Agent Reference Architecture Layers — An open standard for persona-centric AI agent architectures.
"In ARAL, the persona is not a configuration—it IS the agent."
ARAL defines a 7-layer persona-centric architecture for AI agents, where:
- Persona = Agent Identity: The persona embodies who the agent is, what it can do, and how it behaves
- Cryptographic Provenance: Every action traces back to a signed persona
- Dynamic Evolution: Agents can hot-swap personas and collaborate in multi-persona teams
- Standards Compliant: ISO 42001, EU AI Act, GDPR, NIST AI RMF, and 15+ major standards
ARAL provides clear separation of concerns, security by design, and interoperability standards.
┌─────────────────────────────────────────┐
│ L7 Protocol Interoperability │
├─────────────────────────────────────────┤
│ L6 Orchestration Multi-agent coord │
├─────────────────────────────────────────┤
│ L5 Persona Identity & contract │
├─────────────────────────────────────────┤
│ L4 Reasoning Logic & decisions │
├─────────────────────────────────────────┤
│ L3 Capabilities Available actions │
├─────────────────────────────────────────┤
│ L2 Memory State & context │
├─────────────────────────────────────────┤
│ L1 Runtime Execution & resources│
└─────────────────────────────────────────┘
| Profile | Layers | Use Case |
|---|---|---|
| ARAL-CORE | L1–L5 | Standalone autonomous agent |
| ARAL-ORCH | L1–L6 | Multi-agent orchestration |
| ARAL-INTEROP | L1–L7 | Cross-system interoperability |
# Validate an agent manifest
npx @aral-standard/validator ./agent-manifest.json
# Install Python SDK (Production-Ready: L1-L7)
pip install aral-standard
# TypeScript/JavaScript - Use reference examples
cd examples/typescript
# Go - Use reference examples
cd examples/go| Language | Status | Layers | Notes |
|---|---|---|---|
| Python | ✅ Production-Ready | L1-L7 | 93% test coverage, 249 passing tests |
| TypeScript/JS | 📚 Reference Examples | L1-L7 | See examples/typescript |
| Go | 📚 Reference Examples | L1-L7 | See examples/go Planned for v1.3.0 |
| Rust (Planned) | 🔜 Coming in v1.3.0 | - | Community contributions welcome |
| Java (Planned) | 🔜 Coming in v1.3.0 | - | Enterprise support planned |
Note: TypeScript and Go currently provide reference implementations only. Full SDK packages are planned for v1.3.0. Python SDK is production-ready with full L1-L7 support.
| Resource | Description |
|---|---|
| Specification | Full normative specification |
| Implementation Guide | Quick start guide |
| Standards Compliance | ISO, NIST, EU AI Act mapping |
| Integration Scenarios | Real-world use cases |
| Resource | Description |
|---|---|
| Persona as Agent Identity | 🆕 Philosophy & architecture |
| Persona Hot-Swapping | 🆕 Dynamic identity transformation |
| Multi-LLM Orchestration | 🆕 Weighted blending & coordination |
| Examples | Reference persona implementations |
| JSON Schemas | Validation schemas |
| Architecture Diagrams | Visual documentation |
| FAQ | Frequently asked questions |
| Document | Requirements | Status | v1.2.0 |
|---|---|---|---|
| ARAL-CORE | 83 | ✅ | +15 🆕 |
| ARAL-PROTOCOL | 40 | ✅ | +14 🆕 |
| ARAL-SECURITY | 60 | ✅ | |
| ARAL-PRIVACY | 35 | ✅ | |
| ARAL-STANDARDS-COMPLIANCE | 15+ standards | 🆕 | New! |
| ARAL-INTEGRATION-SCENARIOS | 10 scenarios | ✅ | |
| ARAL-CONFORMANCE | 7 | ✅ | |
| Total Requirements | 220 | +24 |
- Persona IS the Agent: Paradigm shift where persona embodies agent identity
- Hot-Swapping: Dynamic persona transformation without restart
- Multi-Persona Orchestration: 6 coordination modes (blend, chain, debate, consensus, override, parallel)
- Advanced Multi-LLM Routing: Sophisticated model selection and aggregation
- Cryptographic Identity: Ed25519 signatures for verifiable provenance
- Specialized: Task-based routing (brainstorming → claude-opus, refinement → sonnet)
- Cost-Optimized: Prefer cheaper models with budget limits
- Quality-First: Always use highest quality models
- Latency-First: Fastest response for real-time applications
- Consensus: Query multiple models, require agreement
- Best-of-N: Query multiple models, select best based on criteria (creativity, coherence, etc.)
- Ensemble: Combine strengths of multiple responses
- Weighted Blend: Ponderation with custom weights (e.g., GPT: 80%, Claude: 20%)
- Consensus: Require agreement between models
- llm_specific prompts: Customize prompts per model
- config_override: Per-provider temperature, tokens, etc.
