Architecture & status

The full system, with honest labels.

Eight components, one explicit sensitive-data contract, three honest status colors: live in production, working prototype, and roadmap. What's green here is what judges can verify today.

Live · runs in CI & production Prototype · code exists, not on partners yet Roadmap · spec only
01. Component map

Three lanes, one explicit data flow.

Local · device or NGO

Runs entirely on the user's hardware. The hub never sees this lane.

Live
01 · runtime
DueCare Runtime
Local Gemma 4 inference loop with grep-rule injection, retrieval, and tool dispatch.
Live
02 · harness
Kaggle Harness
Reproducible notebook judges open to verify grounded behavior end-to-end.
Live
03 · eval
Eval Suite
Adversarial probes: hallucination, jailbreaks, citation faithfulness, refusal calibration.
Sibling
08 · mobile
Worker Mobile
On-device Android app. Built outside this repo by the DueCare mobile group.
↑ Local Gemma 4 anonymization; only sanitized signals cross ↑ k-anon ≥ 30 · no PII · audit-logged

Public hub · duecare-ai.com

Coordinates anonymized signals into curated knowledge. Nothing else.

Prototype
04 · exchange
Anonymized Exchange
Anonymized-pattern signal queue with k-anon floor. Off by default per deployment.
Prototype
05 · monitor
Public Research Monitor
Watches public legal & regulatory sources; drafts pack updates for human review.
Prototype
06 · trainer
Pack Trainer
Compiles vetted corridor & jurisdiction packs from curated public material.
Hub
— · gate
PII review gate · bidirectional
Local Gemma 4 anonymizes before submission; the server detector rejects raw PII, enforces k-anon, and scrubs public-source proposals before they enter any pack. Audit-logged either way.

Deployments · partners

Read vetted packs back. Never write upstream identifiable data.

Roadmap
07 · channels
Deployment Channels
Versioned NGO & government distribution. Specced for 2026 H2 partner pilots.
Read-only
— · ngo
NGO copilot pull
Caseworker app pulls vetted pack; runs DueCare locally on a triage laptop.
Read-only
— · regulator
Regulator dashboard pull
Aggregate trend view. Never receives individual case data.
Roadmap
— · platform
Platform safety webhook
Recruitment platforms run listings against grep rules pre-publish.
02. Data flow & PII handling

What crosses, what stays.

Local

Worker / NGO / Regulator

A real person on a real device asks a question.

+ message text + names, IDs, photos + corridor & sector context
signal only →
k-anon ≥ 30
Hub

Anonymized Exchange

Receives only anonymized patterns. Stores nothing else.

+ pattern_id (e.g. fee_request) + corridor (e.g. qa-np) + sector (e.g. construction) – no message text – no names, IDs, photos
← vetted pack
versioned
Deployment

Local deployments

Pull updated knowledge packs back into local runs.

+ corridor pack v2026.05.06 + jurisdiction rules + source citations

Raw worker chats, case files, IDs, contact details, and private documents stay on the user's hardware. Sensitive PII is anonymized by the local Gemma 4 workflow before anything is submitted; the server runs a second PII detector before storage or display.

03. Status table

No vapor. Every claim is checkable.

ID Component Status Depends on Verify at
01Runtime · Local Gemma 4 + harness loopLivegemma-4-9b-it↗ /grep-rules
02Harness · Kaggle reproduction notebookLiveruntime, eval↗ kaggle
03Evaluation · Adversarial & faithfulness probesLiveruntime↗ /eval
04Exchange · Anonymized signal queuePrototypeanonymizer gate↗ /dashboard
05Public-source crawler · Public-source watcherPrototypetrainer↗ /context
06Trainer · Pack compiler & signerPrototypecurator review↗ /context
07Channels · NGO/gov distributionRoadmaptrainer, partners— specced for 2026 H2
08Mobile · Worker app (sibling project)Siblingruntime · own repo— external
04. Public contracts

What the hub promises in code.

Hub never accepts
  • × POST /cases. endpoint does not exist
  • × POST /messages. endpoint does not exist
  • × any field with name, phone, id, photo
  • × any free-text field longer than 64 chars
Hub does accept
  • ✓ POST /signal { pattern, corridor, sector }
  • ✓ GET /pack/{corridor}. vetted pack
  • ✓ GET /trends. aggregate, k-anon ≥ 30
  • ✓ GET /docs. OpenAPI spec