API v1https://paymecheck.com/api/v1

API Reference

Integrate PayMeCheck payment links, webhooks, and on-chain settlements into your product.

Non-custodial on-chain settlement

HMAC-signed webhooks with retries

Multi-chain USDC & USDT support

Dedicated contract per merchant

Introduction

The PayMeCheck REST API lets you programmatically create payment links, query payment status, and receive real-time notifications via webhooks. All payments settle on-chain through dedicated smart contracts — Glabs Capital LLC provides the technology; funds are never held by PayMeCheck.

Each merchant account has a unique API key and dedicated proxy contracts on Ethereum, Polygon, Base, and Arbitrum. When a customer pays, the smart contract atomically splits USDC/USDT between the merchant wallet and the platform treasury.

Authentication

All API requests require a merchant API key sent as a Bearer token. Keys are issued when your merchant account is activated and can be found in the merchant dashboard (contact admin if you need a key rotated).

Header

Authorization: Bearer pmck_your_api_key

Only merchants with status active can use the API. Requests with invalid or missing keys return 401 Unauthorized.

Rate limits

API endpoints are rate-limited per IP address to protect the platform.

60 requests per minute per IP for write operations (POST).
When exceeded, the API returns 429 Too Many Requests. Implement exponential backoff in your integration.

Errors

Errors use conventional HTTP status codes and a JSON body with an error field.

Error response

{ "error": "Invalid input" }

Common error codes

HTTP	Meaning
400	Invalid input or business rule violation
401	Missing or invalid API key
404	Resource not found
429	Rate limit exceeded

Payment links

Payment links are shareable URLs that direct customers to the hosted checkout at /pay/{linkId}. Each link is bound to a unique paymentId (bytes32) used on-chain.

GET/api/v1/payment-links

List payment links

Returns all payment links for the authenticated merchant, sorted by creation date (newest first).

cURL

curl https://paymecheck.com/api/v1/payment-links \
  -H "Authorization: Bearer pmck_your_api_key"

POST/api/v1/payment-links

Create payment link

Creates a new active payment link. The merchant must have contracts deployed on all requested chains.

Request body

Field	Type	Required	Description
amount	string	Yes	Payment amount as a decimal string (e.g. "150.00"). Converted to token units (6 decimals) at checkout.
token	USDC \| USDT	Yes	Stablecoin symbol: USDC or USDT.
chains	string[]	Yes	Array of chains where this link can be paid: ethereum, polygon, base, arbitrum.
description	string	No	Optional human-readable description shown in dashboard.
metadata	object	No	Optional key-value object for your internal reference (e.g. order ID).

cURL

curl -X POST https://paymecheck.com/api/v1/payment-links \
  -H "Authorization: Bearer pmck_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": "150.00",
    "token": "USDC",
    "chains": ["polygon"],
    "description": "Invoice #1234",
    "metadata": { "orderId": "ord_9821" }
  }'

JavaScript

const response = await fetch("https://paymecheck.com/api/v1/payment-links", {
  method: "POST",
  headers: {
    Authorization: "Bearer pmck_your_api_key",
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    amount: "150.00",
    token: "USDC",
    chains: ["polygon", "base"],
    description: "Invoice #1234",
    metadata: { orderId: "ord_9821" },
  }),
})

const { data } = await response.json()
// Redirect customer to checkout
window.location.href = `https://paymecheck.com${data.url}`

Response

Field	Type	Required	Description
data.id	string	No	Unique payment link identifier (24-char hex).
data.url	string	No	Relative checkout URL path.
data.paymentId	string	No	Unique bytes32 payment ID used in the smart contract pay() call.
data.status	string	No	Current link status: active, paid, expired, or cancelled.

201 Response

{
  "data": {
    "id": "a1b2c3d4e5f678901234abcd",
    "url": "/pay/a1b2c3d4e5f678901234abcd",
    "paymentId": "0x8f3a...",
    "status": "active"
  }
}

GET/api/v1/payment-links/{linkId}

Get payment link

Retrieves a single payment link by its linkId. Only links belonging to the authenticated merchant are accessible.

Path parameters

Field	Type	Required	Description
linkId	string	Yes	Unique payment link identifier (24-char hex).

DELETE/api/v1/payment-links/{linkId}

Cancel payment link

Cancels an active payment link. Paid links cannot be cancelled.

200 Response

{ "data": { "id": "a1b2c3...", "status": "cancelled" } }

Payments

Payments are indexed from on-chain PaymentProcessed events. They appear after block confirmation via the platform indexer.

