 2026 agent-protocol map: MCP, A2A, ACP and AP2 in plain English

The Model Context Protocol runs straight down, from a single agent to the tools and data it is allowed to touch. It is an open protocol that standardizes how LLM applications integrate with external data sources and tools. The current authoritative specification is dated 2025-06-18, uses JSON-RPC 2.0, and defines three roles: Hosts (the LLM applications that initiate connections), Clients (the connectors that live inside the host), and Servers (which supply context and capabilities). The design borrows from the Language Server Protocol, the contract that let one editor talk to many language back-ends without a custom integration each time.

Of the four, MCP is the layer that has most clearly arrived. By 2026 it shows roughly 97 million monthly SDK downloads and more than 9,400 public servers in its registry. In Origin Pi's State of AI research (May 2026), 78 percent of enterprise AI teams reported at least one MCP-backed agent in production as of April 2026, and 67 percent of CTOs named it their default agent-integration standard. It also left any single owner behind. Anthropic donated MCP to the Linux Foundation-housed Agentic AI Foundation in December 2025, with Block and OpenAI as co-donors. When the company that built a protocol hands it to a neutral foundation, that is usually the moment a layer stops being a product and becomes infrastructure.

If MCP is vertical, A2A (Agent2Agent) is horizontal. It is an open standard for communication and collaboration between AI agents owned by different parties. Google built it first, then donated it to the Linux Foundation. It is now steered by a Technical Steering Committee with representatives from AWS, Cisco, Google, IBM Research, Microsoft, Salesforce, SAP, and ServiceNow. That committee roster matters more than any feature list, because it is the same consolidation pattern as MCP: single-vendor origin, neutral governance, major platforms sitting at the same table instead of shipping rival forks.

A2A has reached a stable milestone too. The latest released specification is version 1.0.0, following 0.3.0, 0.2.6, and 0.1.0, licensed under Apache 2.0. It reuses ordinary web plumbing rather than inventing new transport: HTTP, JSON-RPC 2.0, and Server-Sent Events, with bindings for JSON-RPC 2.0, gRPC, and HTTP+JSON/REST. Discovery happens through the Agent Card, a JSON metadata document published by an A2A server that describes its identity, capabilities, skills, service endpoint, and authentication requirements. One agent reads another's Agent Card, learns what it does and how to authenticate, and delegates. Neither side has to share internal memory, tools, or proprietary logic.

Now the money layers. Here the picture turns from settled to contested.

The Agentic Commerce Protocol (ACP) is the commerce layer: how a shopping agent finds a merchant's catalog and gets through checkout. It is an open standard for programmatic commerce flows between buyers, AI agents, and businesses, developed by Stripe and OpenAI, licensed under Apache 2.0. It covers checkout configuration and initiation plus the secure sharing of payment credentials, and it deliberately leaves businesses as merchant of record, in control of how their products are presented and fulfilled. OpenAI describes ACP as the connective layer between merchants and ChatGPT users, the standard that lets ChatGPT ingest structured catalog data, read merchant inventory, and surface relevant products in context.

AP2 (Agent Payments Protocol) sits one layer lower again. It handles payment authorization, the question of whether an agent can prove a human told it to spend this money, on this thing, up to this amount. Google maintains it under the google-agentic-commerce GitHub organization, with the stated aim of a secure and interoperable future for AI-driven payments. The latest release is version 0.2.0, dated 2026-04-28, shipped as a reference implementation with samples in Python, TypeScript, Kotlin, and Go, licensed under Apache 2.0. The samples use Google's Agent Development Kit and Gemini 3.1 Flash Lite Preview.

Two facts about the money layers belong side by side. Ownership is split: ACP is a Stripe and OpenAI effort, AP2 is a Google effort. AP2 is owned by Google, not Anthropic; Anthropic's lane is MCP, and a prior verification pass found that the URL anthropic.com/news/agent-payments-protocol-ap2 returns HTTP 404. Maturity is split too: ACP already powers ChatGPT's merchant and catalog integration, while AP2 is still at version 0.2.0, a reference implementation rather than a stable release. The commerce layer is being built by several vendors at once, and they have not converged.

Put the four side by side and the asymmetry is the whole story.

