Table of Contents
The $400B Problem with Payment Processors
Every SaaS company on Earth pays a tax to exist. Stripe takes 2.9% + $0.30 per transaction. PayPal takes more. Banks take their cut. Payment processors collectively extract over $400 billion per year in fees from businesses globally.
But the cost isn't just financial. When Stripe freezes your account — and they do, routinely — your entire revenue stream stops. No appeal. No warning. Your business is at the mercy of a single company's risk algorithm.
💡 The core question
What if subscription billing didn't need Stripe, databases, or even servers? What if the entire system — plans, subscriptions, payments, audit trails — lived on a blockchain that no one controls?
That's exactly what we built. BillChain is a production-grade subscription billing system running entirely on Solana. No databases. No payment processors. No trust assumptions. And it costs $0.001 per transaction regardless of the payment amount.
Why Move Billing On-Chain?
The traditional SaaS billing stack is surprisingly complex. A typical implementation requires:
- API server to handle customer requests
- PostgreSQL for subscriptions, invoices, and plan data
- Redis for session caching and rate limiting
- Stripe SDK for payment processing
- Webhook handler for asynchronous payment events
- PCI compliance audit ($5K–$50K/year)
- Monitoring, backups, and disaster recovery
All of this — every single component — can be replaced by a single Solana program. Here's how:
| Web2 Component | On-Chain Replacement |
|---|---|
| PostgreSQL tables | Program Derived Addresses (PDAs) |
| Stripe payment API | SOL transfer in same transaction |
| Webhook handlers | On-chain events (emit!) |
| Session/auth system | Wallet signature (ed25519) |
| Cron jobs for expiry | Permissionless tick() instruction |
| Audit log database | Immutable PaymentRecord PDAs |
| PCI compliance audit | Not applicable — no card data |
Designing a Subscription Engine on Solana
The hardest part of building on Solana isn't writing Rust — it's designing the account model. Unlike a database where you can add columns and run migrations, Solana accounts are fixed-size, rent-bearing, and must be carefully structured for efficient access.
BillChain uses a 4-level PDA hierarchy that maps naturally to the subscription billing domain:
Why This Layout Wins
O(1) lookups everywhere. Given a plan and a subscriber's wallet address, you can derive the exact subscription PDA deterministically — no database queries, no indexing, no iteration. This is the equivalent of a perfectly indexed database that never needs maintenance.
Append-only payment history. Each PaymentRecord is a write-once PDA seeded by [subscription, payment_id]. Once created, it cannot be modified or deleted. This gives you a tamper-proof audit trail that would cost thousands of dollars to replicate with traditional compliance infrastructure.
Natural capacity management. The plan_id uses u64 LE bytes as seeds, giving natural ordering and support for up to 18 quintillion plans. Subscriber counts are tracked atomically in the plan account.
How BillChain Works: Step by Step
1. Service Provider Creates a Registry
A single transaction creates your ServiceRegistry PDA. This holds your treasury (where subscription payments accumulate), a plan counter, and a configurable grace period for expired subscriptions.
2. Create Billing Plans
Each plan is a PDA with a name, price in lamports, billing period in seconds, and optional subscriber cap. Plans can be paused and unpaused by the authority without affecting existing subscribers.
3. Users Subscribe
The subscribe() instruction does three things in a single atomic transaction:
- Transfers the subscription price from the subscriber to the registry treasury
- Creates the Subscription PDA with status
Active - Creates an immutable PaymentRecord PDA as a receipt
⚡ Atomic = No Race Conditions
In Stripe, a payment can succeed but the webhook can fail, leaving your database out of sync. On Solana, either everything succeeds or nothing does. The payment and the subscription record are created in the same transaction. There is no inconsistent state.
4. Renewals and Cancellations
Early renewal extends the subscription from the current period end — no double-charging. Cancellation marks the subscription as cancelled but preserves access until the paid period ends, exactly like Stripe's cancel-at-period-end behavior.
5. Permissionless State Advancement
The tick() instruction can be called by anyone — not just the subscriber or authority. This advances expired subscriptions through the state machine: Active → GracePeriod → Expired. In a production deployment, a simple cron bot can call tick() on all subscriptions periodically, costing fractions of a cent.
