codefunded logo iconcodefunded logo
What we doFundsetWorkTeamContact
Talk to us
codefunded logo iconcodefunded logo

CONTACT

+48 514 731 513
+48 578 626 161
contact@codefunded.com
  • LinkedIn
  • GitHub

MENU

  • What we do
  • Fundset
  • Work
  • Team
  • Contact
  • Expertise
  • Work with us

SERVICES

  • Build
  • Scale
  • Advise
  • Fractional CTO
© 2026 · codefunded services sp. z o.o.—Privacy policy—
← back to Work

CASE STUDY·FINTECH · PRIVACY

Building privacy-first fintech

We delivered audited smart contracts and an account abstraction architecture for BNXT — a Polish fintech combining messaging with blockchain payments. Users can send small amounts instantly, like tips in a chat, with full privacy. We joined in 2024 as technology consultants and smart contract developers.

Role

Technology consultants and smart contract developers

Scope

Smart contracts · Account abstraction (ERC-4337) · Architecture guidance · Security consulting

Scale

External audit (Mar 2025) · 40 testers · Pre-production stage · Ongoing validation

Services

Web3 · Consulting · Security

Tags

  • Smart Contracts
  • Software Development

The challenge

BNXT had a clear product vision. The gap between vision and execution was the entire blockchain layer.

They were building something complex: a chat app where every message could carry a payment, with wallets that don't require users to understand crypto. In fintech, especially with blockchain, mistakes aren't just bugs — they're risks to user funds.

What we delivered

  • Audited smart contracts

    Token contracts powering BNXT's payment system, built with established security patterns and thorough testing.

  • Account abstraction architecture

    ERC-4337 + Biconomy setup enabling token transfers without gas management or crypto-native UX friction.

  • Payment gateway integration blueprint

    A clear integration path to Ari10 for converting between traditional currency and crypto.

  • Architecture guidance and checkpoints

    Integration patterns, security requirements, and code review checkpoints for external mobile and backend teams.

How we built it

Our role was consultant and builder. We wrote the smart contracts ourselves, then guided external teams on how to integrate them properly.

Security was the priority. We conducted threat modeling for common attack patterns, handled edge cases in token transfers, and ensured comprehensive testing with 40 internal and external testers.

The contracts passed an external security audit by Composable Security in March 2025. Internal penetration testing by experienced QA validated the broader system.

Security was the priority.
BNXT dashboard — communication and payment platform

Key decisions

Consulting model with validation checkpoints

Guiding external teams without controlling their codebase required clear documentation and regular validation. Teaching takes longer but builds client capability.

Account abstraction, security-first

Abstraction improves UX but increases the attack surface. We chose a security-first design with thorough testing of the abstraction layer.

Transparent knowledge sharing

We documented everything openly, even when it reduced future dependency on us. Trust mattered more than locking in work.

Outcomes

A security-audited blockchain layer ready for production launch, validated by extensive testing and clear integration guidance for partner teams.

40
testers
1
external audit
0
critical issues
Pre-prod
stage

What we took away

Architecture before code

Sound architecture and best practices upfront reduce risk and rework later — especially in fintech.

Mentoring is leverage

Transferring know-how to other teams can be slower than shipping alone, but it compounds long-term value.

Security from day one

Edge cases and attack vectors must be designed in, not patched after the fact.

Transparency builds trust

Clear communication and explicit checkpoints create confidence across teams and stakeholders.

What's next

We support BNXT through production launch preparation, user onboarding strategy, and performance optimization based on real usage patterns.

Bring us the hard part

A first version you need shipped, a second phase you've outgrown, or a decision your team can't agree on — write a paragraph and we'll come back inside a day with whether it's a shape we take on.