Information flow control (IFC) ensures confidentiality by preventing secret values from affecting non-secret values. Existing language-level IFC approaches modify the language and use non-standard compilation tools, impose run-time overhead, or report false leaks, all of which hinder adoption. This paper presents Cocoon, a Rust library for static type-based IFC that uses the unmodified Rust language and compiler. The key insight of Cocoon lies in leveraging Rust’s type system and procedural macros to establish an effect system that allows applications to safely compute arbitrary functions on secret data. We integrated Cocoon into two popular Rust programs, the Spotify TUI client and Mozilla’s Servo browser engine, to protect a secret value in each program. The results show that applications can be retrofitted to use Cocoon with limited modifications, at least to protect a single value, with negligible or nonexistent impacts on run-time and compile-time performance.