ZeroRedact

Inspiration

Sharing documents with sensitive data is common across industries, but most redaction tools require uploading files to external servers, creating privacy risks. We wanted to eliminate this trade-off entirely by building a solution where data never leaves the user’s device.

What it does

ZeroRedact is a fully client-side PDF redaction tool that detects and removes sensitive information directly in the browser. It identifies 25 types of PII, allows users to review and manipulate results, and downloads a permanently redacted document without any data ever leaving the device.

How we built it

We built ZeroRedact entirely in the browser using React, TypeScript, and Web Workers for parallel processing. PDF text is extracted with pdfjs-dist, analyzed using a regex, on-device AI (multilingual BERT via Transformers.js), validation algorithms, and context scoring, then redacted via canvas and rebuilt using pdf-lib.

Challenges we ran into

Running AI models locally without blocking the UI required careful use of Web Workers. Mapping detected entities back to PDF coordinates was complex due to missing text structure. Balancing detection accuracy across multiple PII types required combining several complementary techniques.

Accomplishments that we're proud of

• Fully private, zero-upload architecture
  
• Reliable detection using four complementary engines
  
• Real-time, page-by-page processing for large PDFs
  
• Simple and intuitive review interface
  

What we learned

Modern browsers are powerful enough to run machine learning models locally. Accurate PII detection requires combining multiple methods, and canvas-based redaction is more reliable than modifying PDF text layers.

What's next for ZeroRedact

We plan to add OCR support for scanned documents, synthetic data replacement for better readability, and an AI proxy layer to automatically redact data before sending it to external AI tools.

Built With

• react
• tailwind
• typescript
• vite