With payments the complexity is not only in accepting a payment, but largely in doing so legally. Someone makes a request to my company's paid service, I return 402 and get a stable coin back. Who do I invoice for this revenue? What value added tax do I apply to the invoice? If someone makes 10k paid requests within one month, do I have means of generating one invoice for them for all the usage, or is every request treated separately and results in 10k invoices?
Will CloudFlare handle this for me?
Who do you invoice if, for example, you own a vending machine that sells chips and sodas for cash or contactless? Why couldn’t this be treated the same?
[−]tony_cannistra · 2026-07-01 Wed 18:23 UTC ·
link
Vending machines can't be used by thousands of people from differing tax jurisdictions at once
[−]BadBadJellyBean · 2026-07-01 Wed 18:44 UTC ·
link
Airports could potentially be such a place but I admit that this is a bit contrived.
Airports are such a place. That is why they have duty-free stores that are exempt from taxes so long as you take the goods out of the country. The onus is on the consumer to pay taxes at their destination.
Most countries then have a "personal exemption", where consumers are exempt from paying taxes on a certain value of goods.
Normal vending machine transactions are B2C transactions, so the buyer cannot be a company - cannot pay with company money and cannot deduce the payment as the company cost. I guess, the buyer can take a receipt from a vending machine and ask the vending machine owner to provide a B2B invoice based on the receipt, to make this a proper B2B payment.
Can you treat your remote service access as B2C only? Perhaps yes, but then the companies will not be able to use your service, pay from a company bank account and account this as a company cost, only individuals will be able to legally pay.
Vending machine is also located in a known physical country, so the owner knows what VAT to apply, the VAT of the country the machine is in. With software services the VAT should be applied based on the country where the buyer is located.
Right i wondered the same. I guess Cloudflare would have to act as a Merchant of Record, like e.g. Paddle and Gumroad do. Then the end user/bot would do business with Cloudflare, and Cloudflare with us.
[−]socketcluster · 2026-07-01 Wed 22:15 UTC ·
link
That seems to make the case stronger. It becomes Cloudflare's problem. You can deal with Cloudflare from one country and let them figure out how to collect payment from people all over.
That said, morally, I strongly resent the fact that accepting payment has essentially become illegal for most people due to this complexity and the way globalization has been forced on people. People are essentially not allowed to receive payment to feed themselves. That's what it has come down to. Not everyone can afford an accountant and take that risk.
x402 not required just segregated addresses acting as individual market participants paying for your service
if you ever want your state’s currency (which is a big IF in the crypto world), then you use your segregated address to pump the price of a token that your clean and KYC’d addresses hold, sell into liquidity for a more liquid crypto, sell that crypto on an exchange. you look like a good or lucky trader like anyone else. cash out, pay taxes if your country taxes capital. access to the rest of the system
although the online merchant service is accepting payment from addresses linked to dirty money along side some others, and it may seem redundant to bother instead of just pumping assets with the dirty money address, it’s just possible deniability. Far more plausible than predominantly dirty addresses pumping a token you just happen to hold. Even if the dirty money had all swapped to monero and out to fund virgin addresses it still needs a genealogy before benefitting you in the KYC’d world. So insert the crypto merchant service in between regardless.
"pump the price of a token" seems like the complex part that you're hand-waving. Either this token has a bunch of other traders (in which case, it's not trivial to simply "pump" its fair-market price by your own effort), or your alt wallets are themselves most of the liquidity (in which case, you're really just transacting with yourself, which is trivial to trace)
yes, there are always a bunch of traders on every launch so this is easy and has been streamlined for years with pump.fun + bundlers, and similar services on other networks
bots hop in everything, and the bundler is the creator who has lots of alts, market can bear this
in this case the bundler would be all processed tainted money, or the tainted money is another trader later
and your clean KYC'd money would be one of the traders that showed up
you bought at launch, and it pumped. hurray. reiterating that you have to sell into liquidity - we're talking about liquidity pools onchain here, no exchange companies - and then moving the proceeds to an exchange.
with the groups of addresses being unlinked this whole time, the only other thing to consider is connecting to an RPC server under different IP addresses, or connecting to your own node onprem. it doesn't matter if you assume, you have to prove for it to matter, and assuming incriminates everyone that actually picked the right token and had nothing to do with anything. there are plenty of people making 10,000%+ gains in random crypto tokens, amongst those taking losses, you're just another one.
I definitely wouldn't want to implicitly join an economic nexus by virtue of such a payment solicitation. The last thing I want is being subject to EU DSA and limitless other nonsensical legislation.
Most countries then have a "personal exemption", where consumers are exempt from paying taxes on a certain value of goods.
I’m not against taxes to be very clear. Tax something else.
Can you treat your remote service access as B2C only? Perhaps yes, but then the companies will not be able to use your service, pay from a company bank account and account this as a company cost, only individuals will be able to legally pay.
Vending machine is also located in a known physical country, so the owner knows what VAT to apply, the VAT of the country the machine is in. With software services the VAT should be applied based on the country where the buyer is located.
No KYC needed, no counterparty or reciprocal VAT rules, no jurisdiction tax rules, etc. Non-cash revenue has rules attached to it.
I agree with GP - this doesn't actually solve any problems I have when recording revenue.
Right i wondered the same. I guess Cloudflare would have to act as a Merchant of Record, like e.g. Paddle and Gumroad do. Then the end user/bot would do business with Cloudflare, and Cloudflare with us.
That said, morally, I strongly resent the fact that accepting payment has essentially become illegal for most people due to this complexity and the way globalization has been forced on people. People are essentially not allowed to receive payment to feed themselves. That's what it has come down to. Not everyone can afford an accountant and take that risk.
You can have this problem even if you target a single state in the US.
You’re 10 years late
x402 not required just segregated addresses acting as individual market participants paying for your service
if you ever want your state’s currency (which is a big IF in the crypto world), then you use your segregated address to pump the price of a token that your clean and KYC’d addresses hold, sell into liquidity for a more liquid crypto, sell that crypto on an exchange. you look like a good or lucky trader like anyone else. cash out, pay taxes if your country taxes capital. access to the rest of the system
although the online merchant service is accepting payment from addresses linked to dirty money along side some others, and it may seem redundant to bother instead of just pumping assets with the dirty money address, it’s just possible deniability. Far more plausible than predominantly dirty addresses pumping a token you just happen to hold. Even if the dirty money had all swapped to monero and out to fund virgin addresses it still needs a genealogy before benefitting you in the KYC’d world. So insert the crypto merchant service in between regardless.
bots hop in everything, and the bundler is the creator who has lots of alts, market can bear this
in this case the bundler would be all processed tainted money, or the tainted money is another trader later
and your clean KYC'd money would be one of the traders that showed up
you bought at launch, and it pumped. hurray. reiterating that you have to sell into liquidity - we're talking about liquidity pools onchain here, no exchange companies - and then moving the proceeds to an exchange.
with the groups of addresses being unlinked this whole time, the only other thing to consider is connecting to an RPC server under different IP addresses, or connecting to your own node onprem. it doesn't matter if you assume, you have to prove for it to matter, and assuming incriminates everyone that actually picked the right token and had nothing to do with anything. there are plenty of people making 10,000%+ gains in random crypto tokens, amongst those taking losses, you're just another one.