Direct answer
A practical ModelBreeder system has two separated paths: a request path that routes work to safe model specialists, and an evolution path that creates, evaluates, and releases descendants. The request path must not be able to rewrite the evaluator, registry policy, or release gates.
System overview
The reference architecture supports two distinct paths: the request path, which answers user or system tasks, and the evolution path, which changes the model population. They share telemetry and registry data but have different permissions and latency expectations.
Request path
- A gateway validates the request contract, identity, jurisdiction, and risk tier.
- The router filters models by capability, compatibility, permissions, and current resource budget.
- One specialist, a cascade, or a small coalition runs in isolated execution contexts.
- A judge or deterministic validator checks candidate outputs when the task requires it.
- The response includes a trace identifier, selected lineage, confidence, and policy decision.
- Telemetry is appended to the evidence stream after sensitive fields are minimized.
Evolution path
- Evidence curation identifies failure clusters, cost pressure, drift, or new capability demand.
- The candidate factory executes an allowlisted mutation operator against signed parents.
- Candidates are packaged immutably and registered as
candidateartifacts. - Independent evaluation runs task, robustness, safety, and resource suites.
- The viability controller compares candidates with the current ecology and no-op.
- Approved candidates enter shadow, canary, progressive, and champion stages.
- Lineage, approvals, deployment evidence, and rollback targets are appended throughout.
Core components
| Component | State authority | Candidate write access | Critical invariant |
|---|---|---|---|
| Gateway | Request policy | None | Reject malformed or unauthorized work. |
| Router | Runtime selection state | Read-only candidate metadata | Select only eligible packages. |
| Specialist runtime | Ephemeral execution state | Its own sandbox only | No policy or evaluator mutation. |
| Judge / evaluator | Evidence and verdicts | None | Independent from candidates. |
| Registry | Artifact and metadata records | Controlled pipeline | Immutable versions and signed manifests. |
| Candidate factory | Temporary build workspace | Declared parents and output directory | Bounded operator and resources. |
| Viability controller | Structural decision record | No direct artifact mutation | No-op always admissible. |
| Release controller | Deployment aliases and traffic weights | Approved packages only | Rollback remains valid. |
| Governance service | Hard policy | Human-administered only | Candidates cannot expand authority. |
Data boundaries
Separate content data, training data, evaluation data, operational telemetry, and governance data. A model that can see hidden holdout labels can optimize them. A model that can write governance data can alter its own constraints. Use distinct credentials, storage locations, encryption keys, and audit streams.
Failure containment
Every runtime invocation has a deadline, memory ceiling, network policy, tool allowlist, and output-size limit. Coalition fan-out is capped. When the judge is unavailable, the system either uses a pre-approved direct path or fails closed according to task risk; it does not silently bypass evaluation.
Reference request algorithm
FUNCTION handle_request(request)
context <- GATEWAY_VALIDATE_AND_CLASSIFY(request)
eligible <- REGISTRY_QUERY(
capability = context.capability,
contract = context.contract_version,
jurisdiction = context.jurisdiction,
risk_tier = context.risk_tier
)
route <- ROUTER_PLAN(eligible, context, RESOURCE_LEDGER.current())
outputs <- EXECUTE_PLAN_IN_ISOLATION(route, context)
verdict <- APPLY_REQUIRED_GATES(outputs, context)
IF verdict.accepted
result <- ASSEMBLE_RESPONSE(verdict.selected_output)
ELSE
result <- EXECUTE_APPROVED_FALLBACK(context, verdict)
END IF
APPEND_TRACE(context, route, outputs, verdict, result)
RETURN result
END FUNCTIONStart smaller than the diagram
A first implementation can collapse several components into one process while preserving logical boundaries. Use separate classes, credentials, directories, and immutable records even if they run on one host. Physical distribution can follow when scale or trust requires it.
Source reports used for this guide
These reports are preserved verbatim in the site archive. The guide above is an editorial synthesis and may narrow, qualify, or reorganize claims from the source material.