OneAIFW is a lightweight, local "AI firewall" designed to anonymize Personally Identifiable Information (PII) and other sensitive data before it's sent to Large Language Models (LLMs), and restore it upon receiving the response. It targets developers and users who need to interact with LLMs securely, preventing data leakage by processing sensitive information locally. The primary benefit is enabling safe LLM integration without compromising user privacy.

How It Works

The project employs a layered, cross-platform architecture centered around a core library written in Zig and Rust. This core engine compiles to both native libraries and WebAssembly (WASM) modules, facilitating use in diverse environments. It implements distinct masking and restoring pipelines. PII detection is achieved through a composite approach: Rust-based regex recognizers and external NER models, with a SpanMerger to refine detected spans. Sensitive data is replaced with generic placeholders (e.g., __PII_EMAIL_ADDRESS_00000001__), and minimal metadata is stored for later restoration. Language bindings include JavaScript (@oneaifw/aifw-js leveraging Transformers.js) and Python (aifw-py). Backend services can be built using FastAPI with Presidio/LiteLLM.

Quick Start & Requirements

• Primary install/run: Clone the repository, build the core library (zig build), install JS workspace dependencies (pnpm -w install), build the JS library (pnpm -w --filter @oneaifw/aifw-js build), and run the web demo (cd apps/webapp && pnpm dev). A Python backend service and CLI are available in py-origin/. Docker images are provided for running as a service.
• Prerequisites: Zig 0.15.2, Rust toolchain (stable) + Cargo, rustup target add wasm32-unknown-unknown, Node.js 18+ and pnpm 9+, Python 3.10+ (for py-origin).
• Links: Demo website: oneaifw.com. Browser extension sample: browser_extension/. Python backend/CLI: py-origin/README.md.

Highlighted Details

• Cross-platform core engine (Zig/Rust) compiles to native and WASM.
• In-browser PII masking capabilities via Transformers.js integration.
• Backend service options include FastAPI with Presidio/LiteLLM integration.
• A full end-to-end demo website (oneaifw.com) showcases the project's functionality.

Licensing & Compatibility

The license type is not explicitly stated in the provided README text, which requires clarification for adoption decisions, especially concerning commercial use or closed-source linking.

Limitations & Caveats

Strict version requirements are listed for build tools (Zig 0.15.2, Node.js 18+, pnpm 9+, Python 3.10+), potentially impacting compatibility. The py-origin backend is noted as "legacy" in the Docker section, suggesting a potential shift in focus. Model preparation for JavaScript NER may necessitate manual configuration or enabling online model downloads. License information is absent.