Non-Custodial Lightning Payment Software
SatsRail is a software platform that generates Lightning Network payment invoices on behalf of merchants using the merchant's own non-custodial wallet, and listens to the public Lightning Network to confirm whether payment has arrived. SatsRail does not move, hold, control, route, or transmit Bitcoin at any point.
SatsRail does not operate Lightning nodes, does not hold private keys, does not take custody of funds, and does not participate in the payment routing process. SatsRail is a read-only observer of a public monetary network with the ability to generate payment requests on behalf of merchants.
Based on a detailed review of FinCEN Guidance FIN-2019-G001 (May 9, 2019), SatsRail's software-only, non-custodial, observer model does not constitute money transmission under federal BSA regulations and therefore does not require registration as a Money Services Business (MSB) or a federal money transmitter license.
SatsRail performs exactly two functions:
That is the entirety of SatsRail's involvement in the payment process. Everything else — the movement of Bitcoin, the routing of payments, the settlement of funds — happens entirely on the Lightning Network between the customer's wallet and the merchant's wallet, without any SatsRail participation.
| Step | Action | SatsRail's Role |
|---|---|---|
| 1 | Customer initiates purchase at merchant's point of sale | None |
| 2 | SatsRail calls the Alby Hub API to generate a Lightning invoice from the merchant's own wallet | Invoice generation (software API call) |
| 3 | Customer pays the Lightning invoice from their own wallet | None — payment routes through Lightning Network independently |
| 4 | Bitcoin settles directly into the merchant's non-custodial wallet | None — SatsRail never touches funds |
| 5 | SatsRail observes the public network and confirms payment arrived | Read-only listener (observation only) |
| 6 | Merchant dashboard is updated to reflect completed payment | UI update (software display) |
As shown above, SatsRail's involvement is limited to two software operations: generating an invoice (Step 2) and observing the network (Step 5). At no point does Bitcoin pass through SatsRail-controlled infrastructure.
SatsRail is built compliance-first. Every control described below was designed and implemented before the first live merchant transaction. SatsRail knows who its merchants are, caps every transaction at a defined limit, and can respond to law enforcement requests immediately. These are not retrofitted policies — they are structural features of the platform.
SatsRail enforces a maximum order value of $200 USD equivalent in satoshis, applied at the API layer across all merchants and subscription tiers. This limit cannot be overridden by a merchant.
The $200 ceiling reflects SatsRail's actual product design — the platform is built for content paywalls, point-of-sale payments, and API micropayments, where $200 is a natural upper bound. It also places every SatsRail transaction well below the $3,000 Bank Secrecy Act record-keeping threshold (31 CFR § 1010.410(e)) and far below the $10,000 Currency Transaction Report threshold (31 U.S.C. § 5313).
No merchant can process live payments without first passing a compliance review. Every new merchant enters a pending review state after accepting SatsRail's required legal agreements. A SatsRail compliance administrator must explicitly approve the account before it is activated. Approval and rejection decisions are logged with a timestamp, reviewer identity, and written notes, creating a verifiable, auditable record for every merchant.
There are no automatic approvals at any subscription tier. All paid plan merchants are subject to full Know Your Customer (KYC) verification before approval, which requires:
The Free plan is exempt from document verification and is subject to a $500/month volume cap. KYC documentation is reviewed as part of the compliance decision for all paid plan merchants. This means SatsRail has explicit, documented knowledge of who operates on the platform at any paid tier, and every onboarding decision is a deliberate, recorded act of due diligence.
SatsRail can lock any merchant account immediately upon a valid law enforcement request. When an account is locked, all API keys are revoked, invoice generation is disabled, and key delivery is suspended. This takes effect immediately and does not require advance notice to the merchant.
Because SatsRail is non-custodial, there are no funds to seize — Bitcoin settles directly into the merchant's own wallet and SatsRail never touches it. What SatsRail can do is terminate a merchant's access to the platform at once and produce records on request, including:
SatsRail does not possess content URLs, decryption keys, or buyer identity — these are architectural facts, not policy choices — and cannot produce data it does not hold. For compliance inquiries, contact compliance@satsrail.com.
The following analysis is based on FinCEN Guidance FIN-2019-G001, "Application of FinCEN's Regulations to Certain Business Models Involving Convertible Virtual Currencies," issued May 9, 2019.
Under 31 CFR § 1010.100(ff)(5)(i)(A), money transmission services are defined as the acceptance of currency, funds, or other value that substitutes for currency from one person and the transmission of currency, funds, or other value that substitutes for currency to another location or person by any means.
Money transmission requires two elements: (1) acceptance of value and (2) transmission of value. SatsRail performs neither. SatsRail does not accept Bitcoin from any person, and it does not transmit Bitcoin to any person or location. The actual movement of value occurs entirely between the customer's wallet and the merchant's wallet on the Lightning Network, without any SatsRail involvement.
Reference: 31 CFR § 1010.100(ff)(5)(ii)(A); FIN-2019-G001, Section 4.5.1(b)
FinCEN regulations explicitly exempt from the definition of money transmitter those persons providing the delivery, communication, or network access services used by a money transmitter to support money transmission services. The guidance further states that suppliers of tools (communications, hardware, or software) that may be utilized in money transmission are engaged in trade and not money transmission.
