LocalSend tackles a common frustration: sharing files effortlessly and securely across devices on the same local network without relying on internet connectivity or central servers. It provides a privacy-respecting alternative to popular solutions like Apple’s AirDrop, but with a broader platform reach and a stronger focus on security and zero-configuration setup.
what LocalSend does and how it is structured
LocalSend is an open-source file-sharing application designed for peer-to-peer transfers over local networks. It supports Windows, macOS, Linux, Android, iOS, and Fire OS, making it a rare cross-platform option for LAN file sharing beyond the Apple ecosystem.
Under the hood, the user interface is built with Flutter using Dart, which allows a single codebase to target mobile and desktop platforms with native-like performance and UI consistency. Performance-critical parts, especially networking and security layers, are implemented in Rust. This hybrid approach leverages Rust’s system-level efficiency and safety for cryptographic operations while benefiting from Flutter’s rich UI framework.
Communication between devices occurs over a local REST API secured by HTTPS. The standout architectural detail is the use of dynamically generated TLS certificates per device, without any reliance on a central certificate authority or pre-shared secrets. Each device generates its own self-signed certificate on the fly. This acts as a mini public key infrastructure (PKI) that enables encrypted, authenticated communication between peers seamlessly.
The app uses port 53317 for both TCP and UDP traffic, and it requires that devices be connected to the same LAN. There is no need for internet access or cloud servers, which strengthens privacy and reduces dependencies.
Additionally, LocalSend offers features like a portable mode—allowing users to run the app from any folder with a local settings file—and a hidden startup mode that runs the app minimized to the system tray.
technical strengths and design tradeoffs
The most interesting aspect of LocalSend is its method for securing communications using ephemeral TLS certificates generated per device. This design avoids the complexity and privacy concerns of involving central certificate authorities or requiring users to manually configure certificates. By issuing self-signed certificates on the fly, LocalSend effectively creates a trust environment limited to the local network. This eliminates the need for accounts, passwords, or cloud dependencies, which fits the privacy-first ethos.
This approach is clever but does come with tradeoffs. Since the certificates are self-signed and local, trust is inherently limited to the LAN environment. This means that if the local network is compromised or if rogue devices join the network, the security guarantees weaken. It’s a practical choice for typical home or office networks but less suitable for hostile or untrusted environments.
The architecture also balances cross-platform consistency and performance by combining Flutter and Rust. Flutter handles the UI layer, ensuring a consistent user experience on all supported platforms, while Rust handles the performance-sensitive components—likely the networking stack and cryptographic operations.
The choice to expose a REST API over HTTPS for communication is a pragmatic one, making it easier to integrate, debug, and extend. It leverages well-understood web protocols and tooling. The use of TLS ensures data confidentiality and integrity.
From an implementation standpoint, the app listens on a fixed port (53317) for both TCP and UDP. This simplifies firewall and router configuration but requires users to ensure this port is open and AP isolation is disabled on their networks. The README explicitly calls out these network configuration steps, reflecting practical deployment considerations.
The codebase is actively maintained, with updates to features like portable mode and hidden startup introduced in recent versions, showing responsiveness to user needs and real-world usage patterns.
quick start
LocalSend generally works out of the box, but there are a few network configuration points to keep in mind:
- Ensure your firewall allows incoming TCP and UDP traffic on port 53317.
- Outgoing TCP and UDP traffic is generally allowed.
- Disable AP isolation on your router, especially if using guest networks, to allow devices to see each other.
For portable mode, create an empty settings.json in the same directory as the executable to store settings locally instead of the default location.
To start the app hidden (minimized to tray), use the --hidden flag when launching the executable, e.g., localsend_app.exe --hidden.
For developers interested in building the app from source, the README outlines the following steps:
# Install Flutter (version managed via fvm) and Rust
# Clone the LocalSend repo
cd app
flutter pub get
flutter run
Note that LocalSend requires an older Flutter version specified in .fvmrc, so using fvm flutter instead of a system-wide flutter installation helps avoid build issues.
verdict
LocalSend is a solid choice for developers and users who want secure, zero-configuration, cross-platform file sharing on local networks without relying on cloud or third-party servers. Its hybrid Flutter-Rust architecture balances UI flexibility with performance and security.
The on-the-fly TLS certificate generation is a neat solution for local trust management, avoiding the complexities of traditional PKI while maintaining encrypted communication. However, this design assumes a trusted local network environment; it is not intended for use over untrusted or public networks.
The project’s active maintenance and clear documentation make it approachable for developers wanting to contribute or integrate its components.
If your use case involves frequent file transfers across diverse devices in a private LAN, and you value privacy and ease of use, LocalSend is worth exploring. The network configuration requirements around port 53317 and AP isolation are minor hurdles in typical home or office networks but worth noting.
Overall, LocalSend exemplifies practical engineering choices to solve a well-known problem with a clean, maintainable codebase and an emphasis on security without sacrificing user experience.
Related Articles
- Cashew: A local-first Flutter budget app blending Drift SQL with Firebase sync — Cashew is a Flutter-based cross-platform budget app using Drift for offline SQL storage and Firebase for authentication
- Zero Password Manager: a Flutter frontend with Python backend for secure credential management — Zero Password Manager is an open-source project combining Flutter/Dart frontend with a Python backend to offer a secure,
- PlainApp: A self-hosted Android phone management server with layered local network encryption — PlainApp turns your Android phone into a self-hosted management server with end-to-end encryption via TLS plus XChaCha20
- Telegram Drive: Using Telegram as Personal Cloud Storage with a Native Desktop File Explorer — Telegram Drive repurposes Telegram’s messaging API into a filesystem-like desktop app with Rust backend, React frontend,
- ScaleTail: Per-Service Tailscale Sidecars for Secure Self-Hosting with Docker Compose — ScaleTail uses Tailscale sidecars per service in Docker Compose to enable automatic HTTPS and zero-config networking for
→ GitHub Repo: localsend/localsend ⭐ 81,727 · Dart