From an unsigned intent to settled funds in two seconds.
The path a payment takes on Tab, from the moment a buyer hits Pay to the moment your webhook fires.
- 01
Wallet created on your device
Your browser generates a fresh keypair when you claim a handle. It is sealed with AES-256-GCM under your PIN and stored as an opaque blob. Tab never sees the unencrypted key.
- 02
Buyer signs an intent
The buyer's wallet signs an EIP-712 message describing one transfer: recipient, amount, fee, deadline, nonce. Nothing hits the chain yet. The signature is the authorization.
- 03
Relayer pays the gas
A Tab relayer submits the signed message to the on-chain router. It cannot change the amount, swap the recipient, or pocket a fee. The contract recomputes everything and rejects mismatches.
- 04
Router settles atomically
TabRouter pulls amount plus fee in one transferFrom, sends amount to the seller and fee to the treasury. A per-user nonce blocks replay. A reentrancy guard wraps every state change.
- 05
Indexer fires the webhook
An off-chain indexer watches PaymentRelayed events and matches them to your open orders. Your endpoint gets a signed POST within two seconds of settlement.
What Tab can and can't do
Can
- · See public handles and settlement events
- · Refuse to relay (users can submit themselves)
- · Rotate the treasury or pause the bot executor list
Can't
- · Freeze, claw back, or redirect a settled payment
- · Sign for a user (we never have the key)
- · Reset a PIN or recover a wallet on your behalf
Start taking payments today.
Five minutes from sign-up to a working checkout.