I built a "No-KYC" recovery tool that accepts XMR Monero. It prevents your data from being sold to the industries you're trying to quit. (liftmind.ai)

submitted 3 months ago by liftmind@monero.town to c/monero@monero.town

9 comments fedilink hide all child comments

I’m a dev in recovery. When I looked for addiction recovery apps, I realized the user isn’t the customer, they are the product.

Most “free” recovery apps literally sell your addiction data. If you are recovering from gambling, they can sell your behavioral profile back to gambling networks. If you are recovering from alcohol, they sell your data to advertisers that then advertise alcohol to you.

I built LiftMind

It’s an AI-driven addiction recovery strategist and journaling app, but I architected it to be hostile to surveillance. It is still in beta, and I need a gut check from this community on the setup:

Monero First: I accept XMR Monero so the payment layer is as anonymous as the auth layer.

No Personal Info: I don’t ask for an email, name, or phone number. You reg with just a username and password. If I look at the DB, I can’t tell who is who.

Blind AI Proxy: I use an external LLM (Gemini) for the intelligence, but I treat it like a calculator, not a database. Your ip, username or any other data is never sent to gemini, only the data required for pattern recognition is sent. Google only sees a request coming from my server IP, but they have no way to link it to “You”.

My Question: Since I don’t collect the PII to begin with, is this “Blind Proxy + No KYC” model is sufficient for high-threat models?

you are viewing a single comment's thread
view the rest of the comments

[-] liftmind@monero.town 2 points 3 months ago

Fair point on the notes. You're right, if a user explicitly types "I am John Doe" in the journal, that string does get passed to the LLM. I can strip headers and IPs, but I can't perfectly scrub context without breaking the analysis.

To mitigate that, I use the paid API. Unlike the free version, Google is contractually blocked from training on the data. I realize that is a legal promise rather than a technical guarantee, but it is the same binding agreement used by hospitals and banks.

As for why not local/Ollama? Two reasons:

Intelligence: For psychological pattern recognition, small local models hallucinated way too much in my testing and missed obvious patterns. I need SOTA reasoning to avoid giving bad recovery advice.
Hardware: Local inference kills battery and requires high-end phones. I want this tool accessible to everyone, not just people with $1k devices.

I'm planning a "Local Only" toggle for the future, but the tech isn't quite there yet for the average user.

[-] specialwall@midwest.social 1 points 3 months ago* (last edited 3 months ago)

Okay, that's a fair reason to use Gemini.

If you are trying to cater to people with a specifically "high threat model" (who are going to want zero-trust privacy protections), then the journals are an issue you'll have to somehow address.

Even if a user does not type full details like their name, small things like "I got banana ice cream today" and "I went for a night drive" can build a detailed profile over time, which even if ephemeral could be correlated using the database if that is sent for every query.

[-] liftmind@monero.town 2 points 3 months ago

I used to daily drive Qubes OS, so I totally get your point on correlation.

But I had to prioritize utility. LiftMind’s main purpose is 1. to actually work and help people overcome addiction, and 2. to provide a safe harbor for people who don't want to hand over personal info.

The main "threat" I'm solving for right now is the paper trail, allowing people to pay via XMR so their bank statement doesn't show they are using a recovery service. It might not be bulletproof for a targeted attack yet, but it solves the immediate privacy problem for most people.