Appearance
Competitive Landscape
A detailed analysis of every project that has attempted subscription or recurring billing on Solana, adjacent payment tools, and why VelaPay's architecture is fundamentally different.
Colosseum Cluster Topology
Colosseum Copilot's ML-derived project clustering surfaces a structural reading of the competitive field that supersedes anecdotal "team X tried Y" framing.
| Cluster | Label | Total Projects | Billing Winners |
|---|---|---|---|
v1-c16 | Stablecoin Payment Rails and Infrastructure | 202 | 0 |
v1-c26 | Simplified Solana Payment Solutions | 223 | 0 |
v1-c11 | Solana-Based Decentralized E-commerce (Arcium-adjacent) | 184 | 0 |
v1-c13 | Solana Privacy and Identity Management (Arcium-adjacent) | 260 | 0 |
Arcium + Token-2022 intersection across the full 5,400+ Colosseum corpus: only two projects combine both — incognito-protocol (confidential marketplace) and zenlok (token vesting). Neither touches recurring billing. VelaPay is the only project in the corpus applying the primitive combination to the largest addressable use-case: recurring value transfer.
Conclusion: the billing category is not contested — it is structurally unclaimed. The allowance-wrapper pattern has an architectural ceiling that three hackathon cycles have failed to escape. VelaPay is the first project to step outside that ceiling.
Direct Competitors: Subscription Billing on Solana
These are projects that explicitly attempted subscription, recurring billing, or mandate-based payments on Solana. Data sourced from Colosseum hackathon submissions (5,400+ projects across Renaissance, Radar, Breakout, and Cypherpunk) and GitHub code review.
| Project | Hackathon | Approach | TransferHook? | Arcium? | Result | Why Different |
|---|---|---|---|---|---|---|
| Aeon Protocol | Radar (Sep 2024) | Vault escrow: users deposit into Aeon-controlled vault PDA, program debits on schedule | ❌ | ❌ | No prize, 0 updates | Users must lock funds upfront (bad UX, low capital efficiency). Uses SPL Token, not Token-2022. Anyone-can-trigger charge (not mandate-scoped). No privacy, no SDK, no dashboard. |
| Tributary | Radar (Sep 2024) | Subscription billing with Anchor program | ❌ | ❌ | No prize, 0 updates | Minimal on-chain component. No enforcement mechanism beyond program instruction. |
| Debyth | Radar (Sep 2024) | Subscription payments | ❌ | ❌ | No prize, 0 updates | Incomplete submission. No working demo. |
| BlockSub | Breakout (Apr 2025) | Subscription management | ❌ | ❌ | No prize, 0 updates | "Subscription management" framing — positioned as SaaS dashboard, not protocol. Incomplete. |
| Pistis Pay | Cypherpunk (Sep 2025) | "Stablecoin billing for SaaS" | ❌ | ❌ | No prize | Fork of Next.js SaaS Starter template with Stripe integration. No Solana program at all. "Stablecoin billing" is a landing page concept, not a shipped product. |
| DMANDATE | Cypherpunk (Sep 2025) | Mandate-based recurring SPL payments with backend processor | ❌ | ❌ | No prize, 0 updates | Uses mandate terminology but enforcement is branding, not architecture. Backend processor monitors and executes payments — same allowance-wrapper pattern. If backend misbehaves, blockchain doesn't stop it. No Token-2022, no transfer hooks. |
| MISK.FI | Cypherpunk (Sep 2025) | Stablecoin infrastructure with mandate subscriptions, hosted checkout, escrow | ❌ | ❌ | No prize, 0 updates | Scope is ambitious (checkout + subscriptions + netting + escrow + receipts) with no demo link and 0 updates. Tech stack listed as "solana" only — no Anchor, no Token-2022. Concept submission, not a shipped product. |
| DePlan | Renaissance (Mar 2024) | Pay-as-you-go protocol replacing subscriptions with usage-based payments | ❌ | ❌ | 5th Consumer Apps ($5k) | Closest to a real product — mobile app (Flutter), web SDK, statistics dashboard. But no spending caps, no privacy, no transfer hooks. Basic SPL transfers. Won in a different category (consumer apps, not billing infra). |
| LinkWave | Cypherpunk (Sep 2025) | Subscription management | ❌ | ❌ | No prize, 0 updates | Subscription management SaaS framing. Incomplete. |
| Sola | Cypherpunk (Sep 2025) | Subscription billing | ❌ | ❌ | No prize, 0 updates | Incomplete. No working demo. |
What they all have in common
All five shipping projects (Aeon, DMANDATE, Bundl, Subly, DePlan) share the same fundamental architecture:
User delegates token allowance → Relayer or merchant pulls on schedule →
Application logic is supposed to enforce the agreementThe critical gap: if the relayer misbehaves, the blockchain doesn't stop it. The enforcement is in application code, not in the protocol. A compromised relayer, a buggy backend, or a malicious merchant can pull more than authorized, and the subscriber's recourse is a dispute — not prevention.
