SLIM Communication
SLIM (Secure Low-Latency Interactive Messaging) is MeetLoyd's universal transport for all agent-to-agent communication. Every message between agents -- whether within the same team, across teams, or across organizations -- routes through SLIM with MLS encryption and uniform audit.
SLIM Is Always On
SLIM is not an opt-in feature. It's the communication layer for all agents:
| Scenario | Example | Transport Mode | Encryption |
|---|---|---|---|
| Same team | Sales Rep to Sales Manager | In-process (0.1ms) | MLS group key |
| Different teams | Sales Rep to Marketing Lead | In-process (1ms) | MLS group key |
| Different apps | Sales App to HR App | Local routing | MLS group key |
| Different organizations | Your Agent to Partner's Agent | Federation bridge | MLS + mTLS |
You don't need to "enable" SLIM. All agent communication tools (ask_question, send_message, request_handoff, request_escalation, request_recalibration) automatically route through SLIM with encryption and audit logging.
Why Cross-App Uses SLIM
A key design decision: cross-app communication uses the same security model as cross-org communication. Here is why:
- Security boundaries -- Apps represent distinct security boundaries with potentially different compliance requirements. Data isolation between apps is a feature.
- Progressive trust -- SLIM enables graduated trust:
internal:hr-app(cross-app, higher implicit trust) vsexternal:partner-corp(cross-org, explicit trust required). - Testability -- Same-tenant cross-app is a staging ground for cross-org. Same code path, same security model. Bugs found in cross-app testing apply to cross-org.
How SLIM Works
Your tenant may have multiple apps (workspaces). Agents within the same app communicate via A2A. When an agent needs to reach an agent in a different app -- or in a different organization entirely -- the message routes through SLIM.
Your Tenant (Sales App) ← SLIM internal → Your Tenant (HR App)
Your Tenant (Sales App) ← SLIM external → Partner Tenant (Partner App)
Organization Format
SLIM uses prefixed identifiers:
| Format | Description | Example |
|---|---|---|
internal:{appSlug} | Cross-app (same tenant) | internal:hr-app |
external:{tenantSlug} | Cross-org | external:partner-corp |
Permission Hierarchy
SLIM checks permissions at four levels. The most restrictive setting wins.
Tenant (CISO kill switch) --> Project (scope boundaries) --> Team (bulk settings) --> Agent (fine-grained control)
If SLIM is disabled at the tenant level, no SLIM communication happens for the entire organization -- regardless of project or agent settings.
Cross-Organization Federation
SLIM federation enables agents to communicate across MeetLoyd instances and with external AGNTCY SLIM nodes.
How Federation Works
- Your agent sends a message to a cross-org target
- SlimHub detects the external organization and routes through the Federation Bridge
- Bridge looks up the trust relationship for that organization
- Bridge issues a SPIFFE JWT-SVID scoped to the remote trust domain
- Message is sent via HTTPS (REST) or gRPC (AGNTCY protocol)
- Remote instance verifies the SVID, checks permissions, and delivers to the target agent
Transports
| Transport | Protocol | Best For |
|---|---|---|
| HTTPS (default) | REST + SVID Bearer token | MeetLoyd-to-MeetLoyd, A2A-style |
| gRPC | AGNTCY DataPlane (Connect/HTTP2) | External AGNTCY SLIM nodes |
Encryption
- AES-256-GCM -- Default encryption for all messages
- MLS (RFC 9420) -- Optional group encryption for multi-party federation sessions, negotiated during session handshake
Circuit Breaker
Each trust relationship has an automatic circuit breaker. After repeated failures, the circuit opens and stops sending for a cooldown period. This prevents cascading failures when a remote instance is down and automatically recovers when it comes back.
Audit Trail
All federation messages are logged with sender and target identities, trust relationship used, transport type, latency, and success/failure status.
Best Practices
Enable only what is needed. Begin with outbound-only to specific agents, then expand as trust is established.
Do not enable SLIM tenant-wide. Enable it per project so each project has its own security boundary.
Before integrating with external partners, test SLIM between two apps in your own tenant. Same code path, lower risk.
All SLIM communications are logged. Review audit logs regularly, especially for cross-org interactions.
Next: Learn about Process Orchestration for complex multi-agent workflows.