// the find
gpg/payproc
Stripe payment processor. NOTE: Maintainers are not tracking this mirror. Do not make pull requests here, nor comment any commits, submit them usual way to bug tracker (https://www.gnupg.org/documentation/bts.html) or to the mailing list (https://www.gnupg.org/documentation/mailing-lists.html).
A Unix daemon that sits between your web server and Stripe/PayPal, exposing payment operations over a local Unix socket. Designed to isolate payment credentials from the web process — your PHP/Python app talks to the socket, payprocd talks to Stripe. From the GnuPG project, so the security-first thinking is genuine.
Socket-based isolation is a real security win: web processes never touch the Stripe API key directly. UID-based access control on the socket is a sensible second layer. Encrypted credential storage via libgcrypt. Journal logging with UTC timestamps is good practice for payment audit trails.
2 stars, last touched March 2023, and the README explicitly says this is an unmaintained mirror — that's three independent reasons not to adopt it. Stripe's API surface has evolved considerably; whether the stripe.c implementation covers current webhook verification and newer API versions is unknown and unverifiable without digging. No package distribution — you're building from source with autotools. PayPal IPN support is there but PayPal deprecated IPN in 2020.