Enclv
Hardware-Secured Account Abstraction via Apple Secure Enclave for Seed-Phrase-Free Ethereum Wallets
Enclv is an Ethereum wallet I built for my Master's thesis. No seed phrases. Your keys live inside the Secure Enclave, transactions are signed with Face ID, and recovery works through Passkeys and a ZK-proof of hardware provenance.
The Problem
Web3 has a UX Trilemma.
The biggest obstacle to Web3 adoption isn't regulation or gas fees. It's the seed phrase. A sequence of 12 to 24 random words that is simultaneously your master key and your biggest vulnerability. Lose it: your wallet is gone forever. Expose it: everything you own can be drained in seconds. There's no support ticket, no recovery email, no reset link.
Every wallet tries to solve this, but the design space is trapped in a trilemma. Pick any two of the three properties below; you always give up the third.
The Solution
The "Face ID-to-Blockchain" Stack.
Enclv replaces the seed phrase with a stack of Apple and Ethereum primitives that, taken together, cover all three sides of the trilemma at once.
The Secure Enclave Processor is a dedicated cryptographic co-processor that sits physically isolated from the main CPU. When Enclv creates a key pair, it happens inside the SEP. The private key is bound to that chip and protected by Secure Boot. Even a fully compromised iOS environment can't touch it. Signing is triggered by Face ID or Touch ID, so the user never types a password or copies a mnemonic.
Covers security and convenience without compromise.
Rather than a standard EOA tied to a single private key, each Enclv wallet is a
smart account. A Validator module verifies secp256r1
signatures from the Secure Enclave, an Executor module handles
intent-based transactions, and Hook modules enforce policies like
rate limits and timelocks. Modules can be replaced without changing your on-chain identity.
The Secure Enclave uses secp256r1 (P-256), not Ethereum's native secp256k1. Verifying a P-256 signature in Solidity historically cost up to 330k gas. The RIP-7212 precompile, now live on Polygon and other L2s, brings that down to around 3,450 gas. That's the difference between a novelty and something you'd actually ship.
Makes hardware-native signatures economically viable.Technical Architecture
Research-grade engineering decisions.
These two decisions are where the real research sits, and what separates Enclv from a standard smart account wallet.
Apple's App Attest lets a device prove that a key pair was created inside a real Secure Enclave. The problem is that the attestation certificate includes identifiable metadata: device model, AAGUID, receipt. To strip that without losing the proof, Enclv wraps it in a ZK-SNARK circuit (built with Circom and snarkjs). The on-chain validator gets a cryptographic guarantee of hardware origin without ever seeing the raw certificate.
App Attest · snarkjs · Circom · Groth16 proof system
Losing your phone shouldn't mean losing your wallet. But recovery can't just be a backdoor. Enclv's recovery flow imposes a 48-hour timelock before any recovery request takes effect, plus a 7-day quarantine window where the original key can still cancel it. Passkeys, synced through iCloud Keychain, act as an out-of-band second factor so you can restore access on a new device with no seed phrase involved.
Passkeys · WebAuthn · ERC-7579 Hook modules · 48h timelock · 7d quarantine
Technology Stack
Three tightly integrated layers.
The project is a monorepo with three layers: a native iOS app, a backend that handles ZK attestation and recovery relaying, and a set of on-chain Solidity contracts.