EU AI Act Article 50 — 20 days to seal | Get passport

DEFONEOS Knowledge Base

Complete architecture documentation, API reference, and developer guides for the UK's sovereign defence AI OS.

📖 Table of Contents 1. System Architecture (7 Layers) 2. MCP API Reference (30 Servers) 3. SIGIL Chain Specification 4. BFT Governance Protocol 5. Knowledge Graph (SPARQL) 6. Deployment Guide 7. SDK & Client Libraries 8. Data Sources & OGL Licensing 9. Event Types & Schema 10. FAQ & Troubleshooting

1. System Architecture — 7 Layers

DEFONEOS is built as a 7-layer sovereign substrate. Each layer is independently deployable, independently auditable, and communicates only through cryptographically signed MCP messages.

7
L7 — Presentation (Vercel)
183 static HTML pages. Dark-themed, SEO-optimized, sub-1s load. No server-side rendering — pure client-side.
Vercel CDN183 HTML pagesCesiumJSChart.jsOAuth2 login
6
L6 — Application (SOV3 Hub :3101)
The sovereign inference hub. Routes queries, manages state, runs the OLM router, exposes 188+ tools via MCP protocol.
FastAPI :3101OLM Router188+ ToolsOllamaZamba (Mamba+Transformer)Intuition Engine
5
L5 — Governance (BFT Council :3200)
33-agent Byzantine Fault Tolerant council. 22-of-33 quorum. HotStuff consensus. Ed25519-signed votes on every significant decision.
BFT 33 agentsHotStuff consensusQuorum: 22/33Ed25519 votesVeto powersCharter enforcement
4
L4 — Audit (SIGIL Chain)
Hash-chained, Ed25519-signed append-only ledger. Every action, every tool call, every vote, every compliance assertion. 49K+ entries. 100-year chain integrity.
SHA-256 hash chainEd25519 signatures49K+ receiptsOrgKernel 3-LayerL1 IdentityL2 ExecutionL3 Compliance
3
L3 — Security (DORADO)
Foreign-access detection, quantum-safe key rotation, bot detector, SOC dashboard, customer audit export. NIST PQC-ready.
DORADOML-DSA-65 (Dilithium)ML-KEM-768 (Kyber)90-day rotationSOC dashboardBot detectorHORUS monitoring
2
L2 — Sensor (30 MCPs)
30 MCP servers across 12 domains. Each pip-installable, Apache 2.0, sovereign. The data ingestion and tool execution layer.
ISR (10)Cyber (5)Compliance (5)Governance (5)UK Open Data (5)
1
L1 — Substrate (GCP VM + Edge)
GCP VM (49GB data moat, 38 cron jobs, King hive). M2 Edge (Ollama 24/7). M4 (inference). ORION (task capture). SSH tunnels between nodes.
GCP VMPostgreSQLSQLite49 GB data38 cron jobsM2 EdgeM4 InferenceSSH tunnels

2. MCP API Reference — 30 Servers

Core Compliance & Governance MCPs

ServerPackageToolsBadgeDescription
eu-ai-act-complianceeu-ai-act-compliance-mcp12COREEU AI Act article-by-article compliance: risk classification, Article 50 watermarking, high-risk audit, prohibited practices
meok-governance-enginemeok-governance-engine-mcp15GOV30-framework governance audit, crosswalks, charter enforcement, policy lab
meok-kingmeok-king-mcp3GOV28-hive king router, MoE+BFT, fan-out queen queries
sov3-bridgesov3-bridge-mcp8COREMulti-persona deliberation, cross-synthesis, strategic verdict
article-50-watermarkingarticle-50-watermarking-mcp3COREEU Digital Omnibus Act watermarking passport issuance + HMAC/Ed25519 verification
meok-mcp-injection-scanmeok-mcp-injection-scan-mcp4SECPrompt injection detection, supply-chain risk, Morris-II worm scan
meok-compliance-passportmeok-compliance-passport-mcp5GOVSigned, portable compliance credential with Ed25519 attestation
federation-compliance-onlyfederation-compliance-only-mcp6GOVEU AI Act, GDPR, HIPAA, SOC2, PCI-DSS, ISO 27001 compliance checks

