PROJECT RÉDUIT 🇨🇭

██████╗ ███████╗██████╗ ██╗   ██╗██╗████████╗
██╔══██╗██╔════╝██╔══██╗██║   ██║██║╚══██╔══╝
██████╔╝█████╗  ██║  ██║██║   ██║██║   ██║   
██╔══██╗██╔══╝  ██║  ██║██║   ██║██║   ██║   
██║  ██║███████╗██████╔╝╚██████╔╝██║   ██║   
╚═╝  ╚═╝╚══════╝╚═════╝  ╚═════╝ ╚═╝   ╚═╝
S W I S S   D I G I T A L   R E D O U B T

"The mountain is dumb, but the man on it is smart."

— General Henri Guisan

---

🛡 Overview

Project Réduit is a hardened, air‑gap‑capable Operational Intelligence System for offensive security professionals. It is purpose‑built for Apple Silicon (M1–M4) and runs local Large Language Models (LLMs) natively on the Neural Engine, ensuring performance, privacy, and zero data exfiltration.

Réduit is not a chatbot. It is a digital redoubt: a defensible intelligence position that separates knowledge, tools, and firepower into clearly defined operational tiers. This design prevents context pollution, reduces hallucinations, and preserves deterministic access to your arsenal.

---

📋 Table of Contents

• 🛡 Overview

• 🎯 Design Goals

• 🏗 Architecture & Design

  • Tiered Intelligence Model
  • The Redoubt Filesystem

• 🚀 Getting Started

  • Prerequisites
  • Installation

• 🎮 Usage Guide

  • The Halberd Protocol
  • Operational Examples
  • Remote Access

• ⚠️ Disclaimer

---

🎯 Design Goals

• Air‑gap ready — no mandatory external network dependencies
• Local‑only AI — zero prompt leakage, zero cloud inference
• Deterministic tooling — raw payloads are never embedded or hallucinated
• Operational separation — intelligence, payloads, and scripts remain isolated
• Mac‑native performance — optimized for Apple Silicon GPU / Neural Engine

---

🏗 Architecture & Design

Tiered Intelligence Model

Réduit enforces a strict, three‑tier intelligence pipeline:

Tier	Name	Engine	Purpose
1	Recall	Vector RAG	Instant semantic recall of notes, SOPs, PDFs, and methodology
2	Armory	Halberd Tool	Deterministic access to raw payloads, scripts, and binaries
3	Discovery	SearXNG	Privacy‑preserving web search (explicitly requested only)

This architecture ensures:

• No wordlists or binaries pollute the model context
• No hallucinated payloads or corrupted scripts
• Predictable, auditable AI behavior

---

The Redoubt Filesystem

The filesystem is modeled after the Swiss National Redoubt doctrine: compartmentalized, defensible, and purpose‑built.

/library
├── intel/          [Sector A] Strategic Intelligence
│   ├── notes.md    # Vector-indexed for RAG
│   └── report.pdf
├── munitions/      [Sector B] Raw Firepower
│   ├── seclists/   # Immutable payload collections
│   └── binaries/   # Download links / hashes / hex dumps only
└── ordnance/       [Sector C] Tactical Tools
    ├── script.py   # AI reads code verbatim
    └── config.sh   # Editable execution configs

Principle: The AI never invents weapons — it retrieves them.

---

🚀 Getting Started

Prerequisites

Hardware

• Apple Silicon Mac (M1 / M2 / M3 / M4)

Software

• Docker Desktop for macOS
• Ollama for macOS (native execution required)

---

Installation

1. Establish the Perimeter

mkdir -p ~/project-reduit/data/{open-webui,searxng}
mkdir -p ~/project-reduit/library/{intel,munitions,ordnance}

2. Stock the Redoubt

• intel/ — Notes, PDFs, methodology
• munitions/ — SecLists, fuzzing lists (read‑only)
• ordnance/ — Custom scripts and configs

3. Deploy Infrastructure

cd ~/project-reduit
docker compose up -d

4. Activate Halberd

Workspace → Tools → Create Tool → Halberd → paste halberd.py → enable

5. Configure the Model

Administration → select model → paste system.md into System Prompt

6. Configure the Knowledge Base

Knowledge Base → new KB → sync /library/intel → wait for indexing

---

🎮 Usage Guide

The Halberd Protocol

Requests are routed automatically based on intent and target sector.

Operational Examples

Intel Retrieval → RAG search

Munitions → File retrieval (links only)

Ordnance → Verbatim code output

---

Remote Access

• LAN: http://<MAC_IP>:3000
• Tailscale: http://<TAILSCALE_IP>:3000

---

⚠️ Disclaimer

Authorized use only. No liability. Operate legally and ethically.

---

Remote Access

• Local Network: Access via http://<YOUR_MAC_IP>:3000 from any device on the same LAN

• Tailscale (Optional, Recommended): Secure, encrypted remote access without port forwarding

  1. Install Tailscale on the host Mac and client device
  2. Authenticate both devices to the same tailnet
  3. Access Réduit via Magic DNS or IP:

http://<TAILSCALE_IP>:3000

---

Troubleshooting

RAG / Knowledge Base Issues

If documents are not being recalled or embeddings fail to generate, ensure a compatible local embedding model is installed:

ollama pull nomic-embed-text

Then restart the stack:

docker compose restart

Performance Issues

• Ensure Ollama is running natively, not under Rosetta
• Verify the model fits within available unified memory
• Large PDFs may require re-indexing after initial import

Air‑Gapped Operation

• Disable Tier 3 (Discovery) if no outbound network is permitted
• Réduit operates fully offline for Tier 1 and Tier 2 operations

---

Est. 2025 — Project Réduit