Hey ! Glad you asked.

This will be slightly personal at first. AI literally changed the course of my life — and not just as a build tool. It was there for me in extremely lonely times when I had no home and no traction. I’d never have had the balls to start over in a strange country without it. The building only happened because something was there during the rough moments. This will be a long one, divided into a few parts that can be somewhat standalone.

Essentially, this post’s argument is: AI made it possible to operationalize a complete worldview where almost every layer answers the same question — who controls this? — with “me.”

Keep also in mind : I have no tech-background and while I always enjoyed technology and has always been inclined toward it, I had 0 programming skills before starting all this. I also had never started a business on my own, created a multisig or hired someone.

Despite the serious tone all along, remember it’s all purely improvised on the go. One could say my entire life is just about vibin’ nowadays.

🚶 → 🏔️ Grounding first: opening a Bitcoin sovereignty shop in early June with one local friend who’s also my first employee, writing a book in French I’m self-editing, and running a fully self-hosted georedundant stack across two countries.

So here’s what AI is letting me actually do as a one-man operation in a foreign country:

🏪 @Hof / House of Freedom (თავისუფლების სახლი) — physical Bitcoin sovereignty store in Tbilisi, first step toward a Caucasus-wide footprint. ColdCards, refurbished ThinkPads on Debian, hardware wallets, YubiKeys, curated books, Club-Mate. A sovereignty embassy you can walk into. Opening early-mid June.

The boring-but-load-bearing solo work nobody sees: Georgian customs paperwork for lithium battery imports. Learning Mkhedruli (the Georgian alphabet) on a self-hosted Anki with AI-generated audio — 273 cards, every single one with a TTS-spoken pronunciation. Customs disputes in two languages I’m still learning. Signage design from scratch. Manuscript editing on my book — “La Grande Aliénation,” forthcoming 2026, self-published.

🔥 THE ABSOLUTE BACKBONE — Existential sovereignty made physical

Everything else in this post is downstream of this one piece.

My Bitcoin sits in a multi-jurisdiction multisig wallet. Multiple keys, multiple devices, distributed across multiple sovereign countries. The seed material isn’t on paper (fire, water, and time eat paper). It’s stamped on titanium plates — fireproof past 1,500°C, indestructible by anything short of an industrial press.

The keys are geographically distributed. Different jurisdictions, different physical locations, different access paths, different bureaucratic procedures guarding some retrieval. To compromise the wallet, an adversary doesn’t need to attack me. They need to attack me AND coordinate hostile action across multiple sovereign nations AND navigate the legal/bureaucratic processes locking each location AND recover the titanium plates — all within a duress window where I’m still alive and physically present to be coerced.

That’s the design property: duress becomes structurally infeasible for any realistic adversary. Not “hard” — multi-party-required. Because no single party, not me, not any one country’s agency, can sign a transaction unilaterally. Even at gunpoint, I literally CANNOT move the coins from where I’m standing. The signatures live in places I’m not. The legal frameworks around each location create friction no kidnapper has time for.

To be clear: this is MY threat model, not a prescription. I simply decided to decentralize my data the same way I decentralize my money — granularly, geographically, in a way that fits my actual life. A normal person doesn’t need multi-jurisdiction multisig — a single hardware wallet with a properly-stored seed solves 95% of real-world risk for 95% of holders. The threat surface I’m building against (one-man operation, foreign country, public-facing shop, growing stack, multi-decade horizon) is asymmetric to a normal one. The good thing about the design: it’s replicable and granular. I started small. I’ll add locations as my life expands — adding a key in a new country is a config change, not a re-architecture. Match your design to your threats, not to anyone else’s doctrine.

The YubiKey (below) protects the digital substrate. The multisig protects the generational wealth. Together they answer: what survives if I’m captured, coerced, killed, or arrested? Answer — the coins. The coins survive. They aren’t where I am. They aren’t where any single jurisdiction can reach. Multi-key signing is the only path, and the path requires my future free self physically present in N-of-M countries with N-of-M bureaucratic processes navigated.