Stripe vs BillChain: The Numbers
| Dimension | Stripe (Web2) | BillChain (On-Chain) |
|---|---|---|
| Cost per transaction | 2.9% + $0.30 | ~$0.001 flat |
| 1M transactions/month | ~$29,000+ | ~$1.00 |
| Infrastructure cost | $50–200/mo (DB + server) | $0 (runs on Solana) |
| PCI compliance | $5K–50K/year | Not applicable |
| Time to freeze account | Instant, no appeal | Impossible |
| Audit trail | Stripe dashboard (their data) | On-chain, forever, public |
| Composability | REST API + webhooks | Direct CPI (atomic) |
| Settlement time | 2–7 business days | ~400ms |
| Setup time | Days (KYC, bank verification) | 1 transaction |
📊 The Scale Advantage
Stripe's pricing is a percentage of revenue — it grows linearly with your business. BillChain's cost is a fixed fee per transaction (~$0.001) regardless of the payment amount. A $10 subscription costs the same to process as a $10,000 enterprise plan.
At 1 million subscriptions per month, you save $28,999 every month by moving billing on-chain.
CPI Composability: The Killer Feature
Here's what makes on-chain billing fundamentally different from Stripe: any other Solana program can check subscription status atomically.
BillChain ships with a cpi.rs module that other programs can import directly:
use subscription_billing::cpi::require_active_subscription;
// Gate a premium feature behind an active subscription
#[access_control(require_active_subscription(&ctx.accounts.subscription))]
pub fn premium_feature(ctx: Context<PremiumFeature>) -> Result<()> {
// Only reachable if subscription is active
msg!("Premium feature unlocked!");
Ok(())
}This enables entirely new patterns that are impossible with Stripe:
- On-chain paywalls — DeFi protocols that require active subscriptions for premium features
- DAO membership gates — governance access tied to subscription status, verified atomically
- Token-gated content — NFT marketplaces where premium listings require a subscription
- Cross-program billing — any program on Solana can become a BillChain customer in one CPI call
With Stripe, you'd need REST API calls, webhook handlers, database lookups, and retry logic. With BillChain, it's a single require_active_subscription() call in the same transaction. Zero latency. Zero middleware. Zero failure modes.
Honest Tradeoffs & Constraints
We believe in honest engineering. On-chain billing isn't perfect for every use case. Here's what you should know:
⚠️ Crypto-native payments only
BillChain processes payments in SOL (extensible to SPL tokens). If your customers pay with credit cards, you still need a fiat on-ramp. This system is best suited for crypto-native products — DAOs, DeFi protocols, Web3 SaaS, and on-chain services where users already have wallets.
⚠️ No built-in refunds
Cancellation preserves access until the period ends, but there's no automatic pro-rata refund. This is a design choice — refund logic can be added as a separate instruction, but the default behavior mirrors most SaaS products (cancel = keep access until period end, no refund).
⚠️ Latency
Solana confirmation takes ~400ms vs ~200ms for a Stripe API call. In practice, this is imperceptible to users — both feel instant. But if you're building latency-sensitive payment flows, it's worth noting.
✅ What you gain
Trustless execution, censorship resistance, 29,000x cheaper at scale, atomic composability, immutable audit trails, zero infrastructure maintenance, and instant global availability with no KYC setup.
Who Should Use This?
🎯 Ideal Use Cases
Crypto-native SaaS — Analytics dashboards, trading tools, API access for on-chain data. Users already have wallets.
DAO membership & governance — Subscription-based voting power or feature access, enforced atomically on-chain.
DeFi premium features — Advanced order types, priority execution, premium liquidity pools gated by subscription status.
Content platforms — Decentralized Patreon/Substack where creators can't be deplatformed.
API monetization — Sell access to on-chain services (oracles, indexers, compute) with subscription billing.
The Future of On-Chain Payments
We're at the beginning of a fundamental shift. Just as Stripe replaced the complexity of bank integrations with a simple API, on-chain billing replaces the complexity of payment processors with a single program.
The advantages compound over time. As more programs integrate BillChain via CPI, a composable billing network emerges — where any application can become a subscriber or a provider, payments flow atomically, and the entire history is permanently auditable.
The question isn't whether billing moves on-chain. The question is how fast.
Try BillChain on Devnet
Connect your Phantom wallet and subscribe to a plan in under 30 seconds. Live on Solana Devnet — no real funds needed.