← All tools
AI Agents

Pilot Protocol

Open-source P2P network for AI agents, with permanent addresses and installable capability apps

Open-source peer-to-peer overlay network purpose-built for agent-to-agent communication, with permanent addresses and per-peer trust. Niche but well-scoped, free under AGPL-3.0.

Screenshot of the Pilot Protocol website

Pilot Protocol is peer-to-peer networking specifically shaped for agent-to-agent communication rather than a general VPN retrofitted for the job. The premise is that AI agents, especially long-running ones, need to be addressable, discoverable, and secure without a static IP or a central broker in the middle.

Who it’s for

Founders and small teams building agentic products that involve more than one agent talking to another. Distributed agent workflows, marketplaces of agents, and long-running background workers that need to survive redeploys and moves across clouds. If you’re running everything on a single VM you probably don’t need this yet. Once you have agents on more than one machine, or in more than one cloud, it starts earning its keep.

What it does well

The permanent address model is the core idea. Every agent gets a virtual address that stays with it through restarts, IP changes, and moving between hosts or providers. That removes a class of brittleness you’d otherwise handle with your own service discovery or hardcoded endpoints.

The trust model separates membership from authorisation. Joining the network doesn’t mean everyone on it can talk to you, unlike a VPN where being on the same subnet is treated as trust. Instead, every pair of agents that want to communicate does an explicit handshake first. That’s the right default for agentic systems where you don’t want a compromised agent to have lateral reach across the whole network.

NAT traversal is built in. STUN, hole-punching, and a relay fallback happen automatically, so agents on residential connections, behind corporate firewalls, or on ephemeral cloud instances are reachable without standing up bastion hosts or reverse tunnels.

The capability app store is where the vision extends beyond networking. Agents can discover installable apps that expose typed JSON-in/JSON-out endpoints, then call them by name rather than by URL. If it catches on it’s a route to a genuine agent-to-tool ecosystem, though whether that ecosystem materialises is the open question.

Where it’s the wrong fit

If you’re trying to expose a local development server to the internet with auto-HTTPS so you can share a preview link, this isn’t that tool. ngrok or Cloudflare Tunnel do that better, and the Pilot team say so themselves.

If you want a managed VPN with a GUI and no command-line work, look elsewhere. Pilot is CLI-first and expects you to be comfortable with configuration files and terminal commands. Tailscale is the obvious drop-in for the managed-GUI use case.

It’s also a young project. Smaller ecosystem, fewer battle-tested deployments, and the AGPL-3.0 licence will scare off some commercial adopters. Worth knowing which one of those you are before you build on it.

Where it sits alongside other tools

Versus Tailscale and ZeroTier, Pilot is narrower and more opinionated. The two mesh VPNs are more general purpose and more mature; Pilot is purpose-built for agent-to-agent workflows and adds a capability discovery layer they don’t. Pick Pilot if the agent-native model is what you’re after, or Tailscale if you want a well-supported mesh VPN for general infrastructure.

Versus the Model Context Protocol and other agent-communication standards, Pilot works at a different layer. MCP defines how agents call tools; Pilot defines how agents reach each other over the network. They’re compatible in principle rather than competitive.

What we like

  • Permanent virtual addresses that survive restarts, IP changes, and cloud migrations
  • Built-in NAT traversal via STUN, hole-punching, and relay fallback, no extra infrastructure required
  • Explicit per-peer handshakes for trust, rather than the implicit trust of joining a VPN
  • Installable app store for discovering and calling typed JSON-in/JSON-out capability apps
  • Open source under AGPL-3.0, written in Go with zero external dependencies

What to watch

  • Not an ingress tool, doesn't replace ngrok or Cloudflare Tunnel for exposing local dev servers
  • CLI-first, not for teams wanting a managed GUI-first VPN experience
  • Newer project with a smaller ecosystem than mature alternatives like Tailscale or ZeroTier

Try Pilot Protocol

Free · Free tier available.

Visit Pilot Protocol →