High-Assurance Local Print Router/Server
Presswerk (German: press works / printing press) is a cross-platform mobile app that discovers network printers, manages print jobs, processes documents, and exposes your phone as a network print server.
Built with formal verification (Idris2 ABI proofs), memory-safe Rust throughout, encrypted local storage, and a complete audit trail.
-
Easy Mode UI — 3-tap printing (Choose file → auto-select printer → PRINT); giant touch targets for elderly/children
-
Printer Discovery — mDNS/DNS-SD, SNMP, manual IP entry; remembers printers across restarts
-
IPP Printing — Full RFC 8010/8011 client with all settings (copies, duplex, colour, paper, orientation)
-
Protocol Downgrade — IPPS → IPP → LPR → Raw TCP; always starts from most secure
-
Print Doctor — 6-step diagnostic wizard (network → discovery → reachable → IPP → ready → test print)
-
Retry Engine — Exponential backoff with jitter, circuit breaker, network self-healing
-
Universal Connectivity — USB, Bluetooth, Wi-Fi Direct, NFC, Serial, Parallel, FireWire, Thunderbolt, and more
-
Document Processing — PDF read/merge/split/rotate/crop, image resize/enhance, text-to-PDF, format auto-conversion
-
Document Scanning — Camera capture with edge detection, perspective correction, binarisation, OCR
-
Print Server Mode — Phone advertises itself as a network printer; other LAN devices can print to it
-
Encrypted Storage — age (X25519) encryption at rest for all local data
-
Audit Trail — Append-only encrypted SQLite log of every operation
-
Formal Verification — Idris2 ABI proofs for protocol correctness, encryption invariants, and bridge safety
-
Human Error Messages — Plain English with actionable suggestions, not raw technical strings
presswerk/
├── Cargo.toml # Workspace root (6 crates)
├── Dioxus.toml # Dioxus CLI config (iOS/Android bundle IDs)
├── justfile # Build recipes
├── crates/
│ ├── presswerk-core/ # Shared types, errors, config
│ ├── presswerk-security/ # Encrypted storage, audit trail, TLS certs
│ ├── presswerk-document/ # PDF ops, image processing, scanning, OCR
│ ├── presswerk-print/ # IPP client/server, mDNS discovery, job queue
│ ├── presswerk-bridge/ # Native platform FFI (iOS objc2 + Android JNI)
│ └── presswerk-app/ # Dioxus UI (10 pages, routing, state)
├── src/abi/ # Idris2 ABI proofs (5 files, no Admitted)
│ ├── Types.idr # Core types, C ABI sizes, injectivity
│ ├── Protocol.idr # IPP ops, job state machine
│ ├── Encryption.idr # encrypt/decrypt roundtrip, bounds
│ ├── Layout.idr # Struct alignment proofs
│ └── Bridge.idr # Toll-free bridging, keychain, threads, JNI
├── ffi/zig/ # Zig FFI (C-compatible, 5 tests)
├── generated/abi/ # Auto-generated C headers
├── .machine_readable/ # SCM metadata (STATE, META, ECOSYSTEM, etc.)
└── .bot_directives/ # Bot directives (7 bots)presswerk-core (no internal deps — thiserror, serde, uuid, chrono)
↑
presswerk-security (→ core; age, ring, rustls, rusqlite)
↑
presswerk-document (→ core; lopdf, printpdf, image, imageproc, ocrs)
↑
presswerk-print (→ core, security; ipp, mdns-sd, tokio)
↑
presswerk-bridge (→ core; objc2 [iOS], jni [Android])
↑
presswerk-app (→ ALL above; dioxus with mobile feature)| Layer | Technology | Purpose |
|---|---|---|
UI Framework |
Dioxus 0.7+ |
Pure Rust, React-like, mobile-native |
Print Protocol |
IPP/1.1 + LPR + Raw TCP |
Protocol downgrade chain, retry engine |
Discovery |
mdns-sd |
mDNS/DNS-SD printer scanning |
lopdf + printpdf |
Read/write/manipulate PDFs |
|
Image |
image + imageproc |
Processing pipeline |
Scanning |
Canny edge + Hough + perspective correction |
10-step pipeline |
OCR |
ocrs (pure Rust neural) |
No C deps (Tesseract-free) |
Security |
age + ring + rustls |
Encryption, TLS, integrity |
Storage |
rusqlite (bundled) |
Persistent job queue + audit trail |
ABI |
Idris2 |
Formal verification (5 proof files) |
FFI |
Zig |
C-compatible implementation |
iOS Bridge |
objc2 + objc2-ui-kit |
UIKit, Security.framework |
Android Bridge |
jni + ndk-context |
PrintManager, Intents, Keystore |
-
46 Rust source files (10,749 lines)
-
5 Idris2 ABI proof files (0
Admitted, 0believe_me) -
3 Zig FFI files
-
68 unit tests (47 print + 14 security + 7 document)
-
7 criterion benchmarks (3 security + 3 print + 1 document)
-
21 GitHub Actions workflows (CI, security, release, benchmarks, CodeQL, Scorecard)
-
0 clippy warnings, 0 audit vulnerabilities
-
0 critical security findings (panic-attack)
# Desktop development
just dev
# Run tests (library crates only — avoids desktop linker deps)
just test-libs
# Full CI check (test + lint + fmt)
just ci
# Clippy lint
just lint
# Run benchmarks
just bench
# Security scan
just assail
# Type-check Idris2 ABI proofs
just verify-abi
# iOS (requires macOS + Xcode)
just ios
# Android (requires NDK)
just androidThe Idris2 ABI layer provides compile-time proofs for:
| File | What It Proves |
|---|---|
Types.idr |
Core types with C ABI sizes, platform detection, injectivity |
Protocol.idr |
IPP op-code injectivity, job state machine transitions, terminal states |
Encryption.idr |
encrypt/decrypt roundtrip identity, ciphertext bounds, key separation |
Layout.idr |
Struct memory layout alignment for FFI boundary safety |
Bridge.idr |
Toll-free bridging (iOS), keychain semantics, thread safety, JNI invariants |
Every unsafe block in Rust references the specific ABI proof that justifies it.
-
Encrypted storage — age (X25519) encryption at rest
-
Audit trail — Append-only encrypted SQLite log
-
TLS certificates — Ed25519 self-signed for print server mode
-
Document integrity — SHA-256 hashing with content-addressed storage
-
Formal proofs — No
Admitted, nobelieve_me, notransmute -
SAFETY comments — Every
unsafeblock references Bridge.idr/Layout.idr proofs
# Build (Podman, chainguard base)
podman build -f Containerfile -t presswerk:latest .
# Run headless print server
podman run --rm -p 631:631 -v presswerk-data:/app/data presswerk:latest
# Seal and sign
selur seal presswerk:latest
cerro-torre sign presswerk:latestSPDX-License-Identifier: PMPL-1.0-or-later
Copyright (c) 2026 Jonathan D.A. Jewell (hyperpolymath) <jonathan.jewell@open.ac.uk>
