The consensus layer for AI decisions
Pulse runs critical AI decisions through a committee of independent validators instead of trusting a single model. When validators agree, the decision commits. When they disagree, it's blocked, quarantined, and escalated to a human, with the full reasoning trail kept for audit.
The problem we solve
Language models make mistakes. Most are harmless. Some, approving a fraudulent refund, leaking sensitive data, mis-extracting a contract clause, are catastrophic. The traditional defenses (prompt engineering, a single human reviewer) fail in predictable ways:
- Prompt drift, what works today breaks after a vendor update tomorrow.
- Human fatigue, if reviewers rubber-stamp 95% of decisions, the 5% that matter slip through unreviewed.
- No audit trail, when something goes wrong, you can't prove what the model considered.
Our answer: don't trust one model, trust a committee. Make the committee auditable. Only escalate to humans when the committee disagrees.
How it works
When a critical event arrives, Pulse routes it to a small committee of independent AI validators. Each one reviews the proposed decision against your policy and casts a vote. If a majority agrees, the decision is committed and recorded. If not, it's blocked, sent to a Dead-Letter Queue, and a human reviewer gets the full context, the event, every validator's reasoning, the vote breakdown.
- 1
Critical event arrives
An action with real-world consequences, a refund, a triage recommendation, an access grant.
- 2
A committee is selected
Pulse picks a small group of validators from a pool you control. Selection is unpredictable so it can't be gamed.
- 3
Each validator votes
Independent reviewers, different models or different prompts, evaluate the decision against your policy.
- 4
Majority commits, dissent escalates
Agreement commits the decision with a tamper-evident record. Disagreement blocks it and notifies a human.
- 5
Humans teach the system
Every human override is captured by the Learning system, refining future behavior.
Multiple validators, not one
A single LLM can hallucinate. Several independent ones with different prompts and providers are extremely unlikely to hallucinate the same thing.
Selection you can't game
An attacker can't predict which validators will review a given event, so they can't craft a payload that fools just the right ones.
Majority, not unanimity
Requiring full agreement would block too much. Majority catches real errors without blocking on routine disagreement.
Tamper-evident audit trail
Every vote is signed and recorded. You can prove what each validator said about a decision months later.
Human escalation by design
Dissent doesn't fail silently, it produces a reviewable item with full context, not just a stack trace.
Two modes, one platform
Most pipelines run on the fast path. The consensus layer is reserved for decisions where 'close enough' isn't.
Fast path
Sub-millisecond execution, direct agent-to-agent flow, full audit log. The default for ~95% of your automations.
Consensus path
Multi-validator review for the ~5% of decisions that warrant it. Adds a small amount of latency in exchange for safety and provenance.
An agent on the fast path can escalate to the consensus path automatically. Example: routine invoices fly through; an invoice above your chosen threshold (say $10k) triggers committee review before any approval.
Where it earns its keep
Apply the consensus layer to agents whose wrong output would be expensive, financial, medical, security, legal. Skip it for high-volume, low-stakes work.
Financial workflows
- Auto-approving refunds, committee agreement required before money moves.
- Automated trade execution, validators must agree on the thesis before the order fires.
- Invoice approval, extracted amounts re-checked against the original document before posting.
Healthcare
- Triage recommendations, multiple medical-tuned models must agree before a route is suggested.
- Prior-authorisation drafts, wording is checked for misrepresentations of the patient's condition.
Security and compliance
- Phishing classification, sophisticated phishing that fools one model rarely fools several.
- Access-control recommendations, committee agreement required before granting elevated access.
Legal
- Contract clause extraction, the difference between 'A pays B' and 'B pays A' is caught by review.
- Compliance reviews, a 'green light' is logged only when validators concur.
When NOT to use it
- ·High-volume, low-stakes work (auto-tagging emails, categorising feed items), the added latency isn't worth it for decisions whose worst outcome is a minor annoyance.
- ·Decisions where humans would just rubber-stamp everything, that's wasted committee work.
- ·Strictly time-sensitive paths (real-time intervention, HFT), the consensus path adds latency by design.
What can be a validator
Validators come in three flavors. Pulse routes each event to the right kind based on the domain, finance events go to finance validators, medical events go to medical ones, and so on.
AI validators
Language models with a specific reviewing prompt. Typically 3–5 per domain, each on a different provider so they fail independently.
Rule-based validators
Deterministic checks, for example, 'invoices above a threshold must carry a signed approval'. Fast, free, catch many categorical errors.
External tool validators
Validators that call an external system through MCP, like cross-checking a customer's lifetime value before approving a large refund.
Built for audit, not just for safety
Every consensus decision leaves a tamper-evident record: which event, which validators reviewed it, how each one voted, the reasoning each one gave, and the final outcome. Six months later, you can prove exactly what the system considered before it acted.
Post-mortem clarity
When a decision is questioned, the full reasoning is right there, not lost in volatile chat history.
Regulatory ammunition
Auditors prefer 'multiple independent validators agreed before action' to 'we trust the AI'.
Dispute resolution
If a customer challenges an outcome, you have the validator reasoning verbatim, ready to share.
Validators that earn (or lose) trust
Over time, Pulse learns which validators are reliable. When a human overrides a validator, that validator's reputation takes a hit. Validators that flip-flop on similar events get demoted. Equally accurate but cheaper validators are preferred. Poor performers can be retired, manually or automatically, at thresholds you set.
Pulse vs. other AI platforms
Other tools either ship raw frameworks (you build the safety layer yourself) or single-model integrations with no review layer at all. Pulse is the only self-hosted platform shipping the consensus layer as a first-class primitive.
| Capability | Pulse | AI frameworks | Workflow tools |
|---|---|---|---|
| Multiple validators per critical decision | Built-in | Build it yourself | — |
| Tamper-evident audit trail | Built-in | — | — |
| Selection that can't be gamed | Built-in | — | — |
| Dead-letter queue for blocked decisions | Built-in | Build it yourself | — |
| Human escalation on dissent | Built-in | Build it yourself | — |
| Reputation tracking per validator | Built-in | — | — |
| Domain-routed validator pools | Built-in | — | — |
Why it ships on every plan
We deliberately include the consensus layer on every plan, FREE included. Two reasons:
- 1Safety shouldn't be gated. If someone runs an AI agent that can do real damage, they need the validator layer. Charging for it would deny it to the very users who most need it, home users and prosumers.
- 2It's our defining capability. The teams that eventually become ENTERPRISE customers discover Pulse through FREE first. If FREE doesn't include what makes Pulse architecturally unique, we never meet them.
Validators themselves consume tokens from whichever LLM provider you've configured, that cost is yours. The consensus machinery orchestrating them is free.
FAQ
Quick answers on latency, cost, when to turn the consensus layer on, and what happens when validators disagree.