Appearance
Value Proposition
The core value VelaPay delivers, grounded in Nick Szabo's smart contract design, six differentiated pillars, competitive comparison, and the window of opportunity that makes this possible now.
What Vela Actually Is (The Szabo Argument)
Vela is the first implementation of Szabo's smart contract design objectives applied to recurring payments.
Nick Szabo's 1994 paper Smart Contracts (Nakamoto Institute archive) defines a smart contract as:
"A computerized transaction protocol that executes the terms of a contract. The general objectives of smart contract design are to satisfy common contractual conditions (such as payment terms, liens, confidentiality, and even enforcement), minimize exceptions both malicious and accidental, and minimize the need for trusted intermediaries."
Every recurring billing system that exists today — Stripe, bank mandates, ACH pull — violates this definition:
| Szabo Objective | Current Billing Systems | VelaPay |
|---|---|---|
| Execute terms of the contract | Terms enforced by intermediary (Stripe, bank) after the fact | Terms encoded in mandate PDA, executed by the chain on every transfer |
| Minimize malicious exceptions | Unauthorized pulls succeed, then disputed via chargeback | Unauthorized pulls fail at the validator level — they literally cannot happen |
| Minimize accidental exceptions | Reliant on backend uptime, manual processing, cron jobs | Transfer hooks are always-on — they run inside the token program |
| Minimize need for trusted intermediaries | Requires Stripe, bank, card network | No intermediary — the protocol is the enforcer |
The agreed billing terms are executed by the chain itself, not enforced by a trusted intermediary after the fact. This is a different security model, not an incremental improvement.
6 Core Value Pillars
Pillar 1: Protocol-Level Mandate Enforcement
What it is: The Token-2022 TransferHook extension fires on every transfer of a Vela-billed token. The hook validates the transfer against an on-chain mandate PDA. If the transfer violates the mandate terms (wrong amount, wrong timing, expired mandate, wrong merchant), it fails at the validator level.
Why it matters: This is the difference between a policy and a law. A policy says "you should only pull $9.99/month." A law says "you physically cannot pull more than $9.99/month." Transfer hooks make billing rules into laws enforced by the blockchain itself.
The proof point: The demo shows a $99.99 pull attempt on a $9.99 mandate being rejected by the validator. Not a rollback, not an error message — the transfer literally cannot happen. That moment is unique in the Colosseum corpus of 5,400+ projects.
Why competitors can't replicate this: EVM token standards (ERC-20, ERC-777, ERC-1155) don't support execution hooks at the token program level. TransferHook is Solana-native. Without it, every competitor is an allowance wrapper by necessity.
Pillar 2: The Missing Token-2022 Primitive
What it is: Token-2022 introduced TransferHook as a generic extension for intercepting token transfers. Orca uses it for liquidity pool tokens. But nobody has used it for billing enforcement — until VelaPay.
Why it matters: Token-2022 is a primitive. Primitives get composed. Orca, Raydium, and Drift all build on Token-2022. VelaPay's mandate program becomes the billing primitive that completes what Token-2022 started.
The composability:
| Token-2022 Extension | VelaPay Usage |
|---|---|
| Transfer Hook | Mandate validation on every transfer |
| Transfer Fee | Platform revenue (1% fee built into the token transfer) |
| Metadata Pointer | On-chain plan terms encoded in the mint itself |
| Non-Transferable | Subscription credentials proving active status without being tradable |
Three Token-2022 extensions combine in a single protocol. This composability is unique to Solana's Token-2022 program.
Pillar 3: Agent Budget Scoping
What it is: VelaPay's mandate system is the first protocol where an AI agent's spend ceiling is cryptographically enforced on-chain. You create a mandate: "Agent X can pull max Y USDC per period for service Z." Every pull is validated against the mandate PDA inside the transfer hook. A compromised agent cannot exceed its mandate — the validator rejects the transfer.
Why it matters: a16z (Sam Broner, Feb 2026) identifies agent commerce as the key 2026+ narrative. Today, giving an AI agent a budget means handing it API keys and a credit card number. There is no cryptographic cap on what it can spend. MCPay (1st Stablecoins, $25k) uses per-request payments with no spending caps. Latinum (1st AI, $20k) manages budgets in a Nuxt server — if the server is compromised, limits are meaningless.
The distinction:
- MCPay = pay-per-request (tourist rails, one transaction at a time)
- Latinum = wallet-side budget (application code, bypassable)
- VelaPay = protocol-side enforcement (transfer hook, unbypassable)
Pillar 4: Commercial Privacy (Arcium)
What it is: All billing logic runs on encrypted data via Arcium MPC. Mandate amounts, plan prices, subscriber balances, timestamps, pull counts — all validated as encrypted inputs. Only the boolean result (approved/denied) is revealed. Billing records are encrypted blobs that only the merchant can decrypt.
