CASE STUDY
BNXT
We delivered audited smart contracts and account abstraction architecture for BNXT — a Polish fintech combining messaging with blockchain payments. We joined in 2024 as technology consultant and smart contract developer; users can send small amounts like tips in chat, with full privacy.
Fintech / Privacy · Smart contracts, account abstraction architecture, integration guidance, technical consulting
The shape of the engagement.
Technology consultant and smart contract developer
Contracts audited · App in pre-production stage · Internal and external testing ongoing
BNXT — Building Privacy-First Fintech
We delivered audited smart contracts and account abstraction architecture for BNXT — a Polish fintech combining messaging with blockchain payments. Users can send small amounts instantly, like tips in a chat, with full privacy. We joined in 2024 as technology consultants and smart contract developers.
The Challenge
BNXT had a clear product vision. The gap between vision and execution was the entire blockchain layer. They were building something complex: a chat app where every message could carry a payment, with wallets that don't require users to understand crypto. In fintech, especially with blockchain, mistakes aren't just bugs — they're risks to user funds.
What We Delivered
Smart contracts: We designed and built the token contracts that power BNXT's payment system, using established security patterns and thorough testing.
Account abstraction architecture: We implemented a system (ERC-4337 with Biconomy) that lets users send tokens without managing gas fees or understanding blockchain mechanics. From their perspective, it just works.
Payment gateway integration: We specified how the app connects to Ari10 for converting between traditional currency and crypto.
Architecture guidance: While external teams built the mobile app and backend, we provided the blueprints — integration patterns, security requirements, and code review checkpoints.
How We Built It
Our role was consultant and builder. We wrote the smart contracts ourselves, then guided external teams on how to integrate them properly.
Security was the priority. We conducted threat modeling for common attack patterns, handled edge cases in token transfers, and ensured comprehensive testing with 40 internal and external testers.
The contracts passed an external security audit by Composable Security in March 2025. Internal penetration testing by experienced QA validated the broader system.
Key Decisions
Consulting model: Guiding external teams without controlling their codebase required clear documentation and regular validation checkpoints. Teaching takes longer but builds client capability.
Account abstraction trade-off: More abstraction means better user experience but a larger attack surface. We chose security-first design with thorough testing of the abstraction layer.
Knowledge sharing: We documented everything transparently, even when it meant teaching skills that could reduce future dependency on us. Building trust mattered more than locking in work.
Results
Forty testers validated the system. One external audit (Composable Security, March 2025). Zero critical issues in production. The application is in pre-production with ongoing testing.
- Smart contracts passed external security audit (Composable Security, March 2025)
- Internal penetration testing completed
- Account abstraction architecture implemented and tested
- Application in pre-production with ongoing testing
What's Next
We support BNXT through production launch preparation, user onboarding strategy, and performance optimization based on real usage patterns.