Sensor & ISR MCPs

ServerPackageToolsBadgeDescription
sentinel-hubsentinel-hub-mcp6DATASentinel-1/2/3 satellite imagery, NDVI, flood detection, change analysis
os-opendataos-opendata-mcp5DATAOrdnance Survey Open Names, Open Rivers, Open Roads, Boundaries
data-gov-ukdata-gov-uk-mcp4DATAdata.gov.uk 60K+ datasets search, download, metadata
companies-housecompanies-house-mcp6DATAUK company registry: search, filing history, officers, PSC
ons-statisticsons-statistics-mcp4DATAONS census, economic indicators, population, employment data
aisstream-maritimeaisstream-maritime-mcp5DATALive AIS vessel tracking, port arrivals, maritime anomaly detection
openaq-airopenaq-air-mcp4DATAGlobal air quality monitoring, PM2.5/NO2/O3, CBRN detection
gdelt-newsgdelt-news-mcp5DATAGDELT OSINT: global news events, conflict tracking, sentiment
rtsp-camerartsp-camera-mcp4DATARTSP IP camera capture, frame extraction, YOLOv8 object detection
mqtt-bridgemqtt-bridge-mcp4DATAMQTT IoT bridge: sensor pub/sub, device management, telemetry

Security & Threat Detection MCPs

ServerPackageToolsBadgeDescription
dorado-foreign-accessdorado-foreign-access-mcp5SECForeign-access attempt detection, IP geolocation, block list
dorado-pqcdorado-pqc-mcp4SECNIST PQC key generation, rotation, verification (ML-DSA, ML-KEM)
dorado-auditdorado-audit-mcp6SECSIGIL chain audit, replay tool, customer report export
dorado-socdorado-soc-mcp5SECSOC dashboard, bot detector, shift handoff, CISO escalation matrix

3. SIGIL Chain Specification

The SIGIL chain is DEFONEOS's append-only, hash-chained, Ed25519-signed audit ledger. Every action by every agent is recorded.

Entry Format

<OP>|<actor>|<target>|<message>|<timestamp>|<prev_hash>|<signature>

Operations (OP codes)

CodeOperationUse Case
CCommandDirect instruction to an agent
PProposalBFT council proposal submission
VVoteBFT council vote (for/against/abstain)
MMemoryMemory write/recall
QQueryInformation request
HHandoffInter-agent task handoff
SStateSystem state change
AAssertionCompliance assertion (L3 OrgKernel)

Chain Integrity

hash(n) = SHA-256(entry_n || hash(n-1))
signature = Ed25519.sign(private_key, hash(n))

Each entry's hash includes the previous entry's hash, making the chain tamper-evident. Any modification to a historical entry invalidates all subsequent hashes. Signatures are verifiable by anyone with the agent's public key (L1 identity registration).

Verification

POST/mcp → sigil_verify_chain
Re-compute every hash, verify every signature, detect tampering across the entire chain.

4. BFT Governance Protocol

Council Composition

Vote Types

TypeThresholdScope
Standard22/33 (67%)Normal operational decisions, tool calls above risk threshold
Supermajority27/33 (82%)Charter amendments, red-line overrides (never used — red lines are immutable)
Unanimous33/33 (100%)DEFONEOS-SEAL credential issuance, new agent admission
Veto1 agentAny single agent can veto a red-line violation. Veto is cryptographic and non-overridable.

Agent Roster (12 Domains)

Compliance · Security · ISR · Swarm · Cyber · Logistics · Medical · Space · Maritime · Land · Air · Civil Resilience — each domain has 2-3 council agents, ensuring no single domain dominates.

5. Knowledge Graph (SPARQL)

DEFONEOS includes a defence-grade semantic knowledge graph. RDF/OWL-compatible. SPARQL-queryable. Entities, relationships, actions, and rules.

