Devlog: Smart Accounts, Passkeys, and Building the Foundation

I owe you all an update.

It's the first devlog of 2026, and I know it's been quieter than usual from Hoops. No flashy announcements, no rapid-fire feature drops. If you've been watching from the outside, it probably looks like we've slowed down.

I want to be honest about that and then I want to show you what we've actually been doing.

Short answer: we went deeper.

If you've followed Hoops from the early days (the indexer, the data API, the SCF grants, the Meridian energy) you know we've never been short on vision. Risk-assessed analytics. Automated liquidity management. Savings accounts that distribute across protocols based on your risk profile. All of that still stands. The architecture hasn't changed.

What we've been building is the piece that was always next on the roadmap: how the account is controlled.

If you go back to our original smart contract architecture there was always a section marked "Custom Authentication Methods." Passkeys, multisig, time-based restrictions. We knew from day one that the interaction layer had to go beyond browser extensions.

Well, that's the piece we just built.

And that kind of work doesn't ship in a weekend. It ships in months of heads-down building, testing, breaking things, rebuilding them better. That's where we've been. And I'm proud of what came out the other side.

Our auth flow has always had two paths into the smart account: connect an existing Stellar wallet, or authorize via passkey. That was in the design from Tranche 3 planning. What changed is that the passkey path is now real.

If you read our October 2025 devlog, we had just finished rebuilding the entire platform authentication stack with zero-knowledge login, challenge discipline, and the whole foundation. That devlog ended with a "What's Next" section that mapped out exactly this: passkeys as a first-class authentication method, with on-chain signature verification. The smart account signer model was designed. The architecture was there. It just wasn't running on-chain yet.

Now it is.

The Hoops Account contract lives on Soroban and is controlled entirely by a passkey, which the same biometric authentication you use to unlock your phone. No browser extension. No seed phrase. No server holding your keys. Your fingerprint IS the key, and the signature is verified on-chain inside the smart contract itself.

The contract owns itself. There is no externally owned account sitting behind it. No seed phrase to export. No custody risk.

When you tap your fingerprint, the contract's __check_auth verifies your secp256r1 signature directly on Stellar. If it passes, the operation executes. If it doesn't, nothing moves.

This is what the architecture always pointed toward. The indexer tracks liquidity. The data API serves pool metrics. The factory creates accounts. And now, the account contract can be authorized by a hardware-backed biometric key.

That was not trivial to build.

I want to be real about something.

This cycle has been deeply hands-on for me. Not just product direction. Not just roadmap conversations. Actual code. Every day.

I've been reworking authentication flows, building out our custom passkey kit on top of existing open-source libraries and adapting it to our protocol's needs, handling cryptographic signature conversions, debugging Soroban simulation delays, refactoring account logic for multi-protocol deposits, and working through adapter edge cases at hours I probably shouldn't admit to.

There's something different about this stage of a company. It's not "ship features fast and see what sticks." It's "build the foundation correctly, because everything else sits on top of it."

And that takes longer.

Some days it's a new feature. Some days it's deleting a bad design. Some days it's rewriting hundreds of lines of signing logic because the first version worked but wasn't correct enough.

That's founder mode.

Less hype. More time in the editor. More responsibility.

I recorded a walkthrough. This is not a pitch or a polished marketing video. A real demo of where Hoops is today.

You'll see the full DeFi lifecycle from zero to active portfolio operations, authenticated entirely by biometric:

One fingerprint per operation. No extension popups. No seed phrases. No custody.

The most interesting step? The deposit. One biometric prompt deposits into two protocols atomically. If either pool fails, nothing is committed. One touch, two protocols, fully atomic. Five contract hops, one signature. That's the kind of UX that makes DeFi accessible beyond the crypto-native crowd.

It looks simple when you watch it.

Getting there required building out a whole layer of the protocol.

Our architecture has always been layered:

The off-chain indexer tracking ecosystem liquidity across protocols. The factory creating savings accounts. The account contracts handling deposits and withdrawals across multiple AMMs. The oracle we're building to store pool metrics on-chain. And the authentication layer controlling who can authorize what.

Every piece is connected. The indexer computes pool metrics and serves them via the data API. The account routes through adapters to external AMMs. And now, the auth layer, the piece that was always designed but not yet implemented, is live.

That unlocks what comes next: session keys.

Next iteration, one fingerprint authorizes a time-limited session key. Then multi-step strategies can execute without repeated prompts. Imagine a 6-pool rebalancing strategy: one fingerprint, six transactions, zero additional prompts.

That's how automated liquidity management becomes smooth enough for real users. And it's a straight line from where we are today.

We're not rushing this.

The passkey verification path needs to be bulletproof before it touches real funds. The account contract needs to handle multi-pool rebalance cleanly. There are adapter fixes to ship. Batch withdrawal needs to be implemented while taking into account each protocol’s different withdrawal mechanisms.

We are actively preparing specs and refactors with audit-readiness in mind. Every design decision right now is being made with the assumption that an auditor will read every line.

Security over speed. Always.

This is the part of building that doesn't make for exciting tweets, but it's the part that matters most. When users trust a smart account with their funds, the verification path can't have edge cases. It can't be "good enough." It has to be correct.

The passkey foundation opens up a clear path forward.

Next iterations will extend the auth model to support session keys alongside passkeys, add batch withdrawal for atomic multi-pool redemptions, and fix the adapter issues we found during testing. The full spec is written and ready.

Beyond that, the pieces we're building toward, risk profiles, an on-chain oracle for pool metrics, automated rebalancing, now have a proper account layer to sit on top of. The "Custom Authentication Methods" from our original architecture doc aren't a future plan anymore. They're shipping.

This is just the beginning of what this architecture enables.

While we're being honest, I've been quiet on X too. For weeks.

Part of that was intentional. When you're deep in protocol-level work, context-switching to post updates feels like it takes more energy than it should. I kept telling myself I'd post when there was something concrete to show. And then weeks turned into months.

I'm reassessing that. Building in silence might feel productive, but it disconnects you from the community that's been rooting for you since day one. And that's not how I want to build Hoops.

So consider this the reset. I'm getting active again. More updates, more sharing the process, not just the milestones. If you've stuck around through the quiet months, thank you. You're about to see a lot more from us.

Even when progress looks incremental from the outside, we are building every day.

Hoops isn't just a dashboard. It's becoming a smart account protocol for risk-adjusted DeFi on Stellar. Every component we've built, from the indexer to the router to the adapters to this authentication layer, is coming together into a real, working system.

And this demo is the clearest proof so far.

I'm proud of this phase. It's quieter. It's harder to show off. But it's the most important work we've done.

More soon.

- Bastian

Hoops Finance is supported by the Stellar Community Fund. Follow our progress on GitHub and @bastiankoh.

Demo contract on testnet: CDXDR5BQ62ABV4NFWI44EECG7SK6DSITLETOXFRYZ3GVWL2CVQB6YBFA