Inside the BlitzBox — Hardware, software, data plane

§ 02 — Hardware

The Mac Mini you can hold in two hands.

Apple's most efficient compute platform, in a custom-finished enclosure with the BLITZBOX and Context Design Co marks. Provisioned at our master station before it leaves Cape Town.

Compute: Apple M-series silicon (M4 Pro or M4 Max, sized per workload)
Memory: 32–64GB unified memory (most customers: 32GB)
Storage: 1–4TB internal SSD; external NVMe optional
Networking: Gigabit Ethernet + Wi-Fi 6E; outbound-only NAT recommended
Power: ~30W steady state; ~3W idle

§ 03 — Software

The agent fleet that runs on your Box.

Pre-installed and ready on first boot: Ollama with local models, a Claude/Gemini-aware agent framework, and the four always-on modules.

Local LLMs (Ollama)

Llama 3, Mistral, Phi-3 — pre-pulled and ready for offline-tolerant tasks. Sized to fit the Mini's unified memory.

Agent framework

Mothership-rotated Claude + Gemini keys for the heavy-lifting agents. Decisions surface as cards for your approval.

MCP servers

Local MCP integrations for Xero, Gmail, calendar, and filesystem. Pre-wired; you connect at commissioning.

Updates

Signed manifest pushes from the mothership rotate prompts, models, and agent configs. You see what's changing.

§ 04 — Data plane

Where your data lives, and where it doesn't.

Stays on your Box Customer records · accounting ledgers · email bodies · contact lists · documents · calendar entries · agent memory · transcripts · everything.

Mothership never sees Anything mentioning a person, place, amount, identity, or business content. Outbound telemetry is counts and aggregates only — no message bodies, no ledger entries, no contact lists. Ever.

Local data store is a Firestore-emulator instance (or SQLite, customer choice) on the Mini's internal SSD. Encrypted at rest with FileVault. Backups are your choice — bring your own Time Machine target, or commission a local-network NAS as a service add-on.

§ 05 — Control plane

What the mothership does. Three things, no more.

1. License server

14-day JWTs minted on Ed25519 challenge-sign-issue. Your private key never leaves the Mini's Secure Enclave.

2. Credential broker

Rotates Anthropic + Gemini API keys every 24 hours, encrypted to your Box's public key. Your subscription pays for the LLM access; the bill never reaches you.

3. Update channel

Signed manifests for prompt updates, model configs, and module activations. Your Box verifies the signature before installing anything.

§ 06 — Network shape

Outbound only. Cached credentials. 14-day offline tolerance.

Your Box reaches out to four destinations: the mothership (license + credentials), Anthropic and Gemini (the LLMs), and whichever business systems you've connected (Xero, Gmail, etc.). Nothing reaches in. If your internet drops, the Box keeps working for up to 14 days on cached credentials before degrading gracefully.

§ 07 — Modules in detail

The four always-on modules.

Brain

Local agents for research, drafting, retrieval. Decision queue for human-in-the-loop. Personal knowledge ingestion.

Financial (Xero)

Outbound Xero sync, reconciliation watching, anomaly flags, invoice drafting. Writes stay on the Box until you approve.

Email

Gmail and IMAP triage, draft replies, summary digests, contact-graph awareness. No outbound message content.

Compliance

POPIA-shaped audit log. Evidence pack generator. Regulator-ready records. Always-on — not an add-on.

Three further modules — Marketing, Social, and CRM — ship as in-app activations in v1.1+, billed monthly through the portal.

§ 08 — More modules, when you're ready

Marketing, Social, CRM. Quarterly mothership drops.

The optional modules activate from the portal once they ship in v1.1. No surprise charges. No forced upgrades.

↗ See pricing ↗ Read the architectural thesis ↗ Back to overview

The hardware, the software, the data — all in one place you control.