- routing_rules: Map tasks to specialized models
- cost_optimization: Budget limits, prefer cheaper options
- latency_optimization: Max response time, timeout handling
Full compatibility with Persona Configuration Language v2.1.0:
- ✅ Advanced llm_config with providers array
- ✅ Per-provider configuration (weight, priority, fallback, config_override)
- ✅ Routing strategies beyond simple ponderation
- ✅ Aggregation methods with selection criteria
- ✅ Cost and latency optimization
- See creative-specialist.json for full example
Fully compliant with 15+ major standards:
- ✅ ISO/IEC 42001:2023 (AI Management System)
- ✅ ISO/IEC 23894:2023 (AI Risk Management)
- ✅ NIST AI RMF 1.0
- ✅ EU AI Act (2024) - High-risk AI ready
- ✅ OWASP Top 10 for LLM (All mitigated)
- ✅ OpenAI Model Spec, Anthropic Constitutional AI
- ✅ PCL v2.1.0 (Persona Configuration Language)
- See full compliance mapping
- +29 Requirements: 196 → 226 total requirements (L4: +6 for advanced routing)
- Multi-LLM Support: OpenAI, Anthropic, Azure, Google, Cohere with 9 routing strategies
- Advanced Aggregation: 6 methods (first, best_of_n, weighted_blend, majority_vote, consensus, ensemble)
- Enhanced Schema: llm_config, llm_specific prompts, routing_rules, optimization settings
Since v1.1.0: ARAL includes comprehensive GDPR compliance capabilities through the ARAL-PRIVACY-1.0 specification.
Full implementation of all GDPR data subject rights:
- ✅ Right to Access - Request and export personal data
- ✅ Right to Rectification - Correct inaccurate data
- ✅ Right to Erasure - "Right to be Forgotten"
- ✅ Right to Data Portability - Export in machine-readable formats
- ✅ Right to Restriction - Limit processing operations
- ✅ Right to Object - Object to specific processing
- ✅ Right to Withdraw Consent - Revoke previously given consent
- ✅ Right to Human Review - Challenge automated decisions
- ✅ Right Not to be Profiled - Opt-out of automated profiling
Enterprise-grade privacy controls:
- 🛡️ Cross-Border Data Transfer - Adequacy checks and safeguards
- 🚨 Breach Notification - 72-hour GDPR compliance system
- ⏰ Data Retention Management - Automated lifecycle policies
- 🔒 Privacy by Design - Built-in privacy from the ground up
- 📋 DPIA Support - Data Protection Impact Assessments
- 📄 Privacy Policy Generation - Template-based policy creation
- 📊 Audit Logging - Comprehensive activity tracking
- Tests: 188 total (35 privacy + 153 core)
- Coverage: Full GDPR compliance coverage
- Specification: ARAL-PRIVACY-1.0 complete (35 requirements)
- Status: ✅ Production-ready
📖 Read the full specification for technical details and implementation guidance.
Test Coverage: 93.34% (249/249 tests passing)
Total Tests: 249 passed
Coverage: 93.34% (1337 statements, 89 missed)
Layers: L1-L7 fully tested
Providers: OpenAI, Anthropic, Mock
Test Time: 23.72s
| Layer | Coverage | Tests | Status |
|---|---|---|---|
| L1: Runtime | 89% | 30+ | ✅ |
| L2: Memory | 91% | 46+ | ✅ |
| L3: Capabilities | 98% | 30+ | ✅ |
| L4: Reasoning | 98% | 25+ | ✅ |
| L5: Persona | 93% | 33+ | ✅ |
| L6: Orchestration | 94% | 30+ | ✅ |
| L7: Protocol | 94% | 15+ | ✅ |
| Full Integration | - | 40+ | ✅ |
Required Coverage: 85% (Target: ✅ 93.34%)
Status: 8 JSON schemas validated against 188+ test vectors
- ✅ envelope.schema.json
- ✅ persona.schema.json
- ✅ capability.schema.json
- ✅ manifest.schema.json
- ✅ policy.schema.json
- ✅ trace.schema.json
- ✅ error.schema.json
- ✅ action.schema.json
For detailed test reports, see implementations/python/README.md
We use GitHub Flow — a simple, branch-based workflow.
Quick Start:
- Read our Code of Conduct
- Sign the Contributor License Agreement
- Follow the Contributing Guide
- Review GitHub Flow Guide (5-minute read)
- For major changes: RFC Process
Resources:
- 📖 Quick Flow Guide — Visual workflow in 5 steps
- 📋 Detailed Branch Strategy — Complete documentation
- 🔧 Development Setup
- 💡 RFC Template
| Document | Purpose |
|---|---|
| Steering | SC, TOC, SIGs structure |
| IPR Policy | Intellectual property |
| Versioning | Release policy |
| Purpose | Contact |
|---|---|
| General | info@aral-standard.org |
| Security | security@aral-standard.org |
| Conduct | conduct@aral-standard.org |
| AI Ethics | ai-ethics@aral-standard.org |
| Content | License |
|---|---|
| Source Code | Apache 2.0 / MIT |
| Specifications | CC BY 4.0 |
| Code of Conduct | CC BY-SA 4.0 |
ARAL is a trademark of IbIFACE.
© 2026 IbIFACE — https://aral-standard.org
