Now open source on GitHub

Anvil Wallet

Forged in Rust. Open Source. Unbreakable.

Self-custody crypto wallet built from the ground up in Rust. Your keys never leave your device.

View on GitHub Coming to App Store
Open Source 241 Tests Zero Telemetry 16 Security Layers
Why Rust

The only mobile wallet with
a pure Rust core

Every other mobile wallet uses JavaScript, Swift, or Kotlin for crypto operations. We use Rust.

Memory safety at compile time

Rust guarantees memory safety without a garbage collector. No buffer overflows, no use-after-free, no dangling pointers -- all verified before your code ever runs.

Secrets zeroized on drop

Private keys are automatically wiped from memory when no longer needed. No garbage collector leaving secrets scattered in RAM.

Pure Rust cryptography

Zero C dependencies. All cryptographic operations use audited, pure-Rust crates. The same code compiles for iOS, Android, and desktop.

Cross-platform from one codebase

Write once, compile everywhere. The Rust core runs identically on every platform via UniFFI bindings -- no platform-specific crypto bugs.

"In most wallets, a single memory bug can leak your private key. In Rust, that class of bug simply cannot exist."

wallet_core/src/keychain.rs 
use zeroize::{Zeroize, ZeroizeOnDrop};

/// Private key that automatically wipes
/// itself from memory when dropped.
#[derive(Zeroize, ZeroizeOnDrop)]
pub struct SecretKey {
    // 32 bytes, zeroized on drop
    bytes: [u8; 32],
}

impl SecretKey {
    /// Derive a child key using BIP-32.
    /// The parent key is consumed and
    /// zeroized after derivation.
    pub fn derive_child(
        mut self,
        path: &DerivationPath,
    ) -> Result<SecretKey, KeyError> {
        let child = self.derive_internal(path)?;
        // `self` is dropped here,
        // memory is automatically zeroized
        Ok(child)
    }
}

// When `SecretKey` goes out of scope:
// 1. Rust's ownership system ensures
//    exactly one owner exists
// 2. ZeroizeOnDrop overwrites bytes
//    with zeros
// 3. Memory is deallocated
// No GC, no timing gaps, no leaks.
Multi-Chain

One wallet, every chain

Native support for major blockchains and their tokens. All key derivation and signing happens in the Rust core.

Bitcoin
Ethereum
Solana
Polygon
Arbitrum
Base
Optimism
BSC
Avalanche

Plus ERC-20 and SPL token support -- add any token on any supported chain.

Security

16 layers of defense

Security is not a feature -- it is the architecture. Every layer is independently verifiable in the source code.

Hardware
Secure Enclave P-256
iOS Keychain Storage
Biometric Authentication
Encryption
AES-256-GCM Encryption
Argon2id Key Derivation
Memory Zeroization
Protection
Jailbreak Detection
Anti-Debug Protection
Screenshot Protection
Clipboard Auto-Clear
Certificate Pinning
App Integrity Checks
Validation & Privacy
Transaction Simulation
Address Validation
Zero Telemetry
Zero Analytics

Double Encryption

Your seed phrase is encrypted by Rust (Argon2id + AES-256-GCM) AND by the Secure Enclave (P-256). An attacker would need to break both layers -- a mathematical impossibility with current technology.

Open Source

Every line of code is public.
Verify it yourself.

241
Tests passing
5
Rust crates
17k+
Lines of code
MIT
License

"We believe security comes from transparency, not obscurity."

Browse the source code
Architecture

Clean separation of concerns

The UI layer never touches cryptography. All sensitive operations are isolated in the Rust core, exposed via type-safe UniFFI bindings.

SwiftUI (iOS)
User interface, navigation, system APIs
UniFFI bindings
UniFFI Bridge
Generated Swift bindings to Rust -- type-safe FFI
Rust ABI
Rust Core
Cryptography, key management, signing, chain logic
wallet_core
wallet_crypto
wallet_chain
wallet_storage
wallet_ffi