Local-first media vault manager built with Tauri + SvelteKit (SPA).
Praesid provides a secure, encrypted vault for local media management.
- Backend: Rust (Tauri) with SQLCipher and encrypted blob storage.
- Frontend: SvelteKit (SPA mode) with Tailwind CSS.
- Security: AES-GCM encryption, Argon2id KDF, and OS keychain integration for preferences.
- Rust (latest stable)
- Bun
- Tauri Dependencies (System-specific libs)
-
Install dependencies:
bun install
-
Run in development mode:
bun run tauri dev
- Frontend (Vitest):
bun run test - Backend (Rust):
cd src-tauri && cargo test
Note: Use
bun run testinstead ofbun testto ensure Vitest is used rather than the Bun native runner.
- Svelte Check:
bun run check - Rust Clippy:
cd src-tauri && cargo clippy
src/: SvelteKit frontend application.src-tauri/: Rust backend and Tauri configuration.docs/: Detailed feature specifications and architecture notes.
- Production: Preferences are stored via
tauri-plugin-store. If available, an app-level key is retrieved from the OS keychain to encrypt the store at rest. - Development (Vite): Falls back to
localStorage.
For details on advanced filtering and search operators, see the Search Query Syntax guide.
When using the "Direct Send" feature to receive files, the application binds a TCP listener to a local port.
- By default, it binds to
0.0.0.0, which makes the service accessible to any device on the same local area network (LAN). This is required for cross-device transfers. - For maximum security when LAN discovery is not needed, you can enable the "P2P Local-only (localhost)" setting in the Security tab of the app settings. This restricts the listener to
127.0.0.1, making it inaccessible from other devices on the network.
All P2P transfers are secured using SPAKE2 password-authenticated key exchange and XChaCha20-Poly1305 encryption.
MIT