Privacy for your business and your clients
CypherpunkPay does not magically solve Bitcoin’s privacy limitations but attempts to not make things worse.
Self hosting is the only way to avoid inherent limitations of 3rd party payment processors. The 3rd party payment processors conveniently exclude many legal businesses; they also ask for your personal data at some threshold point. Finally, they are privy to all of your individual invoices and revenue. Hence, CypherpunkPay is installed on your own server.
Bitcoin xpub key never leaves your server. This is in contrast to the so called watch-only 3rd party payment processors that are privy to your invoices, revenue and (in Bitcoin’s case) spendings from the business wallet. The xpub key is used to derive unique payment address for each invoice.
All outgoing connections are made through Tor. User interface is fully compatible with the Tor Browser.
CypherpunkPay can be hosted as onion service by standard means. For merchant integration, onion callback URL-s are supported.
The user interface (HTML) does not fetch any external assets. There are few lightweight assets and all are served locally from within the CypherpunkPay build, sitting on your server.
For each charge (invoice) CypherpunkPay picks two random block explorers to cross-check the payment arrival against. New Tor circuit (and so IP address) is used for each charge. User agent and headers are consistent with the Tor Browser. From the block explorer perspective it is not evident if this is CypherpunkPay or anyone else asking. It is even less clear which specific business the transaction belongs to (unless the amount itself is globally unique to your business, but then even running the full node would not help as Bitcoin blockchain itself is plain text).