The good ol' folks at Stripe's collaborators Tempo Labs tried to make an RFC-style description page for MPP: https://paymentauth.org/ (full doc on IETF draft page: https://datatracker.ietf.org/doc/draft-ryan-httpauth-payment...)
I almost was going to point it out as evidence there was thought put into it. Nope, it's flimsy and AI generated.
Also, it contains provisions for scamming customers:
> 403 indicates the payment succeeded but access is denied by policy
No, it doesn't explain how to refund payments for customers you deny access to.
I recently redesigned my blog to look like a modern RFC and I'm loving the way they've decided to render tables in their plain text, definitely gonna steal that.
On topic though, Stripe is trying to make themselves the Visa/Mastercard of crypto. They're in position to do so and it seems like Coinbase is their other half. I don't trust or like it though.
The best Visa/Mastercard of crypto already exists and is called Flexa. (https://flexa.co/payments#pricing)
Oh wow, I never heard of this. I'm currently working on something similar with the same 1% rate, haha! WELP
Hey! [0]
Am the primary author of the core spec, alongside many others at Tempo and Stripe [0].
As is customary with the IETF draft process, this is our first submission and we expect that we will continue to iterate with the broader community -- including yourself if you are interested in contributing [1]
Thanks for feedback on those two points.
Re: Refunds: This is a payment method specific implementation detail. e.g. this looks very different on cards vs. bank accounts vs. stablecoins. We will provide stronger guidance here to remove ambiguity in the spec
Re: 403: This provision comes from the ability to have _multiple_ Authentication headers, which we view as a necessity for real-world utilization and also compatibility with the Authentication scheme. Similar to the above, we will provide stronger guidance for servers which may support a plurality of authentication schemes and need to handle this edge case.
[0] Had to create a new account since it turns out many years ago I never set an email on my HN profile...
[1] https://github.com/tempoxyz/mpp-specs
This one is even worse IMO
> Servers MAY return 402 when:
> * Offering optional paid features or premium content
This implies that a successful GET request to a resource that user already does have access to, might still return 402 instead of 200. This makes 402 basically unworkable.
An RFC is a request for comments, contributions.
Are you open to contributing to this RFC?
Will they get a slice of the earnings in return by Stripe?
that doesnt sound nearly as fun as getting upvotes, if im honest
Was it AI generated? If so, should I just delegate my AI to do so?