Why it matters: On-chain billing without privacy means your subscriber count, revenue, churn rate, and pricing tiers are public data. Every competitor, investor, and chain analyst can see your business metrics in real-time. This is why no serious B2B SaaS uses on-chain billing today. VelaPay encrypts all of that.
The two-phase architecture:
- Phase 1: Pre-validation — Arcium validates encrypted inputs. Only the boolean result is revealed. A
PullApprovalPDA is stored via callback. - Phase 2: Transfer hook check — The hook checks that a valid
PullApprovalPDA exists. If it does, the transfer proceeds. If it doesn't, the transfer fails.
The honest constraint: Privacy is Phase 1. The privacy moat cannot be claimed until Phase 1 ships with real merchant usage. Four Arcium projects won zero prizes at Cypherpunk. Frame privacy as long-term defensibility, not an immediate pitch differentiator.
Pillar 5: Primitive-Level Composability
What it is: VelaPay is designed as a primitive that other protocols build on top of, not around. The mandate program defines a standard interface for recurring value transfer. Any Solana program can integrate Vela mandates as a billing layer.
Why it matters: Products get commoditized. A better UX, lower fees, or a VC-backed competitor can displace a product. Primitives get composed. Token-2022 is composed by Orca, Raydium, and Drift. Squads is composed by DAO treasuries and protocol authorities. VelaPay aims to be composed by every protocol that needs billing.
The composability surface:
- Lending protocols can offer invoice factoring on subscription revenue
- Analytics tools can read mandate metadata for standardized billing data
- Wallets can display subscription management natively
- Agent frameworks can integrate mandate creation as a budget primitive
Pillar 6: Cryptographic Forcing Function
What it is: The specific scenarios where allowance+relayer genuinely fails define the early adopter. In these scenarios, mandate enforcement is necessary, not just preferable:
- Overrun agent budgets — An AI agent with unlimited token approval can drain a wallet. A mandate enforces the cap regardless of agent behavior.
- Competitor-visible billing data — An on-chain SaaS business leaking MRR to competitors via public billing transactions. Arcium encryption makes billing opaque to the chain.
- Expired mandate not enforced — A relayer continues pulling after the subscriber cancels. Transfer hooks check expiry on every transfer — the hook doesn't care what the relayer wants.
Why it matters: These forcing functions define the early adopter. Merchants who face these specific scenarios need VelaPay — it's not optional for them, it's a structural requirement. The GTM strategy targets these merchants first.
What Every Competitor Actually Built
Seven projects attempted recurring billing across four Colosseum hackathons. Here's what every single one of them built:
| Project | Architecture | Enforcement | Token Standard | Privacy | SDK | Dashboard |
|---|---|---|---|---|---|---|
| Aeon Protocol | Vault escrow | Program-level timestamp check | SPL Token | ❌ | ❌ | ❌ |
| Tributary | Token allowance | "One-time approval flow" | SPL Token | ❌ | ❌ | ❌ |
| Debyth | Token allowance | "Automated smart contract billing" | SPL Token | ❌ | ❌ | ❌ |
| BlockSub | Stripe-like API + relayer | Relayer network with vault | SPL Token | ❌ | ❌ | ❌ |
| Pistis Pay | Web2 compliance wrapper | Stripe integration (no Solana program) | N/A | ❌ | ❌ | ❌ |
| DMANDATE | Mandate management | Backend processor monitors and executes | SPL Token | ❌ | ❌ | ❌ |
| MISK.FI | Mandate-based subscriptions | Tech stack: "solana" only | SPL Token | ❌ | ❌ | ❌ |
Every competitor is an allowance wrapper. None use transfer hooks. None achieve protocol-level enforcement. None have privacy. None shipped an SDK, a dashboard, or developer documentation.
VelaPay by comparison:
| Component | VelaPay |
|---|---|
| Architecture | Transfer hook mandate enforcement |
| Enforcement | Protocol-level (validator rejects unauthorized pulls) |
| Token Standard | Token-2022 with TransferHook, Transfer Fee, Metadata Pointer, Non-Transferable |
| Privacy | Arcium MPC (encrypted billing logic) |
| SDK | Published @vela/sdk on npm |
| Dashboard | Full merchant dashboard with analytics |
| CLI | vela simulate, vela status, vela create-plan, vela subscribe |
| Docs | 60 MDX-page developer documentation site |
| Checkout | Hosted checkout + embeddable widget |
| Portal | Subscriber portal with cancel/switch |
| Admin | Protocol admin with monitoring and emergency controls |
No other subscription billing project has shipped more than 2 of these components. VelaPay has shipped all 9.