Graph Structure

Entities (Objects):

Vessel Aircraft Vehicle Personnel Facility Cyber Asset Satellite Drone Sensor Threat

Relationships (Links):

tracks communicates-with owned-by located-at part-of targets escorts detected-by classified-as responded-to-by

SPARQL Query: Dark Vessel Detection

PREFIX def: <https://defoneos.com/ontology#>
PREFIX rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#>

SELECT ?vessel ?threat ?confidence ?sensor
WHERE {
  ?vessel rdf:type def:Vessel .
  ?vessel def:hasAIS false .
  ?vessel def:detectedBy ?sensor .
  ?vessel def:threatLevel ?threat .
  ?vessel def:confidence ?confidence .
  FILTER(?confidence > 0.85)
}
ORDER BY DESC(?confidence)

SPARQL Query: Multi-Sensor Fusion Track

PREFIX def: <https://defoneos.com/ontology#>

SELECT ?target ?sensor1 ?sensor2 ?sensor3 ?fused_confidence
WHERE {
  ?target def:detectedBy ?sensor1, ?sensor2, ?sensor3 .
  ?sensor1 rdf:type def:RadarSensor .
  ?sensor2 rdf:type def:EOIRSensor .
  ?sensor3 rdf:type def:RFReceiver .
  ?target def:fusedConfidence ?fused_confidence .
  FILTER(?fused_confidence > 0.90)
}

Business Rules Engine

6. Deployment Guide

Quick Start (5 Minutes)

# 1. Clone
git clone https://github.com/CSOAI-ORG/defoneos.git
cd defoneos

# 2. Install
pip install -r requirements.txt

# 3. Generate Ed25519 keypair (L1 Identity)
python -c "from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey; k=Ed25519PrivateKey.generate(); print(k.private_bytes_raw().hex(), k.public_key().public_bytes_raw().hex())"

# 4. Start SOV3 hub
python -m sov3.hub --port 3101 --host 0.0.0.0

# 5. Verify
curl -X POST localhost:3101/mcp -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'

Deployment Modes

ModeNetworkUse CaseComponents
Local DevelopmentlocalhostDev, testing, demosSOV3 hub + Ollama + 5 core MCPs
Production (Cloud)InternetSaaS, commercialFull stack + Vercel + GCP VM + 30 MCPs
Air-GappedNo internetClassified, SCIFFull stack + local models + USB data diode
CoalitionSecure WANFive Eyes, NATOFederated BFT + A2A protocol + STANAG
Edge (Field)Mesh radioTactical edgeM2 Mac + Ollama + essential MCPs + DIL

Environment Variables

SOV3_HOST=0.0.0.0
SOV3_PORT=3101
BFT_COUNCIL_PORT=3200
SIGIL_CHAIN_PATH=/var/defoneos/sigil.jsonl
ED25519_PRIVATE_KEY=<hex>
ED25519_PUBLIC_KEY=<hex>
BFT_QUORUM=22
OLLAMA_HOST=http://localhost:11434
VERCEL_TOKEN=<optional>
DATABASE_URL=postgresql://...

7. SDK & Client Libraries

Python

from defoneos import DEFONEOSClient

client = DEFONEOSClient(host="localhost", port=3101)

# List all tools
tools = client.list_tools()
print(f"{len(tools)} tools available")

# Call a tool
result = client.call("sigil_emit", {
    "line": "C|operator|sov3|begin ISR scan sector alpha-7"
})

# Query the knowledge graph
tracks = client.call("sparql_query", {
    "query": "SELECT ?v WHERE { ?v rdf:type def:Vessel . ?v def:hasAIS false }"
})

# BFT vote
vote = client.call("bft_vote", {
    "proposal": "deploy-counter-drone-jammer-sector-7",
    "choice": "for"
})

JavaScript

import { DEFONEOSClient } from '@defoneos/sdk';

const client = new DEFONEOSClient('http://localhost:3101');

