openmoe-bft

Every expert is a safety expert. Byzantine-fault-tolerant consensus for Mixture-of-Experts routing, plus a 9-module EU-AI-Act / A2A compliance toolkit.

Apache-2.0 Python 3.10+ stdlib-only core 183 tests MCP server included

pip install openmoe-bft

What it is

A standard MoE gate picks an expert with a single trainable router — and a single compromised or buggy router can silently misroute a token to an unsafe expert. openmoe-bft wraps the routing decision in a Byzantine-fault-tolerant (BFT) consensus protocol: the decision is fanned out to N router replicas, their proposals are hashed and voted, and the token is dispatched only when a 2f + 1 quorum agrees (f = floor((n - 1) / 3)). No quorum, no dispatch.

On top of consensus, openmoe-bft absorbs nine cleanroom modules into one toolkit for governing and certifying agentic AI systems — the consensus layer and the OpenScore 14-safety-expert governance layer of the open-source OpenMoE-BFT stack.

The 9 modules

BFT consensus

2f+1 quorum over router replicas; BFTRouter, BFTLedger, quorum arithmetic. No quorum, no dispatch.

Robust aggregation

Coordinate-wise median, trimmed mean, Krum / Multi-Krum for numeric router-logit fusion. Up to f adversaries can't move the winner.

Debate consensus

Proposers argue over rounds; positions refine, then the BFT ledger decides. Any LLM backend plugs in.

EU AI Act checks

19 conformity checks across Articles 9-15 of Regulation (EU) 2024/1689; severity-weighted compliance report.

Cryptographic receipts

Hash-chained, tamper-evident receipts (HMAC-SHA256, optional Ed25519). Seal and verify any decision offline.

Hierarchical memory

L0-L3 pyramid (raw → facts → scenarios → persona) with an overnight dream() consolidation pass.

Covenants & trust

Agents pre-commit to allowed actions; breaches degrade a web-of-trust reputation score.

Red-team orchestration

Pluggable attack-strategy registry that probes a target and scores its resilience (0..1 risk score).

A2A compliance

Validate A2A Agent Cards against the EU AI Act and the 14 OpenScore safety experts; seal the verdict.

Install

pip install openmoe-bft            # core: zero runtime dependencies (stdlib only)
pip install "openmoe-bft[mcp]"     # + MCP transport for expert registration
pip install "openmoe-bft[x402]"    # + x402 per-consensus / per-expert-call paywall
pip install "openmoe-bft[ed25519]" # + Ed25519 receipt signing

Quickstart

from openmoe_bft import BFTRouter, NoConsensusError

experts = {1: lambda tok: f"EU AI Act expert handled {tok}"}

def a(t): return 1
def b(t): return 1
def c(t): return 1
def d(t): return 2   # outvoted Byzantine replica

router = BFTRouter(experts, replicas=[a, b, c, d])  # n=4, f=1, quorum=3
decision = router.route("token-42", session_id="req-1")
assert decision.consensus and decision.dispatched

MCP server

openmoe-bft ships a FastMCP server over the streamable-http transport (default endpoint http://localhost:8000/mcp). Any MCP-aware agent (Claude Desktop, Cursor, Smithery) can call the compliance tools directly.

pip install "openmoe-bft[mcp]"
python -m server      # serves streamable-http on :8000/mcp
ToolWhat it does
evaluate_eu_ai_actScore conformity evidence against the EU AI Act checks; returns a severity-weighted ComplianceReport.
validate_agent_cardValidate an A2A Agent Card against the 14-safety-expert coverage contract and EU AI Act scoring.
red_team_scanRun the canonical adversarial strategy sweep against a target; return a RedTeamReport with a 0..1 risk score.
bft_quorumCompute Byzantine fault tolerance (f) and quorum size (2f+1) for an n-node cluster.

FAQ

What is openmoe-bft?

A Python package that adds Byzantine-fault-tolerant consensus to Mixture-of-Experts (MoE) routing, bundled with a 9-module EU AI Act / A2A compliance toolkit. It is the consensus + safety-expert layer of the open-source OpenMoE-BFT governance stack by MEOK AI Labs.

How does it make MoE routing Byzantine-fault-tolerant?

Each routing decision is fanned out to N router replicas; their proposals are hashed and voted, and a token dispatches only when a 2f+1 quorum agrees, where f = floor((n-1)/3). A minority of compromised or buggy routers cannot misroute a token.

Does it require GPUs or heavy ML dependencies?

No. The core library is stdlib-only and runs anywhere Python 3.10+ runs. The MCP server adds the MCP SDK; x402 and Ed25519 are optional extras.

Can I use it as an MCP server for EU AI Act compliance?

Yes. Install the [mcp] extra and run the streamable-http server; it exposes evaluate_eu_ai_act, validate_agent_card, red_team_scan, and bft_quorum as MCP tools.

What license is it under?

Apache-2.0, © 2026 MEOK AI Labs.