This is the allowance-wrapper pattern. Every subscription billing attempt on Solana has been an allowance wrapper. None achieve protocol-level enforcement.
The Closest Technical Competitor: Subly
Subly — "Subscribe Now, Pay Never" | Cypherpunk (Sep 2025) | 1 person | 4 updates
Subly is worth analyzing in detail because it's the only project that combines Arcium with a subscription concept:
- What they built: A yield-funded consumer app. Users stake USDC into Subly's vault, yield accrues via Perena, and Subly pays Netflix/Spotify/Disney+ through PayPal on the user's behalf.
- Arcium usage: They encrypt subscription metadata (which service, price). But the core privacy feature — the budget check — is hardcoded to
true:rust// TEMPORARY FIX: Always return true until we resolve the budget comparison issue let within_budget = true; - Payment execution: Goes through PayPal off-chain. The on-chain part is just staking and bookkeeping.
- Token standard: SPL Token, no Token-2022, no transfer hooks.
- 0 GitHub stars, last push Dec 2025.
Subly shares surface-level keywords with VelaPay (privacy, Arcium, subscriptions) but solves a fundamentally different problem for different users. Subly protects the consumer's payment history. VelaPay protects the merchant's competitive intelligence.
Adjacent Players
These are projects in the broader payment space that touch billing tangentially but don't solve recurring payments.
MCPay — 1st Place Stablecoins, Cypherpunk ($25k + Accelerator C4)
- What it is: Open-source infrastructure that adds on-chain payments to any MCP server using x402 "Payment Required" protocol. MCP clients (ChatGPT, Cursor) make pay-per-call requests.
- How it relates to VelaPay: MCPay = pay-per-call (one-shot). VelaPay = recurring/metered/budgeted (ongoing relationship). MCPay enforces via HTTP 402 header negotiation (application layer). VelaPay enforces via transfer hooks (protocol layer). Complementary, not competitive — MCPay handles one-time API payments, VelaPay handles ongoing billing relationships.
- Gap: No spending caps, no budget enforcement, no recurring billing. An agent with a wallet just pays whatever is asked.
Latinum — 1st Place AI, Breakout ($20k)
- What it is: Payment middleware with MCP-compatible wallet. Agents autonomously manage budgets and pay for MCP services. Nuxt-based facilitator server + Python MCP server.
- How it relates to VelaPay: Latinum manages budgets in application code (Nuxt server). If the server is compromised, budget limits are meaningless. VelaPay manages budgets in a transfer hook — the validator enforces the cap.
- Gap: Budget enforcement is middleware, not cryptographic. No recurring billing, no mandate system.
Decal — 2nd Place Stablecoins, Breakout ($20k + Accelerator C3)
- What it is: POS + loyalty system using Token Extensions for retail merchants. Targets traditional businesses for crypto POS adoption.
- How it relates to VelaPay: Decal uses Token Extensions for loyalty (Non-Transferable tokens for rewards). VelaPay uses Token Extensions for billing (Transfer Hooks for mandate enforcement, Transfer Fee for revenue, Metadata Pointer for plan terms). Same toolkit, completely different application.
