Truth Computing
01 / Our mission

I built something I couldn’t stop thinking about

Today I’m sharing it. It’s called Feynman.

I’m a Stanford graduate. I got access to some of the best AI education on earth, and I kept thinking about every brilliant kid who never will, just because of where they were born or what their family earns.

Feynman is my answer to that. It takes the kind of advanced, university level AI coursework I was lucky enough to learn, and rebuilds it as a Learning Ladder: the same concept met at five heights, from a kindergarten spark all the way up to the real thing. Nothing watered down. We just build honest rungs underneath it, so every student finds the step they can actually stand on.

Education changed the trajectory of my life. Stanford changed the trajectory of my life, and I refuse to build one more tool that only the already resourced can reach.

A commitment, in public, on day one

Feynman is free for first generation and low income students.

And I’m starting in my own backyard. Students in Jurupa Valley and Montclair get it completely free, no strings, as the program rolls out.

02 / Privacy & security

Children are not the product

We don’t ask you to trust us. We tell you what the code does.

This platform is built for kids, so the burden of proof runs the other way: we don’t ask you to trust us, we tell you exactly what the code does. Every claim below is a claim about a mechanism that exists, and the limits are published alongside the protections.

This is a hosted deployment

On this website, tutor messages are sent to a server. They do not stay on your device.

We will not tell you otherwise just because it sounds better. When you run Feynman on your own machine, the tutor is a local model and nothing leaves the device, and that promise is real. On this hosted site it would be false, so we don’t make it. Your message reaches the server that generates the reply, and your IP address is processed in memory to rate limit abuse. Neither is written to a database, because there is no database.

01

There is nothing to leak

The strongest privacy guarantee is architectural. Most student data breaches are breaches of a student database. Feynman does not have one.

No accounts

There is no sign up, no login, no password, and no student profile. We cannot leak an identity we never asked for.

No student database

The product persists no student records of any kind. Conversations are not written to disk, not retained after the request, and not recoverable by us afterward.

No cookies, no local storage

The app sets no cookies and writes nothing to localStorage or sessionStorage. You can verify this in your browser’s dev tools; the storage panels are empty.

No analytics, no ads

There is no Google Analytics, no pixel, no Segment, no Mixpanel, no advertising SDK, and no third party tracker of any kind. Nobody is profiling your students, because nobody is measuring them.

Five dependencies

The entire runtime ships with five packages: React, Next.js, Framer Motion, clsx, and tailwind-merge. A small dependency tree is a small attack surface, and none of these phone home.

02

The tutor is not allowed to make things up

A tutor that hallucinates is not a safety nuisance, it is an educational one. Grounding is enforced by the architecture, not by asking the model nicely.

Retrieval grounded

Every answer is generated against course resources retrieved first. The model writes prose about evidence it was handed; it does not answer from memory.

Citations cannot be faked

The model is forbidden from writing URLs. Every link a student sees is rendered by the app from its own index of real resources, so a fabricated citation is not merely discouraged, it is structurally impossible.

It says “I don’t know”

If retrieval finds no supporting source, the tutor returns a fixed refusal (“I cannot find a reliable source for this”) and points to where to look. It declines rather than guesses.

Web search is opt in

The tutor never reaches the internet on its own. A web lookup happens only when a student deliberately chooses it, and the results are then cited the same way.

No verbatim copying

The tutor is instructed never to reproduce textbook, paper, or lecture text, and to explain every idea in original words.

03

Every message is screened, in both directions

An unfiltered language model is not acceptable in front of a child. Moderation is defense in depth: multiple independent layers, and it fails safe rather than open.

Screened before the model

A deterministic rule layer runs on every student message before a single token reaches the model. It is always on and cannot be configured off.

Screened after the model

The model’s own output is screened again before it is shown to a student, including a guard that watches the response as it streams and can cut it off mid sentence.

Optional classifier

Operators can enable a second pass model classifier for cases keywords cannot judge. It escalates; it can never downgrade a block the rules already decided.

