Confidential Aave Execution - Powered by Hinkal SDK
@mike_krupin built Hush - a confidential execution interface for @aave powered by the Hinkal SDK.
Users can supply, borrow, repay, and withdraw on Aave without directly exposing the link between their wallet and their strategy.
Aave itself remains unchanged.
This is a real example of a builder extending an existing DeFi protocol using Hinkal infrastructure.
Why This Matters
Aave is one of the largest decentralized lending markets.
Users deposit assets such as USDC to earn yield and borrow assets such as WETH against collateral.
All activity on Aave is public by design. That transparency enables verification - but it also exposes strategy size, timing, and risk profile.
For funds, traders, and strategy operators, that visibility can be sensitive. Hush demonstrates that confidentiality can be introduced without modifying the underlying lending protocol.
Architecture Overview
Hush is a standalone application that routes Aave interactions through Hinkal’s confidential execution system.
Instead of:
Wallet → Aave
The flow becomes:
Wallet → Hinkal execution → Emporium → PrivateSupplyAdapter → Per-user vault → Aave
Each private user is assigned a dedicated vault contract. That vault interacts with Aave under standard rules.
From Aave’s perspective:
- Deposits accrue interest normally
- Borrowing follows the same risk parameters
- Liquidations remain unchanged
No protocol modification. No governance approval. No liquidity migration.
This is execution routing - not protocol redesign.
How the SDK Is Applied
Hush integrates Hinkal’s Emporium execution contract - the on-chain component that validates and executes confidential actions - and implements a custom ‘PrivateSupplyAdapter’ to connect those actions to Aave.
Users interact through a WebCLI (a browser-based command interface) using commands such as:
- ‘private-supply’
- ‘private-borrow’
- ‘private-repay’
- ‘private-withdraw’
When a command is executed:
1) A structured private action is constructed.
2) The action is routed through Hinkal’s on-chain execution infrastructure (Emporium).
3) The adapter forwards the action to a per-user vault.
4) The vault performs the standard Aave interaction.
Aave sees a vault interacting - not the originating wallet.
This demonstrates direct SDK-level integration, not a UI wrapper.
Authorization Model
Each lending position uses a rotating authorization secret.
- A secret is generated in the user’s browser when a position is created.
- Its hash is stored on-chain.
- Borrow, repay, and withdraw operations require the correct secret.
- The secret rotates after each sensitive action.
Secrets are currently stored in encrypted browser storage and must be handled securely. The user can also see the secret on UI after execution of a sensitive operation and then reuse it later on manually with commands.
What This Signals
Hush demonstrates that developers can extend existing DeFi protocols with confidential execution using Hinkal’s SDK and execution infrastructure.
Privacy does not require:
- Replacing lending markets
- Forking protocols
- Migrating liquidity
Aave continues operating exactly as designed, while confidential interaction logic is introduced at the execution level.
This architectural model can be applied to other lending markets and DeFi protocols, enabling privacy-preserving execution without altering core protocol design.
Hush is an early proof of that capability.
Built by Hinkal.