A permissionless protocol for onchain payments that mimics traditional "authorize and capture" payment flows.

The Commerce Payments Protocol facilitates secure escrow-based payments with flexible authorization and capture patterns. Operators drive payment flows using modular token collectors while the protocol ensures payer and merchant protections.

📖 Read the Full Documentation

• Two-Phase Payments: Separate authorization and capture for guaranteed merchant payments and management of real-world complexity
• Flexible Fee Structure: Configurable fee rates and recipients within predefined ranges
• Modular Token Collection: Support for multiple authorization methods (ERC-3009, Permit2, allowances, spend permissions)
• Built-in Protections: Time-based expiries, amount limits, and reclaim mechanisms
• Operator Model: Permissionless operators manage payment flows while remaining trust-minimized

• Protocol Overview - Architecture, components, and payment lifecycle
• Security Analysis - Security features, risk assessment, and mitigation strategies
• Token Collectors Guide - Modular payment authorization methods
• Fee System - Comprehensive fee mechanics and examples
• Core Operations:
  • Authorize - Reserve funds for future capture
  • Capture - Transfer authorized funds to merchants
  • Charge - Immediate authorization and capture
  • Void - Cancel authorizations (operator)
  • Reclaim - Recover expired authorizations (payer)
  • Refund - Return captured funds to payers

# Install dependencies
forge install
# Run tests
forge test
# Deploy (example)
forge script script/Deploy.s.sol --rpc-url $RPC_URL --broadcast

MIT License - see LICENSE file for details.

Audited by Spearbit and Coinbase Protocol Security.