OpenObscure: Open-Source On-Device Privacy Firewall for AI Agents

What OpenObscure Does

OpenObscure is an open-source, on-device privacy firewall for AI agents that sits between your AI agent and the LLM provider. Unlike tools that redact PII by replacing it with placeholders (which breaks LLM reasoning), OpenObscure uses FF1 Format-Preserving Encryption (AES-256) to encrypt PII values before the request leaves your device. The LLM receives realistic-looking ciphertext with the same format but fake values. On the response side, values are automatically decrypted before your agent sees them. Integration requires just changing the base_url to the local proxy.

Key Features

• PII detection: Uses regex + CRF + TinyBERT NER ensemble with 99.7% recall across 15+ PII types
• FF1/AES-256 FPE: Keys stored in OS keychain, nothing transmitted
• Cognitive firewall: Scans every LLM response for persuasion techniques across 7 categories using a 250-phrase dictionary + TinyBERT cascade, aligning with EU AI Act Article 5 requirements on prohibited manipulation
• Image pipeline: Face redaction (SCRFD + BlazeFace), OCR text scrubbing, NSFW filter
• Voice processing: Keyword spotting in transcripts for PII trigger phrases
• Platform support: Rust core, runs as Gateway sidecar on macOS/Linux/Windows or embedded in iOS/Android via UniFFI Swift/Kotlin bindings
• Auto hardware tier detection: Full/Standard/Lite modes depending on device capabilities

Technical Details

The project is licensed under MIT/Apache-2.0 with no telemetry and no cloud dependency. It was developed with Claude AI assistant. The repository is available at https://github.com/openobscure/openobscure, with a demo at https://youtu.be/wVy_6CIHT7A and website at https://openobscure.ai.