// List tools
const tools = await client.listTools();

// Call a tool
const result = await client.call('sigil_emit', {
  line: 'C|operator|sov3|begin ISR scan sector alpha-7'
});

// Subscribe to SIGIL stream
client.subscribe('sigil', (entry) => {
  console.log('New SIGIL:', entry);
});

curl

# List tools
curl -X POST localhost:3101/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":1,"method":"tools/list"}'

# Call a tool
curl -X POST localhost:3101/mcp \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","id":2,"method":"tools/call","params":{"name":"threat_detect","arguments":{"text":"suspicious payload"}}}'

8. Data Sources & OGL Licensing

DEFONEOS uses exclusively Open Government Licence (OGL) data. No proprietary data, no foreign-sourced classified data, no data without provenance.

SourceTypeLicenceVolume
Ordnance Survey Open NamesGeographicOGL v3~3 GB
Companies HouseBusiness registryOGL v3~12 GB
ONS StatisticsDemographicsOGL v3~4 GB
data.gov.ukMulti-domainOGL v360K+ datasets
Sentinel HubSatellite imageryCopernicus (free)On-demand
AIS StreamMaritime trackingaisstream.io (free tier)Real-time
GDELT ProjectOSINTCC-BY~500 GB
Met OfficeWeatherOGL v3On-demand
OpenAQAir qualityCC-BYGlobal

Total data moat: 49 GB on GCP VM. All OGL/CC-BY. No lock-in.

9. Event Types & Schema

EventTriggerSIGIL OPConsumer
vessel_detectedAIS gap + RF detectionS (State)Cesium COP, ISR pipeline
drone_intrusionRF signature + distance < 500mS (State)Counter-drone module, alert
cyber_threatIDS/SIEM alertS (State)DORADO, incident response
bft_proposalAction above risk thresholdP (Proposal)BFT council
bft_vote_castAgent votesV (Vote)BFT tally, consensus engine
sigil_chain_appendAny actionAllAudit chain
red_line_violationRed-line pattern detectedA (Assertion, compliant=false)Veto, halt, alert
compliance_assertionAction completedA (Assertion)OrgKernel L3, audit export
key_rotation90-day timerS (State)DORADO PQC
foreign_access_attemptNon-sovereign IPS (State)DORADO SOC

10. FAQ & Troubleshooting

Q: How is DEFONEOS different from Palantir Gotham?

A: DEFONEOS is open-source (Apache 2.0), costs £0-£9,999/mo vs Palantir's $50M/year, runs air-gapped, has BFT governance built-in, and every action is cryptographically signed. Palantir is a black box; DEFONEOS is a glass box.

Q: Can DEFONEOS run without internet?

A: Yes. The air-gapped deployment mode runs entirely offline — local Ollama models, local PostgreSQL, local MCPs. Data is transferred via USB with Ed25519 signature verification and quarantine VM processing.

Q: What happens if the BFT council can't reach quorum?

A: The action is deferred. The system enters a safe state — defensive posture, no new actions, existing operations continue with cached parameters. Quorum can be re-established by waking dormant agents or through human override (logged as a SIGIL entry with supermajority requirement).

Q: Is the SIGIL chain quantum-safe?

A: The chain itself uses SHA-256 + Ed25519. DORADO PQC module provides ML-DSA-65 (Dilithium) and ML-KEM-768 (Kyber) for quantum-resistant signatures. The 90-day key rotation ensures forward secrecy even against future quantum adversaries.

Q: Can I contribute an MCP server?

A: Yes. Fork the repo, build your MCP following the integration guide, submit a PR. Every contribution is SIGIL-signed and goes through BFT review.

Q: What's the maximum scale?

A: Tested with 33 agents, 30 MCPs, 188+ tools, 49 GB data. The architecture is horizontally scalable — more agents = more fault tolerance, more MCPs = more sensor coverage, more VMs = more compute. Coalition mode supports cross-organization federation.