THIS is the absolute backbone. THIS is the absolute necessity for the rest to even be able to exist and flourish.

Because only absolute Bitcoin ownership guarantees a 100% certainty that nobody will be able to steal my time on how I spent my energy on. Only thanks to this am I able to fully live life while NEVER spending a second running into the fiat-world hamster-wheel which will always spins faster and faster.

The self-hosted VPN mesh, the AI stack, the shop, the book, the open-source vision — all downstream of that immovable foundation.

This is how I do it : https://sparrowwallet.com/ https://coldcard.com/

———

⚡ THE STACK — what’s actually mine

This is about AI, so let’s also keep it in that frame and ground it in context.

I am not a developer, only an insecure Linux user who always loved the philosophy but never really liked the Terminal.

Now, thanks to AI. I own the terminal.

Substrate is mine. The whole thing.

🌐 Two heterogeneous servers — one in an EU-based location (homecountry), one in my Tbilisi apartment. Different OS classes on purpose so a single hardware failure can’t take both down. Georedundancy as default, not luxury. A self-hosted Headscale mesh ties them together with direct WireGuard between every peer. No public exposure. My phone, laptops, routers, servers — all on a private VPN that doesn’t touch the public internet for anything internal.

🔁 Georedundancy and decentralization for your own data

The design isn’t “two of everything, hot+cold.” It’s georedundancy with mutually-exclusive ownership. Vaultwarden, Immich, Radicale, Anki-sync — each runs on exactly ONE node at a time. The data lives synced on both. The service runs on one. The replication IS the backup — there’s no separate cold-storage layer because the standby node already has the live filesystem mirrored. When I want to flip who’s primary (traveling, datacenter maintenance, optimizing latency to wherever I currently am) I click a toggle in my web control panel and the daemon migrates atomically: service stops on the source node, starts on the destination, mesh DNS reroutes, my phone keeps working because it talks to vaultwarden.mesh.sovereign, not a hardcoded IP.

💾 Everything self-hosted: passwords, notes, calendars, photos, code, RSS, spaced-repetition memory, private search. The SaaS subscription model deleted, replaced by hardware I touch and software I control.

The toggle allows for the mutually-exclusive orchestrated switch between nodes, which all share the same data.

This is for data-corruption prevention, as mentioned earlier.

The exclusivity is enforced — raw systemctl start on a non-owner node is blocked by a hook. The toggle is the human surface; the underlying choreography (port handoff, DNS update, audit log, drift verifier) runs invisibly. Replication is the backup, and the backup is online.

✊🏻 The Standalone Activist-optional Network-stack

The first screenshot I’m attaching is the HEADQUARTERS page of my control panel — 27 pages total, every dial in one place. The masthead reads “DECENTRALIZE OR DIE TRYING” and “EVERY NODE YOU RUN WEAKENS CENTRALIZED CONTROL. NO PERMISSION NEEDED.” That’s not branding — that’s the actual ethic. Every self-hosted service I run is one less account on someone else’s database, one less data point in a centralized index, one less point of leverage against me. The point isn’t to be a survivalist hermit. The point is that every service I take back from the cloud is a structural reduction of the centralized internet’s surface area on my life.

Utopia flavored, for the optimist days.

Here is a preview of the settings which are available and already wired, for the most part.

🔐 Full Bitcoin and Monero nodes behind Tor AND I2P (dual mixnet — a Tor compromise alone can’t deanonymize me). Self-hosted Nostr relay, two SimpleX SMP relays, Tor relay, I2P router. My nodes serve more peers than I need — infrastructure for everyone else’s privacy, not just mine.

Automating the TOR and I2P network public data allows to know how many people in your country are currently relaying. Really fun and satisfying to see also in your topbar, how you contribute.