The interoperability layers, MCP and A2A, have consolidated. Both started single-vendor. Both moved to the Linux Foundation. Both reached stable, dated releases, MCP spec 2025-06-18 and A2A v1.0.0. Both are Apache-licensed or openly specified, and both have the major platform vendors co-stewarding rather than competing. How an agent reaches its tools, and how agents reach each other, are close to solved.

The money layers, ACP and AP2, have not consolidated. They are vendor-led, Stripe and OpenAI on one side, Google on the other. They sit at different maturity levels, one shipping inside a major consumer surface, the other at version 0.2.0. And they share the field with a wider set of payment and commerce rails that this post does not treat as settled. How an agent buys, and how it proves it was authorized to pay, are still open questions.

So the operator's read is direct. Be fluent at the settled layers, because those are now table stakes: clean, machine-readable context for your tools, an Agent Card so peer agents can discover you, an MCP surface so agents can reach your data under permission, and a clear, human-confirmable action boundary so an agent can never act beyond what a person approved. At the money layer, stay adapter-thin. Do not hard-commit your checkout or payment-authorization logic to any single draft protocol while the field is still moving. Build the confirm step and the authorization boundary as your own first-class concept, then map them onto whichever rail wins, instead of rebuilding your business around a v0.2.0 spec.

Notice what every one of these protocols assumes about the business on the far end of the connection. MCP assumes your tools and data are exposed as clean, governed, machine-readable capabilities. A2A assumes you can publish an honest Agent Card describing what you do and how to authenticate. ACP assumes your catalog is structured enough for an agent to ingest. AP2 assumes there is a real, provable authorization boundary between intent and spend. The protocol fight is upstream plumbing. The business that wins is the one whose facts, permissions, and confirm step are already agent-ready before the plumbing arrives.

That is the layer Origin Pi builds: a governed agentic business layer, a single business brain that holds your facts, permissions, and confirm boundary in machine-readable form, so any of these protocols can plug in without a rebuild. If you want to know how close your business already is, start with agent readiness. The protocols will keep arguing about how money moves. The work that pays off no matter who wins is making your own context governed and ready.

Siddharth Surana is Founder and CEO of Origin Pi.

• MCP is an open protocol standardizing integration between LLM apps and external data and tools; current spec dated 2025-06-18, uses JSON-RPC 2.0, defines Hosts, Clients, and Servers, inspired by the Language Server Protocol.
• MCP was donated by Anthropic to the Linux Foundation-housed Agentic AI Foundation in December 2025, alongside Block and OpenAI as co-donors.
• MCP adoption and CTO-default figures (roughly 97 million monthly SDK downloads, 9,400-plus public servers, 78 percent of enterprise AI teams with at least one MCP-backed agent in production as of April 2026, 67 percent of CTOs naming MCP their default integration standard) are from Origin Pi's State of AI research, May 2026.
• A2A is an open standard for agent-to-agent communication, originally developed by Google and donated to the Linux Foundation, now steered by a Technical Steering Committee with AWS, Cisco, Google, IBM Research, Microsoft, Salesforce, SAP, and ServiceNow.
• A2A latest released version is 1.0.0; supports JSON-RPC 2.0, gRPC, and HTTP+JSON/REST bindings; reuses HTTP, JSON-RPC 2.0, and Server-Sent Events; licensed under Apache 2.0. The Agent Card is a JSON metadata document describing identity, capabilities, skills, endpoint, and authentication.
• ACP is an open standard for programmatic commerce flows between buyers, AI agents, and businesses, developed by Stripe and OpenAI, licensed under Apache 2.0; covers checkout and secure payment-credential sharing; businesses retain merchant-of-record status.
• OpenAI describes ACP as the connective layer between merchants and ChatGPT users, enabling ChatGPT to ingest structured catalog data and surface relevant products in context.
• AP2 is maintained by Google (google-agentic-commerce GitHub org); latest release version 0.2.0 dated 2026-04-28, shipped as a reference implementation with Python, TypeScript, Kotlin, and Go samples, licensed under Apache 2.0; AP2 is owned by Google not Anthropic, and anthropic.com/news/agent-payments-protocol-ap2 returns HTTP 404.