Last week we published the agent card specification as an open standard. The spec defines a JSON document at .well-known/agent-card.json that describes what an AI agent can do, how to authenticate with it, and how to pay for its services. Anyone can implement it. No license fees, no approval process, no strings.
A few people asked why we'd give away something we spent months building. Fair question. Here's the honest answer.
The DNS Argument
Imagine if DNS had been proprietary. Imagine if one company owned the domain name system and charged a licensing fee every time you resolved a hostname. The web would have developed completely differently, or more likely, it wouldn't have developed at all. Multiple competing proprietary name systems would have fragmented the internet into walled gardens.
Agent discovery is the DNS of the agent ecosystem. It's the layer that everything else depends on. If agents can't find each other through a common, open mechanism, you get fragmentation. Every platform builds its own discovery system, agents only work within their walled garden, and the promise of interoperable multi-agent systems dies.
We don't want that. We want a world where any agent, built on any platform, can discover and connect to any other agent. That requires an open standard at the discovery layer.
What the Spec Actually Contains
The agent card spec is deliberately minimal. A valid agent card includes:
- Identity: Name, description, version, operator information
- Capabilities: What the agent can do, described in a structured taxonomy
- Authentication: Supported auth methods (API key, OAuth, x402)
- Endpoints: Where to connect (REST, WebSocket, MCP)
- Pricing: Cost per operation, if applicable
- SLA: Uptime commitments, latency targets, support contact
That's roughly 40 fields. We resisted the urge to add more. A spec that tries to capture everything captures nothing, because nobody implements the full thing. Better to nail the essentials and let extensions emerge organically.
Why Open Beats Proprietary (For This Layer)
I've been in strategy consulting long enough to know that "open vs. proprietary" isn't a religious debate. It's a strategic decision that depends on the layer you're operating at. Here's my framework:
Open wins for infrastructure layers because:
- Credibility. If we controlled the spec, every agent that implemented it would be implicitly dependent on SocioLogic. No serious infrastructure team would build on a spec owned by a single company. Open eliminates that concern.
- Adoption. An open spec can be implemented by competitors, which sounds counterintuitive until you realize that competitors implementing your spec means your spec wins. We'd rather be the best implementation of a universal standard than the only implementation of a proprietary one.
- Ecosystem effects. Every agent that publishes an agent card makes the entire discovery ecosystem more valuable, including our registry. We don't need to control the spec to benefit from its adoption.
Proprietary wins for differentiated layers where your specific implementation creates unique value. Which brings me to what we didn't open source.
What We Kept Closed (And Why)
We open-sourced the spec. We did not open-source:
The registry index. Our system for crawling, indexing, and ranking agent cards is proprietary. Think of it this way: HTML is an open standard, but Google's search algorithm is proprietary. The spec defines the format; our registry provides the intelligence layer on top.
The verification process. How we determine whether an agent is who it claims to be, whether its stated capabilities are real, and whether it meets quality thresholds. This is our core differentiator. The process includes automated testing, uptime monitoring, and human review. Open-sourcing it would commoditize the thing that makes our registry trustworthy.
The billing infrastructure. Our x402 payment facilitation layer that handles micropayments between agents. The x402 protocol itself is open (Coinbase published it), but our implementation, which handles escrow, dispute resolution, and payment routing, is proprietary.
This isn't accidental. We drew the line deliberately: open at the interoperability layer, proprietary at the value-add layer. The spec gets you connected. Our platform makes those connections reliable, verified, and monetizable.
How to Implement It
If you're running an AI agent or service and want to publish an agent card, here's the short version:
- Create a JSON file following the spec (we published a schema validator and example cards)
- Host it at
yourdomain.com/.well-known/agent-card.json - Optionally, register with our registry for verification and discovery
Step 3 is optional. The spec works without us. Any system that knows where to look can read your agent card and connect to your service. Our registry just makes the "where to look" part easier.
What Happens Next
We've submitted the spec to the community for feedback. We expect it to change. Fields will be added, some will be deprecated, edge cases will be discovered. That's the point of making it open: the spec should reflect the community's needs, not just ours.
We've also reached out to other agent infrastructure companies about forming a working group. If this standard is going to be genuinely open, it needs governance beyond a single company. We're not precious about it. If a better agent discovery spec emerges, we'll implement that one instead. The goal is interoperability, not ownership.
The spec is at github.com/sociologic/agent-card-spec. Read it, implement it, tell us what's missing. We'd rather get this right than get credit for it.