BTCpay server and leaking IP?

When using BTCpay server app on Umbrel is the IP address of the node exposed and thus the owner of the node exposed?

Umbrel runs over tor by default and if this is the case is the BTCpay server running over tor also being routed through tor or, can the node be identified and located physically in the real world?
This is for an eCommerce site and I’d prefer not to doxx myself to my entire customer base.


BtcPayServer is usually run over clearnet… So you can connect to it from your ecommerce website.

Maybe you can set up a tor connection from your website to your Umbrel? :joy:

BTCpay app from Umbrel by default works only behind Tor.
What does it means?

  1. Is not using any IP
  2. Is encrypted communication
  3. the payment process, when is linked to your webshop is not “leaking” any user data, it is just redirecting the user to your btcpay payment page, onion address, with a QR code to pay and done, goes back to the shop when is done.
  4. The BTCpay app, database is ONLY on your own server node, it is NOT custodial service by any means! That means nobody than you have control of all that payment data. Also BTCPay is only the payment processor, it is not the customer database manager. That stays on your webshop part.

Keep in mind:

  • BTCpay from Umbrel behind Tor - that means your customers ahve to use Tor browser in order to be able to open that payment page from btcpay. Otherwise will get an error, page do not exist.
  • Tor and clearnet are TWO SEPARATE NETWORKS that can communicate each others ONLY through exit points relays. That’s why we are using Tor browser, to be able to use those relays.
  • if you want your BTCpay to be visible also in clearnet (IP/domain) then you have to follow this guide or adapt this guide for btcpay
  • if you are fine with offering to your customers only payments through Tor onion address, that’s fine, just link your webshop (that I suppose is on clearnet) with your Tor BTCpay, using the specific plugin. But put a warning for the users that they would be redirected to an onion address and that can be open only with Tor browser. And all will work as is supposed to be, just fine.
1 Like

I followed this guide and it works for me.
Then I created an app/pos in BTCPayserver which I’m linking to.


Nice! Well done!

1 Like