Model Context Protocol (MCP) seems to be an effective protocol.

· Bits and Bobs 3/3/25
  • Model Context Protocol (MCP) seems to be an effective protocol.
    • MCP does seem to hit the sweet spot in protocols:
      • Small and simple enough to be easy for people to coordinate on (not much to disagree with).
      • Complex enough to do something non-trivial that otherwise would have lots of room for arbitrary misalignment between collaborators.
        • It doesn't matter which side of the road a country decides to drive on, as long as everyone in the country picks the same side.
    • It looks like Anthropic will be making a registry akin to npm.
      • This totally makes sense for them to do!
      • Being that schelling point in the ecosystem of maintaining the most common registry is a way of establishing strategic power.
        • The namespace everyone knows everyone else uses is a scarce resource.
      • But that power is often fundamentally soft power.
      • The only thing keeping that schelling point active is that everyone agrees that the maintainer of that namespace is being a good actor.
        • After the ecosystem becomes a total gravity well, it's hard for the ecosystem to coordinate around another schelling point, but it's still possible if the owner acts egregiously.
        • Up until that point in the ecosystem, it's very easy for the ecosystem to route around if the owner of the registry exerts too much hard power.[wb]
      • This is a nice strategic bonus for Anthropic but doesn't feel like the central plank of such a heavily capitalized company.
    • MCP is an evolution of the Language Server Protocol (LSP).
      • It's optimized for high-trust local contexts for savvy users willing and able to run local daemons.[wc]
      • The model hits a ceiling if you try to use it to coordinate across network boundaries with less-trusted collaborators.
      • The downside risk is proportional to the multiplication of:
        • 1) The breadth of sources in your context.
        • 2) The power of the tools you've plugged in.
        • The larger the amount of sources you've plugged in, the more likely that one of them contains a prompt injection, and the more powerful the tool use, the worse real world impacts that prompt injection could have.
      • The ceiling of MCP as an approach feels akin to homebrew, greasemonkey, or other high-trust developer tools.[wd]

More on this topic

From other episodes