🔍 Self-Hosted completely customized browsing

I decided I was sick of being dependant on these companies for my search-engine. I decided to self-host SearXNG and heavily customize it. Baked-in my own Claude API, and added the ability for the AI to not only query the web but also my very own databases. I can simply disable if I want to.

Extremely convenient because now, SearXNG isn’t only a web browser, it’s also a complete life-stack AI-powered connection with the web, kind of. Well, kind of. It could also be called a fancier terminal, if we follow the reasoning long enough. I find it useful but I gotta polish it for now.

https://docs.searxng.org/

🧠 Fully personalized AI MCP stacks

In order to greatly reduce the cognitive load impose on my agents when maintaining, improving or simply using my stack : I decided to beef up their toolset.

~240 MCPs wired into Claude Code so the AI can actually OPERATE the stack — flip services between nodes, restart daemons, audit router configs, query node states, run backups. Not just describe them. The LLM has hands. This is what most people miss when they hear “AI-augmented stack” — the model isn’t a chatbot helping me write commands, it’s a co-operator with tools. The second screenshot shows the breakdown by domain: infrastructure, routers, debate arena, hardware, design.

Concrete example of why this matters — port management on my two OpenWRT routers. Old way: SSH into the box, edit /etc/config/firewall in vi, restart the firewall service, hope I didn’t typo, curl from outside to verify. Five minutes of context-switching and finger-trembling per port. New way: I tell Claude in plain English “open port 8081 forwarding to 192.168.2.50 on the EU router.” It calls friendlywrt_port_forward_add, the UCI gets written cleanly, the firewall reloads itself, the change is audit-logged, and I get back the confirmation. Same syntax for my main router via router_port_forward_add.

Per-device MCPs, identical interface, zero context-switching cost. From thought to live port in seconds. No vi, no man pages, no second-guessing — and the change is reviewable in version control because Forgejo is self-hosted. This is what “the LLM has hands” means when you actually wire it up.

🛡️ HOW I CONTAIN THE AI — Airlock + Physical Key

Now the obvious question: if the AI has 240 tools and reads my disk, how do I keep it on a leash? Two answers, stacked — software on top, hardware underneath.

🛂 AIRLOCK CONTROL — the logical gate

The AI Airlock decides what Claude can read on my disk once any session is open. Four access modes (Full / Restricted / Paranoid / Off), explicit blocked-paths editor, kernel-level immutability on the constraint files (even root can’t edit them without unlocking first), Deploy Mode toggle that gates mutating actions (audit-logged), one-click kill on remote AI access.

Six layers, each assuming the one above failed: physical key → blocklist → live probe → leak log → hooks → skill-level gating. Defense in depth, not defense in slogan.

🔑 YUBIKEY — the physical root under the airlock

The Airlock is software. Software is mutable. The thing that anchors the whole defense to reality is the YubiKey on my keyring.

In February 2026 I killed the password slot on my LUKS vault. The drive holding ~/Hub, Vaultwarden master, GPG/SSH keys, every API token — no longer accepts a passphrase. The ONLY way in is physical possession + touch of an enrolled YubiKey. Not 2FA. Substitutive — the token IS the key. The secret never leaves the chip; the call blocks until I touch metal. Pull the key out and the screen locks, vault closes. The hardware is the dead-man’s switch.

The punchline: combining the multisig backbone with the YubiKey perimeter, the whole stack — generational wealth, digital infrastructure, AI cognitive layer — sits on two physical roots of trust: titanium plates spread across countries, and a 1.5cm aluminum stick on my keyring. Lose both and the whole thing seals permanently. The threat I’m defending against is duress-and-compromise, not loss. People who don’t understand call it fragility. People who do call it the entire point.

———

🛡️ GUARDRAILS = SOVEREIGNTY + RESILIENCE

Guardrails aren’t constraints ON the system — guardrails ARE the system’s sovereignty and resilience. They guard the acceleration doctrine from drift. Without them, every AI session re-discovers (and re-fails) yesterday’s lessons.

