How EMILIA Protocol compares

Full landscape

The agent action-governance landscape

EMILIA vs HumanLayer, Tenet, CIBA/WorkOS, and the IETF Delegation Receipt Protocol — what each does well, and the few things that are genuinely EMILIA's. Honest, conceded strengths included.

OAuth

EMILIA Protocol vs OAuth

Why scoped tokens authorize the session but not the action — and what to layer on top for AI agents and high-value workflows.

MCP Authorization

MCP authorization is necessary but not sufficient

MCP authorization gates which tools an agent can call. EP gates whether the specific call about to execute was approved by a named human.

Audit Logs

Trust receipts vs audit logs

Audit logs detect after the breach. EP trust receipts prove authorization before the action executes — cryptographic, offline-verifiable.

Fraud Detection

Pre-action authorization vs post-action fraud detection

Detection finds bad actions after they execute. Pre-action authorization stops them before. Why detection alone is the wrong primitive for irreversible actions.

Permit.io

EMILIA Protocol vs Permit.io

Permit.io authorizes what an agent may do (RBAC/ABAC/ReBAC). EP adds a named human signoff before the irreversible action, plus an offline-verifiable receipt. Complementary, not competing.

Human-in-the-Loop

EMILIA Protocol vs DIY human-in-the-loop

A Slack or email approval is a click and a log line. EP makes the signoff bound to the exact action, replay-resistant, and provable offline — without you maintaining the plumbing.

HumanLayer

EMILIA Protocol vs HumanLayer

HumanLayer is excellent approval plumbing — route a tool call to Slack or email. EP binds the signoff to the exact action and mints an offline-verifiable receipt. Convenience vs cryptographic evidence.