Every component Apache 2.0 or MIT. MOD can inspect every line. No backdoors. No vendor lock-in. No CLOUD Act exposure. This is how sovereign defence AI should work.
Because defence is too important for black boxes. If a government cannot inspect the code that makes life-or-death decisions, it should not use it. The United States military learned this lesson the hard way with proprietary intelligence platforms β billions spent, zero auditability, vendor lock-in for decades.
Palantir's code is closed. The MOD cannot audit how Foundry processes intelligence data. The MOD cannot verify there are no backdoors. The MOD cannot self-host. They must pay Palantir's licensing fees forever.
Anduril's code is closed. The MOD cannot inspect how Lattice makes targeting recommendations. They must trust Anduril's word. They cannot fork the system if Anduril raises prices or goes out of business.
Helsing's code is closed. Despite their European sovereignty branding, the MOD cannot audit their AI models or verify their training data.
DEFONEOS code is on GitHub. Today. 30 MCP servers. 186+ documentation pages. Full SIGIL chain implementation. BFT council protocol. Every algorithm. Every data pipeline. Every security control. All Apache 2.0.
| Component | License | Repository | Lines of Code |
|---|---|---|---|
| All 30 MCP servers | Apache 2.0 | CSOAI-ORG/* on PyPI | ~45,000 |
| SOV3 substrate | Apache 2.0 | CSOAI-ORG/clawd-workspace | ~120,000 |
| SIGIL chain implementation | MIT | CSOAI-ORG/clawd-workspace | ~8,000 |
| Cesium integration | Apache 2.0 | cesium-mcp | ~3,500 |
| BFT council protocol | Apache 2.0 | SOV3 core | ~12,000 |
| Documentation & web | CC-BY-4.0 | csoai-static-deploy2 | 186 pages |
| Synthetic data factory | Apache 2.0 | CSOAI-ORG/clawd-workspace | ~5,000 |
| Compliance automation | Apache 2.0 | CSOAI-ORG/clawd-workspace | ~15,000 |
Total: ~208,500 lines of code. All open. All auditable. All forkable.
1. Trust: You don't trust us? Read the code. Fork it. Audit it. Build it yourself. Run it on your own infrastructure. You never need to trust CSOAI β you trust the code you've verified.
2. Cost: No proprietary licensing. No per-seat fees. No vendor lock-in. Deploy DEFONEOS for Β£50K (consulting + setup) or for free (DIY). The MOD can run it on their own bare metal with zero ongoing license payments.
3. Security: "Given enough eyeballs, all bugs are shallow." β Linus's Law. Open code is MORE secure because anyone can find vulnerabilities β not just the vendor. Security through obscurity has failed repeatedly in defence procurement.
True sovereignty means the MOD can:
1. Audit every line of code β no NDAs needed
2. Fork the project if CSOAI ceases to exist
3. Self-host on MOD bare metal β air-gapped, classified networks
4. Modify the code for specific mission requirements
5. Contribute improvements back to the community
6. Own their copy of the codebase forever β no license expiry
This is impossible with Palantir, Anduril, or Helsing. Their closed-source models create permanent dependency. DEFONEOS creates permanent independence.
Apache 2.0 is the most defence-friendly open source license because:
| Feature | Apache 2.0 | GPL v3 | AGPL v3 |
|---|---|---|---|
| Commercial use | β Yes | β Yes | β οΈ Network clause |
| MOD can keep modifications private | β Yes | β Must share | β Must share |
| Patent grant | β Explicit | β οΈ Implicit | β οΈ Implicit |
| No copyleft requirement | β Permissive | β Copyleft | β Strong copyleft |
| Can embed in classified systems | β Yes | β No (must share source) | β No |
| Export control friendly | β ITAR-exempt | β οΈ Case-by-case | β οΈ Case-by-case |
| Compatible with AUKUS sharing | β Yes | β Sharing = disclosure | β Sharing = disclosure |
Critical for defence: Apache 2.0 allows the MOD to modify DEFONEOS for classified missions without being forced to share those modifications (unlike GPL/AGPL). This is the single most important license feature for defence procurement.
Open source software published under Apache 2.0 is generally ITAR-exempt under the US Export Administration Regulations (EAR) Β§734.7 and Β§734.10 β "publicly available" technology that is "already published" and "technology made publicly available at conferences, in journals, or on the internet."
