v0.1.5 — Self-prompting + Adversarial probing functional

Self-prompting and adversarial probing promoted skeleton → functional. Both designed via Quorum consensus (dogfooding). Scorecard now 10/0/3.

v0.1.4 — Phase 1 loops functional (Hebbian, meta-learner, competition)

Promoted 3 evolution loops from skeleton/partial to functional. Each loop's design decisions were taken via the Quorum engine itself (dogfooding). Loop scorecard now: 8 functional / 0 partial / 5 skeleton (was 5/2/6 in v0.1.3). See docs/AUDIT_FINDINGS_v0.1.4.md for the updated honest scorecard.

v0.1.3 — landing page + A/B + synthetic data loops

What's new:

• Landing page at / (was 404; lost ~9 cold visitors before this fix)
• A/B testing loop promoted skeleton to functional (Wilson lower bound, /v1/ab/feedback endpoint)
• Synthetic data loop promoted skeleton to functional (opt-in JSONL ingest at confidence > 0.85)
• Loop scorecard updated: 5 functional / 2 partial / 7 skeleton (was 3/2/9 in v0.1.2)
• See docs/AUDIT_FINDINGS_v0.1.2.md (will be superseded by v0.1.3 audit in next cut)

v0.1.2 — Pro £49 pivot + self-audit honest disclosure

v0.1.2 — Pro £49 pivot + self-audit honest disclosure

Two days ago I ran Quorum against its own source. The thing I built to catch what unit tests miss caught two things my unit tests missed: a deprecated Gemini embedding endpoint that was about to 404, and a stale __version__ string. v0.1.1 fixed those. v0.1.2 ran the same audit one level deeper — at the security/billing/consensus-core layer — and the honest scorecard is now committed under docs/AUDIT_FINDINGS_v0.1.2.md.

What changed

Pricing pivot — Pro £49/mo as the headline tier

• README, landing page (quorum-ai.dev), and Show HN copy all re-cut to lead with Pro £49/mo for solo devs, indie hackers, and agency engineers.
• Free is now a small sandbox row. Team / Enterprise / Compliance moved to "talk to us — jaqueline@hsp-protocol.com".
• BYOK ("Quorum never proxies your provider keys") promoted to the section intro on every surface.
• Billing module: pro is now the first key in TIERS (Python insertion order guarantees next(iter(TIERS)) yields Pro); new DEFAULT_TIER, get_default_tier(), list_tiers(self_serve_only=...) public API; contact_sales: bool on TierConfig so any contact-sales tier routes to the sentinel (not just Enterprise).

Self-audit — 5 high-severity findings fixed

• H-1 Gemini API key moved from URL query string to x-goog-api-key header. URL is no longer in proxy access logs or httpx.HTTPError.request.url.
• H-2 Anthropic provider sanitises upstream error bodies — UTF-8 replace errors handler, CR/LF stripped — to block log injection and codepoint corruption.
• H-3 OpenAI provider wraps the entire request path in structured exception handling; no more raw KeyError/JSONDecodeError past the provider boundary.
• H-4 consensus() now raises ValueError on prompts >32 kB; provider responses truncated to 16 kB before embedding and before vector-memory ingest. Closes the prompt-amplification attack that could fan out one oversized request into N provider bills + 2N embeddings + 1 permanent memory write.
• H-5 Stripe webhook verification delegates to stripe.Webhook.construct_event when the SDK is available; hand-rolled HMAC is now only the dev/test fallback. Also: SHA-256 email idempotency key on Customer.create closes the at-least-once retry TOCTOU window.

Full findings: quorum/docs/AUDIT_FINDINGS_v0.1.2.md

Honest loop classification — 13 self-evolution loops

The README originally implied all 13 were live. They aren't. Real status at v0.1.2:

• Functional (3): memory (Loop 1), router (Loop 4), RLHF (Loop 6).
• Partial (2): hebbian (Loop 7), meta-learner (Loop 10).
• Skeleton (9): A/B, adversarial, architecture search, competition, distillation, federated, self-prompt, synthetic data, bootstrap.

