Quick question. If a friend asked you tomorrow “I want to accept ZEC on my website,” what would you tell them?
For donations, sure, paste an address, done. But what if they need to know which customer paid which invoice, automatically, with webhooks to update order status? That’s where it gets complicated fast. Nodes to sync, Docker to configure, viewing keys to export from a separate wallet…
I tried walking a non-technical friend through the existing options. He gave up after 20 minutes. Can’t blame him.
So I built something simpler. It’s called CipherPay.
What is it?
A Zcash payment processor. Like Stripe, but for ZEC. Non-custodial. Shielded-first. No node required.
Register, paste your UFVK, get a working checkout page with webhooks. Five minutes.
Under the hood, CipherPay connects to CipherScan for blockchain data and does trial decryption of Orchard outputs using the merchant’s viewing key. Each invoice gets its own diversified address, no address reuse, no memo guesswork. When a buyer pays, CipherPay picks it up in the mempool, fires a webhook, and confirms when mined. Standard payment flow, same pattern merchants already know from traditional processors.
The tradeoff (might as well be upfront)
CipherPay needs your viewing key. That means the server can see your incoming payments, which invoices got paid, how much, when.
But let’s be real: if you’re a merchant, you already need this data. Bookkeeping. Taxes. Customer support (“did my payment go through?”). Any merchant running a real business is tracking their sales anyway and goes through centralized providers and much less privacy. CipherPay just automates it for Zcash and is non-custodial.
What it does NOT see: your spending, your balance, your other wallets. It’s a viewing key, not a spending key. Your funds are yours, always.
What we don’t collect: no IPs logged, no analytics, no third-party tracking. UFVKs and secrets are encrypted at rest (AES-256-GCM). Old data is purged automatically. And if you don’t trust anyonw, you can self-host the whole stack. Same code, your server, zero trust.
On-chain, payments are fully shielded. Orchard only. Nobody watching the blockchain sees anything.
What’s working right now
Not a roadmap. Deployed. Processing payments.
- Merchant dashboard (products, invoices, POS cart mode, billing)
- Per-invoice diversified addresses (no address reuse, ever)
- Real-time mempool detection + block confirmation
- Webhooks with HMAC signing and replay protection
- ZIP-321 payment URIs — scan QR, wallet opens with amount + memo pre-filled
- Multi-currency (EUR/USD display, rate locked at invoice creation)
- WooCommerce plugin (install, paste credentials, done)
- Testnet sandbox at testnet.cipherpay.app
- Encryption at rest, rate limiting, CORS hardening, automatic data purge
Try it
The testnet sandbox is a full mirror of production. Register with a testnet UFVK, create invoices, send test payments with free testnet ZEC. When ready, switch to mainnet, same code, just update your API URL and UFVK.
I also built a store to prove the whole flow works end to end: 0x00.store. Limited drop tees, ZEC-only, powered by CipherPay. Pick something, pay with your wallet, order confirmed automatically.
Privacy note: for full anonymity when ordering physical goods, use a PO box or conference pickup.
I’m not going to pretend there’s a massive market for this today. The number of merchants who want to accept ZEC is small. Everyone building in this space knows that.
But I think the infrastructure should exist before demand does. When someone asks “how do I accept Zcash?”, the answer should be five minutes, not a weekend of DevOps.
If you try it and something breaks, tell me. If you have ideas, drop them below. I actually read everything and fix things.
Links:
- CipherPay: https://cipherpay.app
- Testnet sandbox: https://testnet.cipherpay.app
- Docs: CipherPay — Private Payments for the Internet
- 0x00.store (live demo): https://www.0x00.store
- CipherScan (the blockchain API behind it): https://cipherscan.app
Kenbak
P.S. If you’re at a Zcash conference and see someone in a [REDACTED] or [ZERO KNOWLEDGE] tee, that’s probably from the store. Say hi.