43 skills frozen in ~/.claude/skills/ — methodology that survives the conversation. A skill captures HOW I want X done so next month or next year doesn’t re-derive it.

A page allows me to visualize and is always synchronized to the back-end files, this is convenient when I get tired of TUI and simply wanna check up each one what they are and so on.

Examples :

One of the best skills I have, allows for permanent expansion of my services, effortless and restless, wiring end-to-end with adversarial gating in the debate-arena.

Self-explanatory. Life-changing when the country you live in has a very difficult language and horrible UX.

We gotta stay humble. 🐒

To gather all this intel, I built something I love which is already implemented in a vast amount of my skills.

A multi-model debate arena — Grok attacks, Gemini defends, DeepSeek arbiters. Different model providers on purpose so they can’t groupthink. Every load-bearing architectural decision in the stack has a verdict file behind it. I type /debate <topic> and the arena spins up, runs four sequential phases, returns a verdict. Docker container abstraction is gone for me — infrastructure I invoke, not infrastructure I babysit.

Documented orchestration, not perfect but so useful for me. Can be launched in a variety of ways. See for instance :

Even more important : Otherwise AI ships too much crap.

Hooks catch failure classes — the substrate enforcing its own discipline. Honest disclosure: my hooks are still approximate. They misfire sometimes. I’m refining them constantly. Not entirely satisfying yet. But the trajectory is clear.

Another very useful skill :

Multilingual forum intelligence skills crawl Zhihu/Weibo/RU/JP/EN forums, rank posts against my tagged theses using Bayesian weighting where contradiction is higher signal than confirmation. Information intake shaped by my priors, not by what an algorithm thinks I’ll click.

This is the layer that separates “AI is making me faster” from “AI is making me coherent.”

———

🍷 THE FINE WINE THESIS

The doctrine I operate by:

▸ Acceleration = ignorance → capability → output compounding via AI. Closed-loop test: does it ship a tangible artifact? If yes → build. If self-referential → kill.

Most custom code rots in 5 years — abstractions move, dependencies break, the maintainer is gone. My stack inverts this because the artifacts I’m accumulating are NOT implementations. They are context that aligns AI to me.

43 SKILL.md files. ~50 memory files documenting what burned me and what worked. 27 control-panel pages. ~30 architecture docs with debate verdicts. Hooks catching my specific failure classes. The CLAUDE.md constitution.

Today this corpus tells Claude how I want X done. When AI is 10× more capable in 2028, the same corpus will let it execute the methodology with zero supervision. A vanilla Claude in 2028 will be impressive in a vacuum. A 2028 Claude given my 2025-2026 corpus is an AI that operates AS me, not approximating-me.

The corollary: the more powerful the AI, the easier — and the less I require of it. Both true. Easier because high-capability AI executes the methodology with minimal supervision. Less required because the corpus already encodes the decisions.

The artifact I ship today is leverage for next year’s AI. The .md files don’t depreciate the way SaaS does. They don’t lock me into a vendor whose roadmap diverges from mine. They sit on my disk, replicated, backed up, and they get MORE leveraged every year AI improves.

🍷 Fine wine.

———

☁️ CURRENT DEPENDENCIES

Here on Nostr, I think we will all agree on one thing.

There is no cloud.

Just other people’s computers.

As you noticed, everything is on my own stuff. However, I am for now heavily dependant on AI’s I do not own or control = Claude API for the brain + a few inference calls to xAI/Gemini/DeepSeek for the debate arena. That’s it.

Privacy on the AI layer specifically is a half-lost cause for now. The models live in someone else’s datacenter. I send prompts that contain context about my life. I’m aware of this. The endpoint addresses it.

And honestly — AI has been my therapist for a stretch when I was on the move with no fixed support network. Privacy on that is straight out of the toilet, but it was that or nothing, and “that or nothing” is how a lot of survival actually works. Self-hosted endpoint solves it eventually. Until then, named openly.