Each is enumerated in the audit findings doc with file path, LOC, and what's missing for v1.0.

Why this matters

Anthropic, OpenAI, and Google cannot ship a multi-vendor consensus engine without commoditizing their own answer as one vote among several. A solo team can. That is the entire wedge. Pricing Pro at £49/mo for solo devs is the cheapest way to test whether that wedge has a market — and disclosing the gap between "13 loops shipped" marketing and "3 functional, 2 partial, 9 skeleton" reality is the cheapest way to test whether honesty has one.

Live

• https://quorum-ai.dev (DNS still propagating in some regions)
• Origin: https://quorum-api-86770458722.europe-west2.run.app/v1/healthz

Install

pip install quorum-consensus

License

• Engine: Apache 2.0.
• HSP transport layer: PCT/US26/11908 with commercial-use carve-out in LICENSE-HSP. Self-host, fork, audit, ship internal tools — permitted. Resell the consensus protocol as a service — talk to me.

Outstanding for v1.0.0

Punch list in docs/AUDIT_FINDINGS_v0.1.2.md under Open blockers. Highlights: meta-learner first (Loop 10 is the highest-leverage skeleton because the other 8 produce its training data), per-tier size caps, per-class Hebbian shards, learned RLHF reward model, Quorum-on-Quorum CI job.

---

Generated with the same tool the release describes. Quorum eats its own dog food.

Quorum v0.1.0 — 13 evolution loops + Stripe billing + FastAPI

Quorum v0.1.0

First tagged release. Sets the public API surface and billing path. v0.0.1 was an internal preview and is not upgrade-safe.

Highlights

• 13 evolution loops as composable primitives — each runs standalone, returns a typed result, and chains without glue code.
• Single-process server: HTTP + SSE streaming, no broker, no queue required.
• Stripe-metered billing with idempotent webhooks and per-key usage caps.
• HSP reference implementation (patent-pending) backing the synthesis and consensus loops.
• pip install quorum ships the SDK and a local-mode runner. First loop call in under a minute.

Breaking changes from v0.0.1

• quorum.run() now returns LoopResult, not a bare dict. Use .value for the old payload.
• Config moved to ~/.config/quorum/config.toml. The YAML loader is removed.
• /v0/invoke is gone. Use /v1/loops/{name}:invoke. v0 routes return 410.
• Loop names are lowercase-with-hyphens. Camel-case names from v0.0.1 will not resolve.

What's in this release

Foundation
Typed loop registry, deterministic run IDs, structured error envelopes, OpenTelemetry traces on every invocation, deterministic seeds for replay.

Evolution Loops (13)
Thirteen independently versioned loops. Run solo or chain via quorum.chain([...]). Each loop has a typed input/output schema and is registered by lowercase-hyphenated name.

Server
FastAPI app, SSE for streaming results, graceful shutdown, request-scoped tracing. Endpoints: /v1/loops, /v1/loops/{name}:invoke, /v1/runs/{id}, /healthz.

Billing
Stripe metered billing per loop invocation. Idempotent webhook ingestion (replay-safe), per-key monthly caps, rolling usage export. Local dev bypasses Stripe; set QUORUM_BILLING=stripe to enable.

HSP
Reference implementation of the Hyper-Synthesis Protocol used by the synthesis and consensus loops. Wire format frozen for v0.1; semantics may shift before v0.2 — see roadmap.

How to try

pip install quorum

curl -X POST https://api.quorum.dev/v1/loops/consensus:invoke \
  -H "Authorization: Bearer $QUORUM_KEY" \
  -H "Content-Type: application/json" \
  -d '{"input":"your prompt here"}'

Roadmap to v0.2

• Persistent run history with deterministic replay (quorum runs replay <id>). Today: in-memory only.
• Multi-tenant key scoping with org-level rate limits. Today: single-tenant.
• HSP wire format v1.0 with a published conformance suite — stable across implementations, not just this one.

Patent

HSP is covered by pending application PCT/US26/11908. Filing: https://patentscope.wipo.int/search/en/detail.jsf?docId=PCT/US26/11908