cloudNein

cloudNein: The Local-First Privacy Airlock

cloudNein is a hybrid intelligence agent that proves you don’t have to trade privacy for frontier reasoning. By using Cactus Compute to run FunctionGemma 270M natively on-device, we’ve built a “Privacy Airlock” that scrubs or encrypts sensitive data before it ever touches a network cable.

The Stack

• Runtime: Cactus SDK (Native on-device inference).
• Edge Brain: FunctionGemma 270M (Local tool-calling & entity extraction).
• Cloud Brain: Gemini 3 Flash (High-velocity strategic reasoning).
• Security: Fernet symmetric encryption + Dockerized “Server Farm” for secure enrichment.
• Interface: React + Vite + TypeScript.

---

The Routing Logic

Every message starts at the edge. FunctionGemma parses the intent and extracts sensitive entities (People, Projects, Financials) locally.

1. Local-Only: If the task is simple and data is sensitive, Cactus serves the response 100% offline.
2. Encrypted Tunnel: If a secret key is set, PII is Fernet-encrypted on-device and sent to a secure container for private enrichment + Gemini reasoning.
3. Redacted Fallback: If no key exists, PII is replaced with placeholders (e.g., <PERSON_A>) before hitting Gemini. The device “de-masks” the response locally so the user sees the original names, but Google never does.

Why Cactus is Load-Bearing

Without Cactus, privacy is an afterthought. To protect data in a cloud-only world, you have to send it to the cloud first just to ask, “Is this sensitive?” cloudNein flips the script: privacy is enforced at the point of origin. If FunctionGemma doesn’t clear it, it doesn’t leave the machine.

---

Description Option 2:

cloudNein — a privacy-first chat interface that runs FunctionGemma 270M on-device via Cactus Compute to extract entities (company names, people) from user messages before anything leaves the machine. When entities are detected and a secret key is set, their values are Fernet-encrypted and sent to a secure server farm container that decrypts, enriches from a local knowledge base, and calls Gemini. Without encryption, entities are replaced with placeholders before reaching Gemini, then restored locally. If on-device confidence is high and no sensitive entities are present, the response is served entirely locally — no network call.

Stack: Cactus Python SDK, FunctionGemma 270M (on-device tool calling), Gemini Flash (cloud reasoning), FastAPI, Fernet symmetric encryption, Docker Compose (server farm), React + Vite + TypeScript (web UI).

Routing logic: Every message hits FunctionGemma locally first. Tool calls extract entities. Sensitivity determines the path: local-only, encrypted server farm, or redacted Gemini fallback. The UI shows source badges, detected entities, and encrypted values for full transparency.

Why Cactus is load-bearing: Entity extraction must happen locally to know what to protect before any data crosses a network boundary. Without on-device FunctionGemma via Cactus, privacy guarantees do not exist — you’d need to send raw messages to the cloud just to identify what’s sensitive.

n/a - team and idea formed on the spot