Skip to content
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


A mobile app for testing payment systems against double-spend attacks.

Double-spending is no longer a theoretical possibility but a practical reality. Most of the end-user applications used widely today leave their users vulnerable to being defrauded via double-spend attacks. PayNoWay is a tool that you can use to test the applications that you, or your business, depend on to accept on-chain cryptocurrency payments. If you would like to learn more about how double-spending works: Double-Spending Made Easy.


  • This project is intended to be used for testing purposes.
  • Please do not use this app to double-spend against merchants without their explicit consent.
  • A successful double-spend is not guaranteed - use at your own risk.


  • nodejs - For Linux and Mac install node via nvm.
  • make
  • For Android development:
    • Java Development Kit (JDK) version 8 or higher. Use your system's native package manager to install the JDK (if available).
    • Android SDK - On Ubuntu 18.04 or later, it is possible to install Android Studio from Ubuntu Software Sources.
    • gradle
    • adb - Not required, but is recommended.

Getting Started

Before continuing, be sure you already have the project's requirements.

Download the project files via git:

git clone

Install the project's dependencies:

cd pay-no-way
npm install

Build the application files:

npm run build


Before installing and running the app on Android, you must prepare the Android platform with cordova:

npm run prepare:android

This downloads the cordova plugins which are necessary to build the app for Android devices.

Running on Android (VM)

Run the following command to check to see if there are any available Android virtual devices:

adb devices

Install and run the app on the virtual device with the following command:

npm run android-vm

Running on Android (Device)

To install and run the app on an Android device, you must first:

Once developer mode and USB debugging are enabled, connect the device to your computer via USB. Run the following command to check to see if your computer is authorized:

adb devices

Install and run the app on the device: with the following command

npm run android

Create Signed APK

Create your signing key:

npm run android-generate-signing-key

Build a production APK:

npm run build:prod && npm run build:apk

If successful, it should have created a new .apk file at the following path:


To install the newly created APK onto an Android device:

adb install ./platforms/android/app/build/outputs/apk/release/app-release.apk
  • You may need to run adb devices before the above command.
  • And if the app is already installed on the device, you will need to use the -r flag to reinstall it.


This project is licensed under the GNU Affero General Public License v3 (AGPL-3.0).

The AGPL license differs from the other GNU licenses in that it was built for network software. You can distribute modified versions if you keep track of the changes and the date you made them. As per usual with GNU licenses, you must license derivatives under AGPL. It provides the same restrictions and freedoms as the GPLv3 but with an additional clause which makes it so that source code must be distributed along with web publication. Since web sites and services are never distributed in the traditional sense, the AGPL is the GPL of the web.


A mobile app for testing payment systems against double-spend attacks.




No packages published