Hacker News

Favorites Setup
Comment by mixedbit | original | Monetization Gateway: Charge for any resource behind Cloudflare via x402
[−]mixedbit · 2026-07-01 Wed 18:00 UTC · link
With payments the complexity is not only in accepting a payment, but largely in doing so legally. Someone makes a request to my company's paid service, I return 402 and get a stable coin back. Who do I invoice for this revenue? What value added tax do I apply to the invoice? If someone makes 10k paid requests within one month, do I have means of generating one invoice for them for all the usage, or is every request treated separately and results in 10k invoices? Will CloudFlare handle this for me?
[−]aianus · 2026-07-01 Wed 18:21 UTC · link
Who do you invoice if, for example, you own a vending machine that sells chips and sodas for cash or contactless? Why couldn’t this be treated the same?
[−]tony_cannistra · 2026-07-01 Wed 18:23 UTC · link
Vending machines can't be used by thousands of people from differing tax jurisdictions at once
[−]BadBadJellyBean · 2026-07-01 Wed 18:44 UTC · link
Airports could potentially be such a place but I admit that this is a bit contrived.
[−]sofixa · 2026-07-01 Wed 18:51 UTC · link
Not really because the transaction occurs in a specific place with specific tax rules, regardless of where the purchaser is from.
[−]jjmarr · 2026-07-01 Wed 19:17 UTC · link
Airports are such a place. That is why they have duty-free stores that are exempt from taxes so long as you take the goods out of the country. The onus is on the consumer to pay taxes at their destination.

Most countries then have a "personal exemption", where consumers are exempt from paying taxes on a certain value of goods.

[−]meowkit · 2026-07-01 Wed 21:27 UTC · link
It’s not contrived and starts to touch at the root of the issue: taxes on transactions.

I’m not against taxes to be very clear. Tax something else.

[−]mixedbit · 2026-07-01 Wed 18:46 UTC · link
Normal vending machine transactions are B2C transactions, so the buyer cannot be a company - cannot pay with company money and cannot deduce the payment as the company cost. I guess, the buyer can take a receipt from a vending machine and ask the vending machine owner to provide a B2B invoice based on the receipt, to make this a proper B2B payment.

Can you treat your remote service access as B2C only? Perhaps yes, but then the companies will not be able to use your service, pay from a company bank account and account this as a company cost, only individuals will be able to legally pay.

Vending machine is also located in a known physical country, so the owner knows what VAT to apply, the VAT of the country the machine is in. With software services the VAT should be applied based on the country where the buyer is located.

[−]alexsmirnov · 2026-07-01 Wed 21:37 UTC · link
If I pay for vending machine by corporate card on a business trip, it looks more like B2B
[−]samrus · 2026-07-02 Thu 04:28 UTC · link
It is
[−]lelanthran · 2026-07-01 Wed 19:18 UTC · link
Retailers selling for cash typically don't have the same accounting requirements for revenue from cash sales.

No KYC needed, no counterparty or reciprocal VAT rules, no jurisdiction tax rules, etc. Non-cash revenue has rules attached to it.

I agree with GP - this doesn't actually solve any problems I have when recording revenue.

[−]suprfnk · 2026-07-01 Wed 18:24 UTC · link
Seems like a good avenue for money laundering if you can't tell where it comes from.
[−]lagrange77 · 2026-07-01 Wed 19:26 UTC · link
> Will CloudFlare handle this for me?

Right i wondered the same. I guess Cloudflare would have to act as a Merchant of Record, like e.g. Paddle and Gumroad do. Then the end user/bot would do business with Cloudflare, and Cloudflare with us.

[−]socketcluster · 2026-07-01 Wed 22:15 UTC · link
That seems to make the case stronger. It becomes Cloudflare's problem. You can deal with Cloudflare from one country and let them figure out how to collect payment from people all over.

That said, morally, I strongly resent the fact that accepting payment has essentially become illegal for most people due to this complexity and the way globalization has been forced on people. People are essentially not allowed to receive payment to feed themselves. That's what it has come down to. Not everyone can afford an accountant and take that risk.

[−]charcircuit · 2026-07-02 Thu 00:52 UTC · link
>globalization

You can have this problem even if you target a single state in the US.

[−]kelvinjps10 · 2026-07-01 Wed 22:17 UTC · link
Feels like a good way to do money laundering lol
[−]yieldcrv · 2026-07-02 Thu 03:27 UTC · link
It is

You’re 10 years late

x402 not required just segregated addresses acting as individual market participants paying for your service

if you ever want your state’s currency (which is a big IF in the crypto world), then you use your segregated address to pump the price of a token that your clean and KYC’d addresses hold, sell into liquidity for a more liquid crypto, sell that crypto on an exchange. you look like a good or lucky trader like anyone else. cash out, pay taxes if your country taxes capital. access to the rest of the system

although the online merchant service is accepting payment from addresses linked to dirty money along side some others, and it may seem redundant to bother instead of just pumping assets with the dirty money address, it’s just possible deniability. Far more plausible than predominantly dirty addresses pumping a token you just happen to hold. Even if the dirty money had all swapped to monero and out to fund virgin addresses it still needs a genealogy before benefitting you in the KYC’d world. So insert the crypto merchant service in between regardless.

[−]wavemode · 2026-07-02 Thu 05:34 UTC · link
"pump the price of a token" seems like the complex part that you're hand-waving. Either this token has a bunch of other traders (in which case, it's not trivial to simply "pump" its fair-market price by your own effort), or your alt wallets are themselves most of the liquidity (in which case, you're really just transacting with yourself, which is trivial to trace)
[−]yieldcrv · 2026-07-02 Thu 08:14 UTC · link
yes, there are always a bunch of traders on every launch so this is easy and has been streamlined for years with pump.fun + bundlers, and similar services on other networks

bots hop in everything, and the bundler is the creator who has lots of alts, market can bear this

in this case the bundler would be all processed tainted money, or the tainted money is another trader later

and your clean KYC'd money would be one of the traders that showed up

you bought at launch, and it pumped. hurray. reiterating that you have to sell into liquidity - we're talking about liquidity pools onchain here, no exchange companies - and then moving the proceeds to an exchange.

with the groups of addresses being unlinked this whole time, the only other thing to consider is connecting to an RPC server under different IP addresses, or connecting to your own node onprem. it doesn't matter if you assume, you have to prove for it to matter, and assuming incriminates everyone that actually picked the right token and had nothing to do with anything. there are plenty of people making 10,000%+ gains in random crypto tokens, amongst those taking losses, you're just another one.

[−]mdig · 2026-07-02 Thu 02:09 UTC · link
I definitely wouldn't want to implicitly join an economic nexus by virtue of such a payment solicitation. The last thing I want is being subject to EU DSA and limitless other nonsensical legislation.
[−]someonebaggy · 2026-07-02 Thu 07:48 UTC · link
The US doesn't extradite to Europe for DSA violation