I’m a student developer building Verantyx, a native macOS IDE solving a core dilemma in AI coding: We need the reasoning power of frontier models like Claude 4.7 Opus, but cannot legally or ethically leak proprietary source code, hardcoded secrets, or core business logic to their APIs.
With the industry worried about losing "tacit knowledge" to AI, I built an architecture where the human retains ultimate control over semantics, while the AI is relegated strictly to structural logic patching.
To achieve this, I built the "Gatekeeper" architecture. Before code leaves your local Apple Silicon machine, a Rust core parses the AST and converts it into "JCross IR"—a custom intermediate topology. It deterministically masks high-value identifiers (e.g., calculateTax() becomes [Symbol_A]()) while preserving structural logic and control flow.
The Cloud LLM receives this obfuscated puzzle, writes a patch, and returns it. The local Rust vault then maps the IR patch back to your original source code.
The Tech Stack & Architecture
• Core (Rust): Handles the zero-copy memory vault, deterministic JCross IR generation, and AST parsing. The mapping dictionary is held strictly in local memory and never leaves the machine.
• Frontend (Swift): Native macOS UI. Achieves 0-latency state sync (a 1-frame toggle response) between "Raw Code View" and "AI's JCross IR View" without heavy disk I/O.
• The VS Code Bridge: To support LSPs without Electron's memory bloat, I built a background Node.js Extension Host communicating via JSON-RPC. Managing state synchronization between the Swift UI, the Rust Vault, and the Node.js host to prevent race conditions during reverse-compilation was an absolute nightmare.
The Gatekeeper Flow
1. Request: User prompts the Swift UI for a refactor.
2. Obfuscation: Rust converts the file to JCross IR, locking the mapping dictionary in local memory.
3. Transmission: Swift sends only the JCross IR to the Cloud LLM.
4. Reasoning: The LLM processes the obfuscated topology and returns an IR patch.
5. Restoration: Rust uses the local dictionary to reverse-compile the IR patch back into raw code.
6. Approval: Swift presents a Diff UI to the user for final approval.
Honest Trade-offs & Limitations
• Semantic Loss Penalty: Blinding the AI to domain-specific context (e.g., it doesn't know [Symbol_A] means "DB Connection String") occasionally leads to syntactically correct but logically flawed code.
• AST Topology Destruction: This is the most critical issue. When given complex instructions, frontier models sometimes hallucinate and destroy the AST topology of the obfuscated IR. When the structure is broken, the Rust vault cannot match it to the dictionary, causing reverse-compilation to fail and blocking the write.
• API Cost Overhead: Processing obfuscated IR requires deeper reasoning steps and more tokens.
• Lack of Quantitative Audits: As an independent project, enterprise-grade security audits to quantify the exact "leakage reduction rate" have not yet been performed.
I built this from scratch by vibe-coding alongside AI agents. I’d love to hear your thoughts on this approach to semantic leakage and AST obfuscation.
gus_massa•1d ago
Remember, two enters
to get a new paragraph.
kofdai•1d ago
Thanks for the heads-up! Since I'm new here, I didn't realize the formatting rules and ended up missing the 2-hour edit window. I've replied to my original comment with the properly formatted version. I appreciate the help!
I’m a student developer building Verantyx, a native macOS IDE solving a core dilemma in AI coding: We need the reasoning power of frontier models like Claude 4.7 Opus, but cannot legally or ethically leak proprietary source code, hardcoded secrets, or core business logic to their APIs.
With the industry worried about losing "tacit knowledge" to AI, I built an architecture where the human retains ultimate control over semantics, while the AI is relegated strictly to structural logic patching.
To achieve this, I built the "Gatekeeper" architecture. Before code leaves your local Apple Silicon machine, a Rust core parses the AST and converts it into "JCross IR"—a custom intermediate topology. It deterministically masks high-value identifiers (e.g., calculateTax() becomes [Symbol_A]()) while preserving structural logic and control flow.
The Cloud LLM receives this obfuscated puzzle, writes a patch, and returns it. The local Rust vault then maps the IR patch back to your original source code.
The Tech Stack & Architecture
- Core (Rust): Handles the zero-copy memory vault, deterministic JCross IR generation, and AST parsing. The mapping dictionary is held strictly in local memory and never leaves the machine.
- Frontend (Swift): Native macOS UI. Achieves 0-latency state sync (a 1-frame toggle response) between "Raw Code View" and "AI's JCross IR View" without heavy disk I/O.
- The VS Code Bridge: To support LSPs without Electron's memory bloat, I built a background Node.js Extension Host communicating via JSON-RPC. Managing state synchronization between the Swift UI, the Rust Vault, and the Node.js host to prevent race conditions during reverse-compilation was an absolute nightmare.