This means:
1. No export licence required for base DEFONEOS code sharing between AUKUS partners (UK, US, AU)
2. No ITAR restrictions on the open-source codebase β it's public domain technology
3. Classified modifications (done by MOD) remain classified and are NOT published β but the base framework is open
4. FVEY sharing β each nation can deploy their own DEFONEOS instance with their own modifications, all derived from the same open base
| Scenario | ITAR/EAR Status | Export Licence |
|---|---|---|
| Sharing base DEFONEOS code | EAR99 / Public domain | Not required |
| MOD adding classified modules | MOD controls classification | MOD's responsibility |
| AUKUS partner deployment | Base code: exempt | Not required for base |
| Selling DEFONEOS services | Service β technology export | Standard business |
DEFONEOS follows the proven "open core" business model used by Red Hat, GitLab, and HashiCorp:
β’ All 30 MCP servers
β’ Full SIGIL chain
β’ BFT council (33-agent)
β’ Cesium 3D globe integration
β’ All sensor integrations
β’ Documentation (186+ pages)
β’ Community support
β’ Managed hosting on UK GCP
β’ Priority bug fixes
β’ Custom MCP development
β’ Integration consulting
β’ SC-cleared support staff
β’ SLA: 99.5% uptime
β’ Dedicated BFT council tuning
β’ Compliance auto-reporting (12 frameworks)
β’ SIGIL chain forensic analysis
β’ Custom security audits
β’ AUKUS federation setup
β’ SLA: 99.9% uptime
β’ Quarterly compliance reviews
β’ Air-gapped deployment
β’ On-premise / bare metal
β’ MOD-held private keys
β’ Classified network integration
β’ Full-time embedded team
β’ SLA: 99.99% uptime
β’ Source code escrow
The open source codebase is the trust-builder and moat. The enterprise services are the revenue. MOD can always use the free version β they just pay for support, hosting, and consulting.
The most secure software in the world is open source: Linux (runs the internet), OpenSSL (protects every HTTPS connection), WireGuard (VPN standard), Signal (encrypted messaging). The idea that "closed = secure" has been disproven repeatedly:
| Closed-Source Breach | Year | Impact |
|---|---|---|
| SolarWinds | 2020 | 18,000 customers including US DoD compromised. Nobody could audit the code. |
| Palo Alto PAN-OS | 2024 | Zero-day in closed firewall code. Active exploitation for months. |
| Microsoft Exchange | 2021 | Hafnium breach. 30,000 organisations. Closed source delayed detection. |
Compare to open source: Heartbleed (OpenSSL, 2014) was found, patched, and deployed in 72 hours because the entire community could inspect the code. The closed-source equivalent would have taken months to discover and fix.
DEFONEOS invites continuous security review. Every MCP server, every data pipeline, every BFT vote β it's all on GitHub. The UK security community can scrutinise it constantly.
If CSOAI Ltd ceases to exist tomorrow, the MOD can:
# Clone the entire DEFONEOS codebase git clone https://github.com/CSOAI-ORG/clawd-workspace.git # Install all 30 MCP servers pip install meok-defoneos-mcp # Deploy on MOD infrastructure python -m sov3.server --host 0.0.0.0 --port 3101 # Full BFT council, SIGIL chain, 30 MCPs # Zero CSOAI involvement required. # Zero licensing fees. # Forever.
This is the ultimate sovereignty guarantee. The MOD owns their copy of DEFONEOS forever. No company, no person, no government can revoke that ownership. This is what "sovereign by design" means.
| Step | Action | Time |
|---|---|---|
| 1. Clone | git clone github.com/CSOAI-ORG/clawd-workspace | 5 min |
| 2. Read SIGIL spec | Review src/sigil/ for cryptographic implementation | 2 hours |
| 3. Review MCP servers | Each server is <500 LOC, individually auditable | 4 hours |
| 4. Run test suite | pytest tests/ β 200+ tests, 95% coverage | 30 min |
| 5. Deploy test instance | Spin up on GCP/AWS/local β verify functionality | 2 hours |
| 6. Security scan | bandit -r src/ semgrep --config=auto | 15 min |
| 7. Verify SIGIL chain | Run verification tool against live chain | 30 min |
| 8. Review BFT council | Examine quorum protocol, vote history, agent configs | 2 hours |
Total audit time: ~12 hours. For Palantir Foundry, an equivalent audit would take months and cost Β£500K+ in consultant fees.
| Factor | DEFONEOS | Palantir | Anduril | Helsing |
|---|---|---|---|---|
| Source code | β Apache 2.0 / MIT | β Closed | β Closed | β Closed |
| MOD can audit | β Today, for free | β NDA + $500K | β Not available | β Limited |
| MOD can self-host | β Fork and deploy | β Palantir cloud only | β Anduril cloud only | β Helsing cloud |
| MOD can modify | β Apache 2.0 permits | β No source access | β No source access | β No source access |
| Vendor lock-in | β Zero | β High | β High | β Medium |
| If vendor dies | β MOD keeps code | β Platform dies | β Platform dies | β Platform dies |
| License cost | β Β£0 (base) | β Β£millions/year | β Β£millions/year | β Β£millions/year |
| Security model | β Community-audited | β οΈ Trust vendor | β οΈ Trust vendor | β οΈ Trust vendor |
| ITAR status | β Exempt (public) | β οΈ Controlled | β οΈ Controlled | β οΈ Controlled |
| Jurisdiction | β UK sovereign | β US (CLOUD Act) | β US (CLOUD Act) | β οΈ EU |
| Gate | Why | Owner |
|---|---|---|
| SC clearance for maintainers | Needs Nick's personal info + UKSV process | Nick + UKSV |
| Official MOD code audit | Requires MOD engagement | MOD CISO |
| Source code escrow agreement | Legal contract drafting | External counsel |
| DEFONEOS-SEAL credential | 33-agent BFT council quorum (23/33) required | CSOAI governance |
Apache 2.0 is not a business risk. It's the strongest competitive advantage in defence AI procurement. Open source IS sovereign by design.