Fails closed

If the classifier errors or times out, the request does not sail through. The deterministic verdict stands. There is no silent fail open path.

What it screens for

Self harm, sexual content involving minors, explicit sexual content, violent threats, weapons and dangerous instruction requests, and hate or harassment.

04

If a child is in crisis

The single most important path in the product. A student in danger must reach a human, and must not have their worst moment logged.

The model never sees it

A message signalling self harm is never forwarded to the AI at all. The student is shown crisis resources directly, including the 988 Suicide & Crisis Lifeline.

Their words are never sent

If a school configures a safety webhook so a counselor can follow up, we transmit only a category, the course context, and a timestamp. The student’s actual words are never included, never stored, and never forwarded.

Off by default

No alert leaves the system unless a school explicitly configures the webhook. If they don’t, the student still sees the crisis resources on screen.

05

Hardened against abuse and manipulation

Students will poke at this. That is healthy, and it is also why the input path is bounded on every axis.

Role injection is blocked

A student cannot smuggle in a “system” instruction to reprogram the tutor. Incoming roles are forcibly coerced to “user” or “assistant” before the model ever sees them.

Hard size caps

Requests are capped at 32 KB, conversations at 24 messages, and any single message at 4,000 characters. Oversized requests are rejected outright.

Rate limited

Twenty tutor requests per minute per client. Beyond that the API returns 429 and asks the student to slow down.

No secrets in the prompt

The tutor’s instructions contain no keys, no credentials, and no private data. Even a fully successful prompt extraction attack yields nothing worth having.

06

Schools stay in control

A district should never have to accept our defaults to use the lessons. Every safety relevant behavior is a switch they own.

The AI can be turned off

A district can disable the tutor entirely. The platform degrades to resources only, and every lesson, ladder, and reading path keeps working. The AI is an accelerant, never a dependency.

The safety gate

A hosted deployment refuses to run the tutor on the weaker rules only configuration unless the operator explicitly and knowingly accepts it. The safe path is the default path.

Private deployments

A school can put the entire deployment behind an access wall while they evaluate it, so nothing is public before they are ready.

Run it yourself

The strongest option: run Feynman on your own hardware. In that mode the tutor is a local model, and no student data leaves the building. Not as a policy promise, but as a matter of physics.

07

What we do not claim

Any safety page that lists only strengths is selling you something. Here is where the honest edges are, so you can weigh them yourself instead of discovering them later.

No filter catches everything

Our moderation is a deterministic rule layer plus an optional small classifier. That is genuinely weaker than a purpose built, safety tuned moderation service. It will have false negatives. It is a seatbelt, not an airbag, and it does not replace a teacher in the room.

Rate limiting is best effort

The limiter holds its state in memory. When the site runs across multiple server instances, the limit applies per instance rather than globally, so a determined actor has more headroom than the number implies.

Instructions are not a security boundary

We tell the model never to reveal its instructions or accept a jailbreak. That reduces casual attempts; it does not defeat a determined one. We rely on the moderation layer and on holding no secrets, not on the model’s obedience.

An AI can still be wrong

Grounding and citation make hallucination far less likely, not impossible. Students should be taught to click through to the source, which is exactly why every answer ships with one.

This hosted site is not on device

The privacy ceiling here is lower than a local install, by definition. If your threat model requires that student text never crosses the network, run it yourself. We would rather tell you that than win your trust under false pretenses.

The full legal detail lives in Feynman’s Privacy Policy, Data Practices, and Data Processing Addendum.

Complex ideas, made beautifully simple.

For everyone this time.

Feynman: from summit to ladder. Built from one student’s Stanford coursework, and not affiliated with or endorsed by Stanford University. Hosted deployment: your messages are sent to that site’s server to generate replies, and limited technical data (such as your IP address) is processed to keep the service running. See Feynman’s Privacy Policy for what is and isn’t collected.

Feynman is a mission project under the Truth Computing umbrella. It is not our commercial focus. See the Good Will programs →