The Gatekeeper Flow
1. Request: User prompts the Swift UI for a refactor.
2. Obfuscation: Rust converts the file to JCross IR, locking the mapping dictionary in local memory.
3. Transmission: Swift sends only the JCross IR to the Cloud LLM.
4. Reasoning: The LLM processes the obfuscated topology and returns an IR patch.
5. Restoration: Rust uses the local dictionary to reverse-compile the IR patch back into raw code.
6. Approval: Swift presents a Diff UI to the user for final approval.
Honest Trade-offs & Limitations
- Semantic Loss Penalty: Blinding the AI to domain-specific context (e.g., it doesn't know [Symbol_A] means "DB Connection String") occasionally leads to syntactically correct but logically flawed code.
- AST Topology Destruction: This is the most critical issue. When given complex instructions, frontier models sometimes hallucinate and destroy the AST topology of the obfuscated IR. When the structure is broken, the Rust vault cannot match it to the dictionary, causing reverse-compilation to fail and blocking the write.
- API Cost Overhead: Processing obfuscated IR requires deeper reasoning steps and more tokens.
- Lack of Quantitative Audits: As an independent project, enterprise-grade security audits to quantify the exact "leakage reduction rate" have not yet been performed.
I built this from scratch by vibe-coding alongside AI agents. I’d love to hear your thoughts on this approach to semantic leakage and AST obfuscation.
gus_massa•1d ago
> e.g., calculateTax() becomes [Symbol_A]()
I expect AI to guess it. For example here in Argentina the equivalent of the VAT is 21%, so I expect that if the AI see round(x*1.21, 2) will be enough (I'm not sure it's the correct rounding, this is not accounting advice :) .)
kofdai•2d ago
gus_massa•1d ago
to get a new paragraph.
kofdai•1d ago
I’m a student developer building Verantyx, a native macOS IDE solving a core dilemma in AI coding: We need the reasoning power of frontier models like Claude 4.7 Opus, but cannot legally or ethically leak proprietary source code, hardcoded secrets, or core business logic to their APIs.
With the industry worried about losing "tacit knowledge" to AI, I built an architecture where the human retains ultimate control over semantics, while the AI is relegated strictly to structural logic patching.
To achieve this, I built the "Gatekeeper" architecture. Before code leaves your local Apple Silicon machine, a Rust core parses the AST and converts it into "JCross IR"—a custom intermediate topology. It deterministically masks high-value identifiers (e.g., calculateTax() becomes [Symbol_A]()) while preserving structural logic and control flow.
The Cloud LLM receives this obfuscated puzzle, writes a patch, and returns it. The local Rust vault then maps the IR patch back to your original source code.
The Tech Stack & Architecture
- Core (Rust): Handles the zero-copy memory vault, deterministic JCross IR generation, and AST parsing. The mapping dictionary is held strictly in local memory and never leaves the machine.
- Frontend (Swift): Native macOS UI. Achieves 0-latency state sync (a 1-frame toggle response) between "Raw Code View" and "AI's JCross IR View" without heavy disk I/O.
- The VS Code Bridge: To support LSPs without Electron's memory bloat, I built a background Node.js Extension Host communicating via JSON-RPC. Managing state synchronization between the Swift UI, the Rust Vault, and the Node.js host to prevent race conditions during reverse-compilation was an absolute nightmare.
The Gatekeeper Flow
1. Request: User prompts the Swift UI for a refactor.
2. Obfuscation: Rust converts the file to JCross IR, locking the mapping dictionary in local memory.
3. Transmission: Swift sends only the JCross IR to the Cloud LLM.
4. Reasoning: The LLM processes the obfuscated topology and returns an IR patch.
5. Restoration: Rust uses the local dictionary to reverse-compile the IR patch back into raw code.
6. Approval: Swift presents a Diff UI to the user for final approval.
Honest Trade-offs & Limitations
- Semantic Loss Penalty: Blinding the AI to domain-specific context (e.g., it doesn't know [Symbol_A] means "DB Connection String") occasionally leads to syntactically correct but logically flawed code.
- AST Topology Destruction: This is the most critical issue. When given complex instructions, frontier models sometimes hallucinate and destroy the AST topology of the obfuscated IR. When the structure is broken, the Rust vault cannot match it to the dictionary, causing reverse-compilation to fail and blocking the write.
- API Cost Overhead: Processing obfuscated IR requires deeper reasoning steps and more tokens.
- Lack of Quantitative Audits: As an independent project, enterprise-grade security audits to quantify the exact "leakage reduction rate" have not yet been performed.
I built this from scratch by vibe-coding alongside AI agents. I’d love to hear your thoughts on this approach to semantic leakage and AST obfuscation.
gus_massa•1d ago
I expect AI to guess it. For example here in Argentina the equivalent of the VAT is 21%, so I expect that if the AI see round(x*1.21, 2) will be enough (I'm not sure it's the correct rounding, this is not accounting advice :) .)