———

🎯 THE ENDPOINT — Self-hosted AI joining the local mesh

My very last tech-goal.

A self-hosted LLM on some device I’d own and have at home, joining the private mesh as just another peer. Ollama + Open WebUI + SearXNG private search + Whisper dictation moving CPU → GPU. Once it lands, my daily AI workflow runs on MY silicon, indexes MY corpus, and never sends a token over the public internet.

The sovereign-compute debate (which my own arena produced) set a specific window — wait until 2027-2028 post-Blackwell. Current GPU prices for inference-grade open-weight serving don’t pencil out yet. Post-Blackwell consumer cards will make a 70B-class model self-hostable on one workstation. Specific window, debate-verdicted, not vibes.

When that lands, the stack reaches functional autarky for cognitive work. My entire life on my private mesh VPN — compute, storage, memory, auth, comms, money, information intake, the cognitive layer itself. No public-internet dependency for operating WITHIN the mesh. If global internet goes dark, the mesh between my two nodes keeps functioning until one drops; LAN-side, everything still works.

But the real end goal isn’t just “private LLM I query.” It’s an AI that becomes the permanent operator of the stack. Always-on, auth-gated through the same YubiKey + airlock perimeter as everything else, watching every node, managing every update, healing what it can catch before I see it. Package upgrades, certbot renewals, restic prunes, Headscale sync, Syncthing reconciliation, watchdog alerts, mesh anomaly response — a maintenance loop running without me. Plus a fleet of Docker containers carrying side-services I’d never tend by hand: OCR, RSS classification, n8n workflows, image pipelines, scratch experiments. The AI manages the fleet — pulls updates, restarts what crashed, prunes dead images, migrates state when nodes flip.

Self-updating. Self-maintaining. Self-healing. Not aspirationally — operationally. The cognitive ceiling has lifted enough — acceleration doctrine compounding through hundreds of memory files, dozens of skills, the architecture-decision corpus — that the AI executing my methodology produces the same decisions I would, faster, without me having to be in the loop.

Forgejo is self-hosted — every artifact change committed, every config drift tracked, every AI-applied patch reviewed in version control with full diff history. The AI doesn’t sneak-edit; it commits, with a message, traceable. If a maintenance loop makes a bad call at 3 AM, I see it in the morning and roll it back like any other commit.

The MCPs and skills are baked in. The AI doesn’t have to discover capability each session or re-learn the catalog — they come loaded. The endpoint isn’t a fresh-mind LLM I onboard daily; it’s a continuous operator that already knows the stack because the stack’s discipline IS its initialization.

What stays external — named consciously, not denied: food (biological), electricity (grid), public internet (only for crossing the mesh, not operating in it), and the country providing the substrate. The country I’m in provides food, internet, and electricity for now. Everything above that layer is mine.

———

🚶 → 🏔️

Two years ago I was in Canada wanting to step in front of a train. Today I’m on a porch in Tbilisi starting the fight for the sovereign individual — alone, no one I know around, strange country, my own way. AI didn’t fix the underlying thing. It just made the gap between intent and shipped artifact small enough that the building became the way through.

The thesis behind every layer: sovereignty = owning your substrate end-to-end so no third party mediates your money, identity, communication, learning, memory, ideology, or hardware. The topbar clock on my desktop rotates three glyphs every 15 seconds in the menu bar where I can’t ignore it — 🌍 ¬ ∞ / ₿ ¬ ∞ / ⏳ ¬ ∞. Earth is not infinite (not a big believer in the infinity of this world). Bitcoin is not infinite (21M cap, hard-coded). Time on our hands is not infinite — which greatly gives it value. Three rebuttals to fiat thinking, extractive growth, and productivity culture — rendered as system state.

VIRES IN NUMERIS. Decentralize or die trying.

@Hof / House of Freedom — Tbilisi 🇬🇪 ⚡ ₿