SatsRail is a supplier of software tools. It provides two specific software functions: (1) an API call that generates a Lightning invoice from the merchant's own wallet, and (2) a network listener that observes whether a payment has arrived. These are communication and network access services — precisely the category FinCEN exempts. SatsRail does not accept or transmit value; it creates a payment request and observes the result.
Reference: FIN-2019-G001, Sections 4.2.1 and 4.2.2
The FinCEN guidance identifies four criteria for determining whether a CVC wallet intermediary is a money transmitter. SatsRail's position is even stronger than a typical non-custodial provider because SatsRail is not a wallet provider at all — it is a software observer that interfaces with the merchant's existing wallet.
| FinCEN Criteria | Money Transmitter (Hosted Wallet) | SatsRail |
|---|---|---|
| (a) Who owns the value? | Host holds on behalf of owner | Merchant owns all value — SatsRail never holds any |
| (b) Where is value stored? | In wallet or host's accounts | In merchant's own non-custodial wallet — SatsRail has no storage |
| (c) Does owner interact directly with payment system? | No — owner interacts through host | Yes — merchant's wallet interacts directly with Lightning Network |
| (d) Does intermediary have total independent control? | Yes — host controls value | No — SatsRail has zero control; it only observes |
Reference: FIN-2019-G001, Section 4.6
Section 4.6 classifies CVC payment processors as money transmitters — entities that collect CVC from the customer and then transmit currency or funds to the merchant. SatsRail does neither.
| Characteristic | CVC Payment Processor (Section 4.6) | SatsRail |
|---|---|---|
| Collects CVC from customer? | Yes | No — never touches Bitcoin |
| Transmits value to merchant? | Yes | No — merchant receives directly |
| Performs exchange/conversion? | Often (CVC to fiat) | Never |
| Has custody of funds? | Yes, temporarily | Never, at any point |
| Operates nodes? | Typically yes | No — does not run nodes |
| Revenue model | Per-transaction fees | SaaS subscription |
| Role in payment | Active intermediary | Passive observer |
| Classification | Money Transmitter | Software Provider |
Based on the analysis of FinCEN Guidance FIN-2019-G001, SatsRail does not meet the definition of money transmission under federal BSA regulations. The conclusion rests on three pillars:
SatsRail's software-only, non-custodial, observer architecture does not constitute money transmission under FinCEN Guidance FIN-2019-G001. SatsRail is not required to register as a Money Services Business (MSB) or obtain a federal money transmitter license.
Independent legal counsel has reviewed SatsRail's architecture, fund flow, and revenue model and has issued a formal written opinion confirming that SatsRail does not meet the definition of a money transmitter under federal law and does not require a DFAL license in California.
California's Digital Financial Assets Law (AB 39, effective July 1, 2025, with licensing enforcement beginning July 1, 2026) establishes a state licensing regime for digital financial asset businesses. SatsRail is a California LLC and has completed a legal review of whether DFAL licensing applies to its operations.
Legal review completed: Independent legal counsel has reviewed SatsRail's architecture and concluded that SatsRail does not require a DFAL license. DFAL targets entities that exchange, transfer, or hold digital financial assets on behalf of others. SatsRail performs none of these activities.
SatsRail communicates with merchants' wallets exclusively through the LNURL-pay protocol, an open public standard defined by three specifications: LUD-16 (Lightning Address resolution), LUD-06 (invoice generation), and LUD-21 (payment verification). The entire integration consists of standard HTTP requests against public protocol endpoints. The LNURL-pay protocol itself has no mechanism for initiating withdrawals, transferring funds, viewing balances, redirecting payments, or accessing private keys. It is architecturally impossible to exercise fund control through this protocol — SatsRail's non-custodial posture is enforced at the protocol level, not merely by policy or API permissions.
The same non-custodial, software-only analysis that supports the federal FinCEN exemption (Section 4 above) applies under DFAL. SatsRail does not exchange, transfer, or hold digital financial assets on behalf of any person at any point in the payment flow.
State money transmitter licensing requirements vary. SatsRail's non-custodial architecture is designed to fall outside the scope of state money transmission statutes. State-by-state analysis is in progress and will be documented as completed. For questions, contact compliance@satsrail.com.
Primary Source: FinCEN Guidance FIN-2019-G001, "Application of FinCEN's Regulations to Certain Business Models Involving Convertible Virtual Currencies," May 9, 2019.
Key Regulatory Citations: 31 CFR § 1010.100(ff)(5)(i)(A) (definition of money transmission); 31 CFR § 1010.100(ff)(5)(ii)(A) (software/tool provider exemption); FIN-2013-G001 (2013 VC Guidance); California AB 39 (Digital Financial Assets Law).
Protocol Reference: LNURL-pay protocol — LUD-06 (pay request), LUD-16 (Lightning Address), LUD-21 (payment verification). Open specifications maintained at github.com/lnurl/luds.
Independent Legal Review: Formal written money transmitter opinion issued April 2026 by independent legal counsel, confirming SatsRail does not constitute a money transmitter under federal law and does not require a DFAL license in California. Opinion on file.