Skip to main content
QWED A2A v0.1.0 — The verification gateway for autonomous agent ecosystems. See the repo →

What is QWED A2A?

QWED A2A is a verification interceptor that sits between autonomous agents communicating via Google’s Agent-to-Agent (A2A) protocol. It intercepts every payload, runs deterministic verification, and either forwards or blocks the message — with a signed JWT attestation proving the decision.
“Agents don’t trust each other. QWED verifies for them.”

Why A2A is different from Extensions

Extensions (Finance, Legal, Tax)

Domain-specific guard libraries that verify individual claims — financial math, legal citations, tax rules.

A2A Protocol (This)

Infrastructure-level interceptor that verifies all inter-agent communication — payloads, trust boundaries, and cryptographic attestations.

Core capabilities

Verification Interceptor

Routes payloads to specialized engines — financial math, logic assertions, code security — and blocks hallucinations before they propagate.

Zero-Trust Boundary

Deny-all by default. Agent pairs must be explicitly trusted. Token-bucket rate limiting with automatic eviction of cold pairs.

Crypto Attestations

Every verdict is signed with an ES256 JWT attestation — tamper-proof, auditable, and verifiable by any party in the chain.

Deterministic Engines

Financial verification uses Decimal arithmetic. Logic uses set-based contradiction detection. Code uses regex-hardened pattern scanning.

Quick example

from qwed_a2a.interceptor import A2AVerificationInterceptor
from qwed_a2a.protocol.schema import AgentMessage, PayloadType

interceptor = A2AVerificationInterceptor()

message = AgentMessage(
    sender_agent_id="procurement-agent",
    receiver_agent_id="treasury-agent",
    payload_type=PayloadType.FINANCIAL_TRANSACTION,
    payload={
        "data": {
            "claimed_total": 150.00,
            "line_items": [
                {"description": "Widget A", "amount": 50.00, "quantity": 2},
                {"description": "Widget B", "amount": 25.00, "quantity": 2},
            ]
        }
    }
)

verdict = await interceptor.intercept(message, trace_id="a2a_demo_001")

print(verdict.status)           # "forwarded" ✅
print(verdict.engine_used)      # "finance_guard"
print(verdict.attestation_jwt)  # "eyJhbGciOiJFUzI1NiIs..."

Without A2A vs. With A2A

ScenarioWithout A2AWith A2A
Agent sends wrong totalPropagates to downstream agentBlocked — math hallucination detected
Agent sends os.system() codeExecutes on receiverBlocked — dangerous pattern detected
Agent makes contradictory claimsAccepted silentlyBlocked — logical contradiction caught
Rogue agent floods messagesNo limit — DoS possibleRate-limited — token bucket enforced
Audit trail neededNone — no proof of verificationJWT attestation — cryptographic proof

Architecture at a glance

Next steps

1

Quick Start

Install and run your first verification in 5 minutes. Quick Start →
2

Understand the Architecture

Deep-dive into the pipeline, data flow, and component relationships. Architecture →
3

Configure Trust & Security

Set up zero-trust boundaries, agent allowlists, and rate limits. Trust Boundary →
4

Deploy to Production

Docker, FastAPI gateway, monitoring, and CI/CD integration. Deployment →