Why local AI · Edge & offline deployment

AI without an internet connection.

Cloud AI assumes connectivity. Real workloads do not. A factory floor with policy-blocked outbound traffic. A research vessel three weeks from port. A hospital with strict data-sovereignty rules. A mobile field engineer in a basement. A defence cleanroom by construction. LM-Kit ships to all of them with the same .NET SDK: pre-bundle the model, sign the binary, optionally AOT-compile, and run.

Start building free Edge deployment guide

0 outbound calls AOT-friendly MAUI cross-platform

Pre-bundled

Models ship inside the installer. First run never reaches for the network. The catalogue points at a local path.

Air-gapped

No telemetry, no licence callbacks, no model auto-download in restricted modes. Verifiable via firewall rules.

Cross-platform

Windows, Linux, macOS, MAUI mobile (iOS, Android). Same NuGet, same code, same model.

Why edge matters

The internet is not a deployment plan.

Cloud AI is the easy default until the deployment target is not on the internet. Edge devices, regulated environments, mobile installs, and offline tools all share the same constraint: the AI has to ship inside the binary. LM-Kit treats that as the primary case, not a special path.

Data sovereignty

For workloads where data is classified or regulated, the safest model is the one that never leaves the box. No outbound calls, no third-party processing, no transit risk.

Predictable latency

No round-trip. Inference latency is bounded by hardware, not by network. Critical for interactive UIs and voice assistants.

Offline by default

A field engineer in a basement, a researcher on a remote vessel, a kiosk in a low-connectivity store. The application has to work today, not when the link comes back.

No quota, no rate limit

A burst of inference at month-end does not hit a paywall. Hardware capacity is the cap, not a vendor's billing dial.

Cost-bounded

Hardware amortises across years. Per-call cost approaches zero. Scaling means more units, not larger bills.

Customer trust

"Your data never leaves your machine" is a sales line cloud AI cannot make. It closes deals in regulated industries.

Deployment shapes

From server to phone.

The same SDK serves every shape. Same code, different packaging.

Server

On-premises servers

A 2U server in a customer rack. Runs the same NuGet as your cloud edition. Models pre-staged on the local SSD; no external dependencies.

Workstation

Engineering & analyst desktops

Developer or analyst workstations with one or two consumer GPUs. Local agents, offline document analysis, data-sensitive workflows.

Kiosk

Retail and field kiosks

Touchscreen units in stores, lobbies, factories. Locked-down OS, no inbound network. Pre-bundled model, signed binary.

Mobile

MAUI mobile (iOS / Android)

Cross-platform mobile apps with on-device inference. Smaller models, lower precisions, AOT compilation, encrypted artefacts.

Cleanroom

Defence & regulated

Air-gapped, verifiable, no outbound telemetry. Encrypted models, signed binaries, hardware-rooted key storage.

Embedded

Industrial & embedded devices

Linux ARM64 boxes, robotics controllers, instrument panels. Smaller models, AOT native binaries, fixed firmware images.

Real edge code

Pre-bundle and run.

Point the catalogue at a bundled directory and disable downloads so the runtime never touches the network.

PreBundledModel.cs

using LMKit.Global;
using LMKit.Model;

// Point the catalogue at the bundled model directory before any load call.
Configuration.ModelStorageDirectory = Path.Combine(
    AppContext.BaseDirectory,
    "models");

// Disable any auto-download path. In offline mode, the model must be present.
Configuration.AllowModelDownload = false;

// Load by ID. Resolves from the bundled directory; never reaches the network.
var model = LM.LoadFromModelID("qwen3.5:2b");

Ship an encrypted model file with the app and resolve the key from the OS keychain at first launch.

EncryptedEdge.cs

// Edge install with an encrypted model in the bundle.
// Key resolved from OS keychain on first run, cached for the session.
var password = OsKeychain.GetOrPrompt("lmk-model-key");

var model = LM.LoadEncrypted(
    path:     Path.Combine(AppContext.BaseDirectory, "models/release.lmk-enc"),
    password: password);

Resolve the bundled model from the platform-specific app-data directory in a standard MAUI CreateMauiApp entry point.

MauiHostBuilder.cs

// MAUI startup. The same builder you would use on the desktop.
public static MauiApp CreateMauiApp()
{
    var builder = MauiApp.CreateBuilder();

    builder.Services.AddSingleton(_ =>
    {
        // Resolve the bundled model from the platform-specific cache directory.
        var path = Path.Combine(FileSystem.AppDataDirectory, "models/qwen3-0.6b.lmk");
        return LM.LoadFromFile(path);
    });

    builder.Services.AddSingleton<IChatService, LocalChatService>();
    return builder.Build();
}

Where edge ships

Real environments.

Defence & intelligence

Air-gapped networks, classified data, no outbound telemetry. Encrypted models, signed binaries, audit trails.

Healthcare

Patient data confined to the clinic. AI-assisted documentation, summarisation, and structured extraction without HIPAA exposure paths.

Energy & oil-and-gas

Rigs, refineries, remote sites with intermittent connectivity. Local copilots that never block on the link.

Maritime & aerospace

Ships, aircraft, rail. Long stretches without internet. AI assistants for crew, technicians, and operators that work offline.

Retail & hospitality

Store kiosks, hotel concierge tablets, in-store navigation. Pre-bundled, fixed-firmware deployments.

Mobile field tools

Inspectors, technicians, surveyors. iOS and Android apps with local AI built on MAUI; works in basements, tunnels, and rural sites.

Deployment checklist

From dev to fielded.

A short list of things that matter when the deployment target is not in your data centre.

Pick a model that fits

Smaller models for mobile and embedded, larger models for workstations. The catalogue exposes parameter count, file size, and required precision per variant.

Quantise to the device

Q4 or Q5 for laptops and phones; Q6 or Q8 for workstations. The Quantizer trims file size and VRAM with minimal quality loss.

Pre-bundle the model

Set Configuration.ModelStorageDirectory to a folder inside the installer. Disable network model loading. Verify with a firewall rule.

Encrypt if it is proprietary

Use LM.LoadEncrypted for fine-tuned or commercial models. Stream-decrypt at runtime; never write plaintext to disk.

Compile AOT where possible

.NET 8+ AOT works with LM-Kit on most targets. Smaller binaries, faster startup, no JIT.

Sign and verify

Code-signed binaries, SHA-256 model checksums, firmware-signed installers. Tamper-evidence is part of the threat model in many edge deployments.

Demos and guides

Working references.

GuideBuild an offline AI application for edge DemoMAUI chat playground GuideEstimate memory and context APIConfiguration

Related capabilities

Edge plus the rest.

Encrypted model loading

For proprietary or restricted models on customer hardware. Stream decryption, no plaintext on disk.

Encrypted models

Quantization

Trim file size and VRAM for the device. Same model, lower precision, smaller install.

Quantization

Privacy & compliance

Why local AI is the only viable option for many regulated workloads.

Privacy & compliance

Cost & performance

The economic story behind moving inference off the API and onto the box.

Cost & performance

Same SDK. Every deployment.

Get Community Edition Download