open source · AGPL-3.0 · self-hosted

stablerails

Self-hosted, non-custodial stablecoin payments. Software you run — rails you own.

0% fees · no KYC · agent-friendly · your keys never touch the server

get started · 30 seconds
$ npx stablerails init

Or hand it to your AI agent /agents.md →

Free and open-source (AGPL-3.0). You only ever pay network gas — and that goes to the blockchain, not to us.

01 / FLOW

How it works

01

Run the watch-only server

It serves your checkout and verifies payments on-chain. It holds no keys — there is nothing on it worth stealing.

02

Every invoice gets its own deposit address

Fresh HD-derived addresses per invoice. When a payment lands at a solid block, your webhook fires.

03

Funds sweep to YOUR wallet — signed locally

The sweep is signed on your machine, behind a passphrase you type at your own terminal. The server only ever sees the finished, signed transaction.

PAYER sends USDT PER-INVOICE ADDRESS fresh HD address HUMAN PASSPHRASE YOUR WALLET sweep signed locally WATCH-ONLY SERVER observes the chain · holds no keys

Keys never leave your machine.

02 / THREAT MODEL

Security model

Your server cannot steal your funds. Neither can your AI agent.

Watch-only server
The server holds zero private keys. It can see payments arrive; it cannot spend a single token.
Signing is local, human, deliberate
Sweeps are signed only via the local CLI, behind a human passphrase — optional Touch ID. No passphrase, no movement.
Destination pinned locally
The sweep destination is pinned on your machine. A fully compromised server cannot redirect a sweep to an attacker.
Two RPCs must agree
A payment counts only when two independent RPC providers confirm it at a solid block. Never 0-conf.
AI agents get readonly keys
Agents can run your store — create invoices, read events, watch sweeps. They physically cannot move your money.
100% open source
Every line is public, including the signer. Don't trust our claims — audit them.
03 / AGENTIC WEB

Built for the agentic web

MCP server out of the box. Machine-readable /llms.txt. JSON output everywhere. An AI agent can install, configure and operate the whole stack — except the one thing it must never do: touch your passphrase.

Path A · you type

get started · 30 seconds
$ npx stablerails init

Path B · your agent reads

/agents.md →

Hand this file to any capable agent. It contains everything needed to install, configure and run an instance — and a clear boundary around what it may never ask of you.

04 / SHIPPED

What's in the box

F-01

Per-invoice HD addresses

A fresh deposit address for every invoice, derived from your xpub. No address reuse.

F-02

Hosted checkout + payment links

A ready checkout page with QR, countdown and live status. Share a link, get paid.

F-03

HMAC-signed webhooks

Signed delivery with retries. Verify the signature, trust the event.

F-04

Multi-merchant tenancy

One instance, many stores. Scoped API keys per merchant.

F-05

Operator dashboard

Invoices, payments, sweeps and CSV export behind an operator login.

F-06

Kill-switch

Pause invoicing, watching or webhooks at runtime — per area, no restart.

F-07

Prometheus metrics

First-class /metrics endpoint for your own monitoring. Your data stays yours.

F-08

Docker deploy

Server, worker and Postgres in one compose file. Up in minutes on a $5 box.

Tron (USDT) today — Polygon · Ethereum · USDC next
05 / PLAIN TRUTH

No KYC.
Not anonymous.

USDT on Tron is a transparent ledger, and the token itself is centrally managed — the issuer can freeze addresses. We collect no payer emails and log no payer IPs, but on-chain privacy is limited by the asset itself. We'd rather tell you that here than in the fine print.