Built on Solana

Pure Rust. 12 crates. 228 tests. Zero Python. cargo install coldstar

Pure Rust · Live on Solana Mainnet

Air-gapped cold signing
written in pure Rust

Your private key lives encrypted on a $10 USB drive. When you sign, it's decrypted in mlock'd RAM for ~100 microseconds, then zeroized. No GC, no FFI, no Python runtime. 12 crates, 228 tests, 18,380 lines of auditable Rust.

View on GitHub Install Now crates.io
$ cargo install coldstar
12
Crates
228
Tests
18,380
Lines of Rust
0
Unsafe Blocks

How It Works

Three steps. No special hardware required.

1

Encrypt keys to USB

Create a wallet or import an existing one. Your private key is encrypted with AES-256-GCM + Argon2id KDF, then saved to any USB drive.

2

Sign in mlock'd RAM

When you send a transaction, the key is decrypted in mlock'd memory for ~100 microseconds to sign, then zeroized. No GC means no copies linger.

3

Broadcast

Only the ed25519 signature (public data) is sent to the Solana network. Your private key never touched the internet, never touched disk.

Install Coldstar

Three ways to get started. Pick your favorite.

terminal 
# From crates.io (recommended)
cargo install coldstar

# From Homebrew
brew tap ExpertVagabond/coldstar-homebrew
brew install coldstar

# From source
git clone https://github.com/ExpertVagabond/coldstar-rs
cd coldstar-rs && cargo build --release

Requires Rust 1.75+ (or Homebrew on macOS/Linux). Cross-platform: macOS, Linux, Windows. For air-gapped mode, see full docs.

coldstar output 
COLDSTAR v2.0 — Pure Rust Air-Gapped Cold Wallet

[+] USB detected: KINGSTON 32GB (/dev/disk4s1)
[+] Wallet loaded: 7xKp...9mFv
[+] Balance: 12.847 SOL ($2,441.08)
[+] Security: mlock + zeroize active

  1. View Wallet / Balance
  2. Send SOL (Create Unsigned Transaction)
  3. Sign Transaction (Air-Gapped)
  4. Broadcast Signed Transaction
  5. Swap Tokens (Jupiter)
  6. Generate ZK Proof
  7. Backup / Restore Wallet

 Select an option:

Air-Gap Architecture

Keys never leave the USB. Signatures never touch disk.

USB Drive AES-256-GCM encrypted keypair + Argon2id KDF salt ENCRYPTED AT REST
mlock'd RAM Key decrypted for ~100us, ed25519 sign, immediate zeroize() NEVER SWAPPED TO DISK
Signature Only 64-byte ed25519 signature broadcast to Solana RPC PUBLIC DATA ONLY
mlock()
Memory pages pinned, cannot be swapped to disk
zeroize()
Compiler-guaranteed zeroing on Drop, no dead-store elimination
No GC / No FFI
No garbage collector copies, no foreign function boundary leaks

Why Coldstar?

Pure Rust

Every line is Rust. No Python runtime, no Node.js, no GC. Deterministic memory management means your keys are never copied by a garbage collector.

18,380 LOC

mlock + zeroize

Memory-locked pages prevent swap-to-disk. Zeroize trait guarantees keys are overwritten on drop. No compiler can optimize the wipe away.

AES-256-GCM + Argon2id

$10 vs $200

Any USB drive works. No proprietary chips, no serial numbers, no vendor to trust. If a drive is compromised, destroy it and restore from backup for $5.

Cost: $0

ZK Proofs

Generate zero-knowledge proofs of wallet ownership without revealing the private key. Prove you control an address without signing a transaction.

Groth16

Cross-Platform

Compiles natively on macOS, Linux, and Windows. Single binary, no runtime dependencies. Install from crates.io, Homebrew, or build from source.

macOS + Linux + Windows

Fully Open Source

Every line is public on GitHub. 12 modular crates on crates.io. You can audit the entire security model — no hidden firmware, no trust required.

MIT License

12 Crates on crates.io

Modular architecture. Use the full CLI or integrate individual crates into your project.

coldstar
Main CLI binary. Air-gapped cold wallet for Solana with TUI interface.
crates.io
coldstar-core
Core types, traits, and shared primitives used across all crates.
crates.io
🔒
coldstar-crypto
AES-256-GCM encryption, Argon2id KDF, mlock/zeroize memory security.
crates.io
👛
coldstar-wallet
Wallet creation, import, backup, and restore operations.
crates.io
coldstar-signer
ed25519 transaction signing in mlock'd RAM with automatic zeroize.
crates.io
💾
coldstar-usb
USB drive detection, mounting, and encrypted keystore management.
crates.io
🌐
coldstar-rpc
Solana RPC client for balance queries, transaction broadcast, and status.
crates.io
coldstar-swap
Jupiter DEX integration for token swaps from the command line.
crates.io
coldstar-zk
Zero-knowledge proof generation for wallet ownership verification.
crates.io
coldstar-tui
Terminal user interface with ratatui for interactive wallet management.
crates.io
🤖
coldstar-mcp
MCP server for AI agent wallet access. 14 tools, read-only by default.
crates.io
coldstar-config
Configuration management, network selection, and RPC endpoint handling.
crates.io

How It Compares

Coldstar Ledger Unruggable
Language Pure Rust (no GC, no FFI) C / proprietary firmware Mixed
Hardware Any USB drive Proprietary device Custom hardware
Memory security mlock + zeroize (compiler-guaranteed) Secure element Device-dependent
Supply chain risk None — commodity USB, open-source code Must trust vendor hardware + firmware Must trust manufacturer
ZK proofs Built-in
Open source Fully (12 crates)
Price Free + any USB $79-149 $40-80

Solana Ecosystem

Built alongside the best in Solana.

Roadmap

Where Coldstar is and where it's going.

Live Now

Pure Rust v2

  • 12 crates on crates.io
  • 228 tests, 18,380 LOC
  • mlock + zeroize memory security
  • Air-gapped signing with USB
  • Jupiter swap integration
  • ZK proof generation
  • Homebrew tap available
Q4 2026+

Hardware & Enterprise

  • Pre-built Coldstar USB wallets
  • DIY hardware kits
  • Enterprise custody integrations
  • Mobile companion app

Start in 60 Seconds

Free. Open source. Pure Rust. No account required.

Star on GitHub View on crates.io Read Documentation
$ cargo install coldstar