Why Token-2022 Only Became Possible in 2024
This architecture was not buildable two years ago. The key milestones:
Timeline
| Date | Milestone | Significance |
|---|---|---|
| 2023 | Token-2022 with TransferHook deployed to Solana mainnet | The primitive exists |
| May 2024 | Orca Whirlpool integrates Token-2022 TransferHook | The primitive is battle-tested by the largest Solana DEX |
| 2024 | Anchor 0.32 adds stable IDL building and Token-2022 extension constraints | The developer tooling catches up |
| Sep 2024 | Radar hackathon — Aeon Protocol attempts subscription billing without transfer hooks | The demand is proven, the approach is wrong |
| Apr 2025 | Breakout hackathon — DePlan, BlockSub attempt billing. Latinum wins AI track. | Demand continues. Agent payments emerge as a narrative. |
| Sep 2025 | Cypherpunk hackathon — DMANDATE, MISK.FI, Subly attempt billing. MCPay wins Stablecoins. | Seven failed attempts. Agent payments validated as winning category. |
| Feb 2026 | Arcium launches Mainnet Alpha | Encrypted compute on Solana is production-ready |
| Mar 2026 | VelaPay development begins | The window opens |
Why 2023 was too early
Building Vela in 2023 would have meant shipping against unstable infrastructure:
- Token-2022 was deployed but not yet integrated by major protocols
- Anchor support for Token-2022 extensions was incomplete
- No DEX had validated TransferHook in production
- Arcium did not exist yet
Why 2026 is the right time
All dependencies are production-ready:
- Orca has been running TransferHook for nearly two years
- Anchor 0.32 provides stable Token-2022 support
- Arcium MPC is live on mainnet
- Agent economy is the dominant narrative (market pull)
- $3.2T annualized stablecoin volume confirms payments scale (market size)
The Window of Opportunity
The window is defined by two boundaries:
- "Token-2022 is production-ready" — Orca integrated TransferHook in May 2024. The primitive is battle-tested.
- "Someone has used TransferHook for billing mandates" — As of April 2026, across 5,400+ Colosseum projects, zero have.
Between those two boundaries sits the open window. VelaPay is already shipping through it.
The window won't stay open forever
Transfer hooks are documented in the Solana program library, the Neodyme blog, and the sRFC forum. A well-funded competitor could copy the architecture in theory. What they cannot copy:
The three-layer moat:
| Layer | What It Is | Why It's Hard to Copy |
|---|---|---|
| Transfer hook enforcement | Mandate validation running inside Token-2022 on every transfer | Solana-native, EVM cannot replicate |
| Arcium MPC circuits | Custom encrypted billing logic (mandate amounts, plan prices, balances, timestamps, pull counts) | Deep cryptographic engineering; closest competitor (Subly) hardcoded true |
| Token-2022 composability | Transfer Fee + Metadata Pointer + Non-Transferable in one protocol | Creates structural switching cost — mandate PDAs encode customer relationships |
The moat compounds: transfer hooks provide enforcement, Arcium provides privacy, Token-2022 extensions provide revenue and subscription primitives. Replicating one layer is hard. Replicating all three requires rebuilding the entire protocol from scratch.
Structural lock-in:
Once a merchant's billing logic is tied to Vela mandate PDAs, their customer relationships live in those PDAs. Migrating to a new billing system means re-creating mandates with every subscriber — not just switching an API key. This is the same lock-in that makes Squads sticky: your program authorities are already there. Moving means rebuilding.
Summary: The Value in One Sentence
VelaPay is the first protocol where recurring billing terms are executed by the chain itself — not enforced by a trusted intermediary after the fact.
The six pillars that make this true:
- Protocol-level mandate enforcement — the chain rejects unauthorized pulls
- The missing Token-2022 primitive — TransferHook for billing, completing what Token-2022 started
- Agent budget scoping — first protocol where an agent's spend ceiling is enforced on-chain
- Commercial privacy — encrypted billing logic via Arcium, making on-chain billing commercially viable
- Primitive-level composability — other protocols build on top of Vela, not around it
- Cryptographic forcing function — the specific scenarios where mandate enforcement is necessary, not preferable
The subscription economy runs on $3.2T in annualized stablecoin volume. Zero of it runs through a protocol with chain-enforced mandate authorization. VelaPay fills that gap.
Sources: Nick Szabo "Smart Contracts" (Nakamoto Institute), Galaxy Research "The Future of Payments" (2025), Galaxy Research "Agentic Payments" (Jan 2026), a16z "Tourists in the Bazaar" (Sam Broner, Feb 2026), Orca Token Extensions documentation (2024), Anchor 0.32 release notes, Colosseum Copilot corpus (1,997 projects), internal competitive analysis (pitch/competition.md, 08-vela-value.md).