/System Design: Payment Processor
🏗️

System Design: Payment Processor

Day 1 · Architecture · 60 min

Design: Backend for Gnosis Pay — card-to-chain payment processing

Component Architecture (reflecting actual Gnosis Pay stack): 

┌─────────────┐    ┌──────────────┐    ┌───────────────────┐
│  Visa/Card   │───▶│  API Gateway  │───▶│  Auth (SIWE/JWT)   │
│  Network     │    │  (rate limit) │    │  + KYC (Sumsub)    │
└─────────────┘    └──────────────┘    └───────────────────┘

                         ┌────────────────────┤
                         ▼                    ▼
                  ┌──────────────┐    ┌───────────────────┐
                  │ Balance Check │    │  Settlement       │
                  │ (on-chain    │    │  Worker            │
                  │  Safe query) │    └───────────────────┘
                  └──────────────┘           │
                         │                   ▼
                         ▼           ┌───────────────────┐
                  ┌──────────────┐   │  Gelato Relay     │
                  │  PostgreSQL   │   │  (gasless tx)     │
                  │  (ledger)     │   └───────────────────┘
                  └──────────────┘           │

                                  ┌───────────────────┐
                                  │  Gnosis Chain      │
                                  │  User Safe → Issuer│
                                  │  Safe (via Roles   │
                                  │  Module)           │
                                  └───────────────────┘


                                  ┌───────────────────┐
                                  │  Monerium          │
                                  │  EURe → EUR → Visa │
                                  │  (IBAN settlement) │
                                  └───────────────────┘

API Gateway: Rate limiting, webhook receiver for Visa authorization events. Must respond to Visa within ~2 seconds.

Auth Service (SIWE): Users authenticate via Sign-In With Ethereum. JWTs for API sessions. KYC via Sumsub. Card management API: issue virtual/physical cards, freeze/unfreeze, set limits.

Balance Check (On-Chain): On Visa auth, query the user's Safe balance on Gnosis Chain in real-time. Check: sufficient EURe, transaction queue is empty (Delay Module), daily limit not exceeded (Roles Module). Respond YES/NO to Visa.

Settlement Worker: After authorization, triggers EURe transfer from user's Safe to issuer's Safe via the Roles Module. Uses Gelato Relay for gasless execution. Handles: batching, retries, the 3-minute Delay Module window.

Gelato Relay: Gasless transaction submission. Pays gas on behalf of users. Gnosis Pay pre-funds a Gelato 1Balance account. No nonce management needed at application layer — Gelato handles it.

Monerium Off-Ramp: Issuer's Safe accumulates EURe. Monerium converts EURe → EUR via its e-money license. EUR sent to Visa's bank account via SEPA for daily settlement. Monerium IBAN enables instant, free EUR transfers.

Webhooks to Partners (B2B2C): Real-time event notifications for card transactions, status changes. HMAC-signed, with retry and dead letter queue. Partners subscribe via API.

Key Points

  • Decouple auth from settlement via message queue
  • Pessimistic locking per user for balance checks
  • Batch settlements for gas efficiency via Gelato Relay
  • Gelato Relay handles nonce management — no app-layer nonce tracking
  • Rate limiting at API gateway level, < 2s Visa response requirement

Navigate