MPPDOCS
Contact Us →
OverviewWhy MPP?Getting StartedSecurity & TrustBuild with MPPIntegrate MPPComing from MCPFAQGlossary
Migration

Coming from MCP

MCP and MPP Are Solving Different Problems

MCP (Model Context Protocol) defines how AI agents communicate with tools — the message format, the transport, the request-response pattern. MPP operates at a different level: it defines how tools are packaged, verified, distributed, and safely executed.

The two are complementary, not competing. MPP adopts the same communication conventions as MCP. What it adds is the security and governance layer that MCP does not address.

What MCP Leaves Open

MCP connections assume you trust the server you're connecting to. There is no mechanism to verify that the server is who it claims to be, no guarantee it hasn't been modified since you last used it, and no constraint on what it can access once connected.

For personal use or controlled environments this may be acceptable. For enterprise deployments, regulated industries, or any scenario where AI tools operate on sensitive data, these gaps become significant risks.

What You Gain with MPP

Verified authorship

MCP tools are identified by a URL. MPP tools are identified by a cryptographic signature. You can verify not just that a tool is reachable, but that it was produced by a specific, named publisher and has not changed since publication.

Declared permissions

MCP servers run with whatever permissions the server process has. MPP tools declare their permissions in a signed manifest. Users see and approve those permissions before the tool runs. The runtime enforces them. No ambient authority.

Sandboxed execution

MCP tools are live server processes — they run in their own environment but can reach anything that environment allows. MPP tools execute in an isolated container per invocation. What happens inside cannot affect the host. What the tool accesses is bounded by the approved permission set.

Portable packages

MCP tools are server connections — they only work if the server is running. MPP tools are self-contained packages. They can be installed, versioned, and distributed through a registry. They work in any MPP-compatible host without a separate server deployment.

Privacy controls

MPP includes a built-in mechanism for filtering sensitive data from tool outputs before they reach the model. MCP has no equivalent feature.

Governance and auditability

MPP gives organisations a complete picture: which tools are installed, who published them, which version is running, and what permissions they hold. MCP provides none of this natively.

What Stays the Same

If you're familiar with MCP, these concepts carry over directly:

  • Tools are invoked by name with structured parameters and return structured results.
  • The request-response communication pattern is the same.
  • Tool descriptions and parameter schemas work the same way.

Is This a Migration or an Addition?

For many teams, MPP is not a replacement for all MCP usage — it is a step up for tools that need to meet a higher bar. Tools that handle sensitive data, operate in enterprise environments, or are distributed to third parties are strong candidates for MPP.

Get in touch to discuss whether MPP is the right fit for your current tooling setup.