← Back to Portfolio
Private AI Journal OS

Personal Project

Private AI Journal OS

RustTauriReactSQLiteHugging Face

Overview

A privacy-first, local-offline AI journaling application built on a local-first architecture based on the model of an operating system. It utilizes a hybrid RAG (Retrieval-Augmented Generation) pipeline, seamlessly merging encrypted journal memory with local workspace context.

Role

Sole Engineer

Problem

Standard AI-assisted writing tools rely on cloud APIs, compromising the privacy of highly personal journal data. Furthermore, relying purely on quantized local models introduces hardware constraints, where querying extensive historical data triggers out-of-memory (OOM) failures or context truncation.

Solution

Engineered a desktop application using Tauri and Rust. Implemented a RAG pipeline utilizing a local all-MiniLM-L6-v2 model via the candle framework to pre-calculate semantic relevance and inject only mathematically relevant text chunks into the prompt. A background Rust thread intercepts prompts to redact sensitive PII tokens locally before transmitting heavy generation tasks to the Groq cloud API.

Architecture

A Tauri-based desktop architecture utilizing a unified encrypted SQLite vault for storage, and a standalone background daemon for asynchronous workspace file ingestion.

Key Design Decisions

  • Rust kernel manages memory safety and hardware-accelerated machine learning inference.
  • Data is stored in a locally compiled SQLite database (vault.db), encrypted at rest using a Master Password via magic_crypt.
  • Local PII redaction using the candle framework executed entirely on-device before cloud transmission.
  • Zero-knowledge cloud keys ensure third-party credentials (like Supabase and Groq keys) are dynamically AES-encrypted, leaving no hardcoded secrets in the binary.
  • Standalone Rust daemon handles workspace file discovery, semantic chunking, and pure-Rust vector indexing without blocking the main UI thread.
  • Custom hybrid synchronization push/pulls encrypted ciphertext to a Supabase PostgreSQL remote target without decrypting data in transit.

Challenges

  • Preventing main-thread deadlocks during resource-intensive operations, requiring delegation to the tokio async runtime.
  • Managing Supabase Free Tier constraints, specifically the 500 MB database limit which is heavily consumed by pgvector embeddings.
  • Assembling budget-aware contexts to merge journal text and workspace text cleanly without blowing out the LLM context window.

Impact

  • Delivered a fully private AI journaling tool that enforces a zero-trust, local-first security model.
  • Successfully orchestrated a zero-C-dependency hybrid retrieval system using raw BLOB storage in standard rusqlite.
View on GitHub
← PreviousSpace Invaders Game EngineNext →Distributed File Retrieval Engine