- Gap: No subscription billing, no recurring payments, no privacy layer.
Sphere
- What it is: Custom payment UIs on Solana. Merchant-facing checkout experiences.
- Gap: No subscription billing, no recurring payment management, no privacy, no transfer hooks. Payment processing only.
Helio
- What it is: Payment links and checkout on Solana. Create a pay link, customer pays, merchant receives.
- Gap: No subscription analytics, no recurring billing, no mandate enforcement, no privacy. One-time payment links only.
Superfluid
- What it is: Streaming payments on EVM chains. Real-time per-second token flows between addresses.
- Gap: EVM-only (no Solana presence). Streaming only — no recurring pulls, no mandates, no spending caps, no privacy. Different billing model entirely.
Key Insight
"All five use the same architecture: user delegates a token allowance → relayer or merchant pulls on schedule → application logic is supposed to enforce the agreement. The critical gap: if the relayer misbehaves, the blockchain doesn't stop it."
This isn't a bug in their implementations. It's a structural limitation of the allowance-based approach. Without a transfer hook, the blockchain has no way to intercept and validate a token transfer against billing rules. The transfer just happens, and the application layer is supposed to enforce the terms. But application-layer enforcement is bypassable by definition — it requires trusting the operator.
VelaPay's Fundamental Distinction
Mandate enforcement runs inside the Token-2022 program on every transfer
Standard approach (all competitors):
Subscriber approves allowance → Merchant pulls tokens → Transfer executes
→ Application checks rules after (or not at all)
VelaPay approach:
Subscriber creates mandate PDA → Merchant triggers pull → Token-2022 calls
transfer hook → Hook validates against mandate PDA → Transfer approved or
rejected at the protocol levelThe difference is where enforcement happens:
| Layer | Competitors | VelaPay |
|---|---|---|
| Token program | No involvement in billing logic | Transfer hook fires on every transfer |
| Billing validation | Application code (bypassable) | On-chain PDA check (unbypassable) |
| Unauthorized pull | Succeeds, then disputed | Fails at the validator level |
| Trust model | Trust the relayer/merchant | Trust the protocol |
No relayer, no trusted intermediary, no dispute process
The transfer hook is the enforcement. There is no relayer that can be compromised, no backend that can be DDoSed, no middleware that can be bypassed. The Solana validator itself enforces the billing rules by calling Vela's program on every transfer of a Vela-billed token.
Only project combining TransferHook + Arcium MPC
In the entire Colosseum corpus of 5,400+ projects, zero use Token-2022 transfer hooks for billing enforcement. Zero combine Arcium with transfer hooks for any purpose. VelaPay is the only project at the intersection of these two technologies.
Competitive Field in Numbers
| Metric | Value |
|---|---|
| Colosseum corpus size | 5,428 projects |
| Projects with zero post-hackathon updates | 89.5% |
Stablecoin Payment Rails cluster (v1-c16) | 202 projects, 0 billing winners |
Simplified Solana Payments cluster (v1-c26) | 223 projects, 0 billing winners |
| Named recurring billing attempts across four hackathons | 10+ |
| Prizes won by billing projects | 0 |
| Accelerator spots for billing projects | 0 |
| Projects using TransferHook for billing | 0 (except VelaPay) |
| Projects combining Arcium + Token-2022 extensions | 2 (incognito-protocol, zenlok) — neither does billing |
| Projects combining Arcium + Token-2022 for billing | 0 (except VelaPay) |
| Payments-infrastructure projects with a privacy architecture | 0 (except VelaPay) |
| Subscription billing companies in Colosseum C1–C4 accelerators | 0 |
The category has never been won because no one shipped a genuine on-chain billing primitive. The attempts were allowance wrappers, vault escrow systems, and concept submissions. VelaPay is the first protocol that enforces billing rules at the token transfer level — and that architectural difference is what makes it a primitive rather than another application.