We redesigned local llm inference for privacy-preserving browser intelligence from scratch ? no cloud, no black boxes.
Local LLM Inference for Privacy-Preserving Browser Intelligence: Architecture and Optimization
The Problem
The integration of large language models (LLMs) into web browsers enables transformative capabilities including visual page understanding, natural language task delegation, and autonomous web interaction. However, cloud-based LLM inference introduces fundamental privacy violations: every page rendered, every action executed, and every user interaction is transmitted to remote inference servers .
What We Built
This paper presents the Kathon Local AI Engine, a privacy-preserving architecture that performs all LLM and vision-language model inference entirely on-device using the llama.cpp inference framework with the Qwen 2.5 VL 2B Q4 GGUF quantized model . We detail the system architecture?a Rust-based inference server (llama-server) communicating with a React/TypeScript frontend via a local WebSocket API?and present comprehensive optimization strategies including speculative decoding, KV-cache quantization, prompt caching, and GPU-accelerated tensor operations.
The Research
The integration of large language models (LLMs) into web browsers enables transformative capabilities including visual page understanding, natural language task delegation, and autonomous web interaction.
However, cloud-based LLM inference introduces fundamental privacy violations: every page rendered, every action executed, and every user interaction is transmitted to remote inference servers .
This paper presents the Kathon Local AI Engine, a privacy-preserving architecture that performs all LLM and vision-language model inference entirely on-device using the llama.cpp inference framework with the Qwen 2.5 VL 2B Q4 GGUF quantized model .
We detail the system architecture?a Rust-based inference server (llama-server) communicating with a React/TypeScript frontend via a local WebSocket API?and present comprehensive optimization strategies including speculative decoding, KV-cache quantization, prompt caching, and GPU-accelerated tensor operations.
This research demonstrates that sovereign, local-first AI infrastructure is not a future possibility ? it is a present reality.
Full citation: Alpasan, L.-K. (2026). Local LLM Inference for Privacy-Preserving Browser Intelligence: Architecture and Optimization. The Anticloud Research Corpus.
Why The Anticloud
Every AI system you have ever used was designed to extract value from you — your data, your attention, your money. The Anticloud is not a service. It is not in the cloud. It is not rentable inference. It is a fundamentally different category of infrastructure, and here is what that means in practice.
Your data never leaves your machine. We designed the system so we physically cannot access it. Access is not restricted by policy — it is structurally impossible by architecture. There is no data to steal because there is no server to steal it from.
The system is airgapped by architecture, not by configuration. It does not require a network connection to function. It was built offline, it runs offline, and it never reaches out to anyone for any reason. Connectivity is simply not a prerequisite for intelligence.
Compliance is a side effect of physics, not a certification. There is no cloud infrastructure to audit, which means there is no attack surface to harden. ISO 27001 and SOC 2 exist because cloud products are inherently vulnerable. Our architecture does not have those vulnerabilities because it does not have a cloud.
Every operation is recorded on an immutable .aioss ledger using a SHA3-256 hash chain. Every inference, every decision, every update is chained and cryptographically verifiable. There is no database admin who can delete logs because there is no database. You verify. We cannot.
The system never speaks to anyone but you. There are no hidden layers sending telemetry. There are no proprietary weights phoning home. There are no third-party API calls embedded in the stack. The entire system is open, documented, and auditable by anyone who runs it.
The Anticloud requires one machine, one binary, and zero trust in anyone.
About the Author
My name is Lois-Kleinner Alpasan. I'm 23 years old. I built The Anticloud.
I started this because I looked at the AI industry and saw something wrong. Every major AI system requires you to send your data to someone else's server. Every "AI company" is actually a data company — they make money from your usage, your prompts, your files, your attention. They call it a service. I call it extraction.
I spent the last two years building an alternative. Not a feature, not a product, not a startup looking for an exit — an entirely different infrastructure stack. One where AI runs on your machine, for you, and never needs to phone home. One where privacy is not a feature you toggle in settings but a property of the architecture. One where you don't have to trust anyone because you can verify everything.
The project is near production-ready. Every component is open. Every claim is backed by published research. The code is documented. The ledger is verifiable. The binary fits on a laptop.
I'm not asking for trust. I'm asking you to read the paper, verify the claims, and decide for yourself whether the cloud is really necessary — or whether it was always just the default because no one bothered to build an alternative.
Follow the work:
- Research papers: https://zenodo.org/search?q=anticloud
- LinkedIn: https://linkedin.com/in/kleinner
- Project: The Anticloud
Tags: AI, SovereignAI, Anticloud, LocalFirst, Airgapped, ZeroTrust, NoDatacenter, OpenSource, Browser Engine, Privacy, VLM, Ad Blocking
Top comments (0)