// the find
juspay/hyperswitch
Open source, composable payments platform | PCI compliant | SaaS and Self-host options | Enables connectivity to multiple payment, payout, fraud, vault and tokenization providers | Uplifts authorization with intelligent routing and revenue recovery | Reduce payment processing costs with cost observability | Reduces payment ops with reconciliation
Hyperswitch is a Rust-based payments orchestration layer that sits in front of your payment processors — Stripe, Adyen, Braintree, and 120+ others — handling routing, retries, vaulting, and reconciliation behind a single API. It's for engineering teams large enough to care about PSP fees and authorization rate optimization, but tired of paying Spreedly or building their own switch. Backed by Juspay, which processes payments for large Indian enterprises, so this isn't a hobby project.
Written in Rust throughout the core — the performance and memory safety story is real, not marketing. The intelligent routing engine with success-rate feedback loops is genuinely useful: routing around a PSP having a bad day is the kind of thing that takes months to build in-house. The modular architecture lets you adopt just the vault or just the routing layer without running the full stack, which lowers the barrier to actually trying it. The ecosystem is well-organized — separate repos for the card vault, encryption service, control center, and client SDKs, each with clear dependency boundaries rather than one monorepo blob.
The control center is written in ReScript, which is a hiring and maintenance problem — most teams don't have anyone who can write it, and the talent pool for contributors is tiny. v1 and v2 APIs coexist with significant overlap, and the migration path isn't clean; you'll need to track which endpoints you're on. Self-hosting the full stack means running at minimum the app server, card vault, encryption service, and control center — Kubernetes is the recommended path, and the operational surface area is large for a team without dedicated infrastructure. PCI compliance is claimed but not handed to you: you still need to scope your own environment correctly, and the documentation on what the self-hosted deployment actually certifies is thin.