Introducing the next evolution in automated DeFi: a fully non-custodial On-Chain Agent built on Base Sepolia. By leveraging EIP-7702 and MetaMask Advanced Permissions, our protocol solves the critical
FlexPass is a decentralized "Pay-As-You-Go" infrastructure for physical spaces (Gyms, Co-working, Parking). We replace rigid subscriptions and paper tickets with fluid, programmable sessions that charge by the second.
We solved the "Dine and Dash" problem of the physical world without using expensive sensors or cameras. Instead, we use Game Theory and Cryptographic Proof-of-Exit to guarantee payments on-chain.
In the physical world, access is binary: you either buy a generic Day Pass or commit to a Monthly Subscription.
Inefficient: Users pay for time they don't use.
High Risk: Venues cannot offer "Pay-by-the-minute" billing because they have no way to stop a user from leaving without paying (the "Exit Problem").
No Reputation: A loyal user at "Gold's Gym" is treated like a stranger at "Starbucks," forced to pay deposits everywhere they go.
FlexPass turns any physical location into a liquid asset. It combines an On-Chain Reputation Engine (powered by Envio) with a "Financial Hostage" mechanism to ensure trustless, streaming payments.
We don't need to track the user with invasive GPS or Wi-Fi. We simply align their economic incentives so they cannot cheat.
Instead of a flat fee, FlexPass assesses the Financial Risk of every user instantly upon scanning the entry QR.
The Logic: The app queries our Envio Indexer to check the user's historical behavior (Trust Score).
Zero-Deposit Mode: "VIP Users" (High Score) enter instantly with $0 upfront.
Max-Cap Deposit: "New Users" (Low Score) must approve a temporary deposit (e.g., $50) to enter. This ensures they have "Skin in the Game."
To solve the cheating problem without sensors, we inverted the payment flow. The user cannot stop the billing from their phone.
The Lock: The "End Session" button is disabled in the app.
The Key: The only way to stop the money stream and unlock the deposit is to generate a "Proof of Exit" at the venue's door.
The Kiosk: An iPad at the exit generates a unique, cryptographically signed permit. The user scans this to prove—on-chain—that they have physically left the premises.
We use Envio not just for history, but as a live intelligence engine for the Merchant.
Live Occupancy Grid: The Merchant's dashboard updates in milliseconds to show exactly who is inside the venue right now.
Cross-Venue Reputation: If a user behaves well at a Gym, Envio updates their global score, instantly lowering their deposit requirements at Parking lots and Cafes across the network.
Scan to Enter: User scans the Venue QR.
Risk Check: Smart Contract checks Envio Score $\to$ Locks Deposit (if needed) $\to$ Starts Timer.
Usage: User enjoys the facility. The app visualizes the cost ticking up in real-time.
The Exit: User walks to the door. The Exit Kiosk recognizes them and displays a signed Exit QR.
Settlement: User scans the Exit QR. The Smart Contract verifies the signature, calculates the exact cost (e.g., $4.50), pays the venue, and refunds the remaining deposit ($45.50) instantly.
Blockchain: Base Sepolia (High speed, low gas for micro-transactions).
Smart Contracts: Solidity (Custom SessionManager with EIP-712 Signature Verification).
Indexer: Envio (Hyper-indexers for calculating Trust Scores and powering the Live Kiosk).
Frontend: Next.js, Tailwind CSS, Viem (for wallet interactions).
Security: Cryptographic Signatures (ECDSA) for Kiosk authentication to prevent "Replay Attacks."
Building a truly non-custodial agent meant strictly adhering to EIP-7702, which required extensive custom implementation to bridge Base Sepolia and our Flutter mobile app. We also tackled significant backend challenges, successfully optimizing our Envio indexer from a memory-intensive process down to a streamlined, production-ready microservice.