GET/api/v1/payments

List payments

Returns all indexed payments for the authenticated merchant, sorted by creation date (newest first).

Response

Field	Type	Required	Description
data[].paymentId	string	No	Unique bytes32 payment ID used in the smart contract pay() call.
data[].chain	string	No	Blockchain network where payment was confirmed.
data[].txHash	string	No	On-chain transaction hash.
data[].payerAddress	string	No	Wallet address that initiated the payment.
data[].amount	string	No	Payment amount as a decimal string (e.g. "150.00"). Converted to token units (6 decimals) at checkout.
data[].fee	string	No	Platform fee amount (token units, string).
data[].merchantAmount	string	No	Amount sent to merchant wallet (token units, string).
data[].status	string	No	in-progress \| completed \| failed

Webhooks

Configure your webhook URL and secret in the merchant dashboard. PayMeCheck sends HTTP POST requests with JSON payloads when events occur.

Enable webhooks in Dashboard → Webhook. Set your endpoint URL (HTTPS recommended) and a signing secret.
Every delivery includes Content-Type: application/json and X-PayMeCheck-Signature for verification.
Failed deliveries are retried up to 3 times with delays of 1 min, 5 min, and 30 min. Monitor delivery status in the Webhook Monitor.

Event types

payment.completed

Fired when an on-chain payment is indexed and confirmed.

payment.expired

Fired when an active link passes its expiresAt without payment.

payment.completed

{
  "event": "payment.completed",
  "timestamp": "2026-06-10T14:32:01.000Z",
  "data": {
    "paymentId": "0x8f3a2b1c...",
    "linkId": "a1b2c3d4e5f678901234abcd",
    "amount": "150000000",
    "token": "USDC",
    "chain": "polygon",
    "txHash": "0xabc123...",
    "payer": "0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb",
    "merchantAmount": "148500000",
    "fee": "1500000",
    "contractAddress": "0xMerchantContract..."
  }
}

payment.expired

{
  "event": "payment.expired",
  "timestamp": "2026-06-10T18:00:00.000Z",
  "data": {
    "linkId": "a1b2c3d4e5f678901234abcd",
    "paymentId": "0x8f3a2b1c...",
    "amount": "150.00",
    "token": "USDC"
  }
}

Verify signatures

Compute HMAC-SHA256 of the raw request body using your webhook secret. Compare with the X-PayMeCheck-Signature header (format: sha256={hex}).

Node.js

const crypto = require("crypto")

function verifyWebhook(secret, rawBody, signatureHeader) {
  const expected =
    "sha256=" +
    crypto.createHmac("sha256", secret).update(rawBody).digest("hex")
  return crypto.timingSafeEqual(
    Buffer.from(expected),
    Buffer.from(signatureHeader)
  )
}

Python

import hmac
import hashlib

def verify_webhook(secret: str, body: bytes, signature: str) -> bool:
    expected = "sha256=" + hmac.new(
        secret.encode(), body, hashlib.sha256
    ).hexdigest()
    return hmac.compare_digest(expected, signature)

Checkout flow

1
Create a payment link via API or dashboard.
2
Redirect the customer to https://paymecheck.com/pay/{linkId}.
3
Customer connects wallet, approves token spend, and calls pay() on the merchant contract.
4
Indexer detects PaymentProcessed event and marks the link as paid.
5
Webhook payment.completed is dispatched to your endpoint.

Gas fees are paid by the customer. PayMeCheck never custodies funds.

Smart contracts

Each merchant has an EIP-1167 proxy contract per chain. Key on-chain variables are publicly readable:

feeBps — platform fee in basis points (100–500, i.e. 1%–5%), locked at deploy
merchantWallet — address receiving the merchant share
platformTreasury — address receiving the platform fee
pay(bytes32 paymentId, address token, uint256 amount) — called by the payer to execute the split

PaymentProcessed event

event PaymentProcessed(
  bytes32 indexed paymentId,
  address indexed payer,
  address token,
  uint256 amount,
  uint256 fee
)

Statuses

Payment link statuses

activeAwaiting payment

paidPayment confirmed on-chain

expiredexpiresAt passed without payment

cancelledManually cancelled via API

Payment statuses

in-progressTransaction detected, awaiting finality

completedIndexed and confirmed

failedIndexing or validation failed

Networks & tokens

Supported chains and stablecoins. Token availability varies by chain.

Chain	Tokens
ethereum	USDC, USDT
polygon	USDC, USDT
base	USDC
arbitrum	USDC, USDT