Zero-fee, zero-tracking, open-source crypto swap frontend powered by NEAR Intents.
Live: zero.uswap.net
A single Go binary (~2000 lines, zero dependencies) that lets you swap 140+ tokens across 29 blockchains. No account needed. No JavaScript analytics. No cookies. No server-side logging of user data.
uSwap Zero passes the NEAR Intents exchange rate through at cost — no markup, no hidden fees. Every swap is verifiable against the public NEAR Intents API.
Most "zero-fee" swap services are resellers. They use the NEAR Intents API, add 1-5% to the rate, and pocket the difference. The user never sees the pre-markup price.
uSwap Zero is different:
- Zero markup — the API call passes amounts through untouched
- Open source — read every line of code that handles your swap
- Verifiable deployment — the running binary's commit hash, build log, and image digest are public at
/verify - No tracking — no analytics, no cookies, no IP logging, no session storage
See the full analysis at /case-study.
Language: Go 1.23 (stdlib only)
HTTP: net/http
Templating: html/template (auto-escapes HTML)
Encryption: crypto/aes + crypto/cipher (AES-256-GCM)
Static: embed directive (CSS + icons in binary)
Container: FROM scratch (empty image + binary + TLS certs)
Dependencies: 0
git clone https://github.com/uSwapExchange/zero.git
cd zero
# Generate a random encryption key and start the server
ORDER_SECRET=$(openssl rand -hex 32) go run .Open http://localhost:3000.
# Binary
go build -o zero .
# Docker
docker build -t zero .
docker run -p 3000:3000 zeroBuild with deployment metadata:
go build -ldflags "-s -w \
-X main.commitHash=$(git rev-parse HEAD) \
-X main.buildTime=$(date -u +%Y-%m-%dT%H:%M:%SZ) \
-X main.buildLogURL=https://github.com/uSwapExchange/zero/actions/runs/12345" \
-o zero .| Variable | Required | Default | Description |
|---|---|---|---|
ORDER_SECRET |
Production | Random on startup | 64-char hex key for AES-256-GCM encryption of order tokens |
NEAR_INTENTS_JWT |
No | Empty | JWT from NEAR Intents partners portal (enables 0% protocol fee) |
NEAR_INTENTS_API_URL |
No | https://1click.chaindefuser.com |
NEAR Intents API base URL |
PORT |
No | 3000 |
HTTP listen port |
zero/
├── main.go # Server, routes, templates, rate limiter
├── handlers.go # HTTP handlers for all pages
├── nearintents.go # NEAR Intents 1Click API client
├── tokencache.go # In-memory token cache (5min TTL)
├── crypto.go # AES-256-GCM encrypt/decrypt + CSRF tokens
├── qr.go # QR code SVG generator (hand-rolled, no deps)
├── amount.go # BigInt amount math (human <-> atomic)
├── templates/ # Go html/template files
├── static/style.css # Single stylesheet
├── static/icons/ # 30 bundled SVG crypto icons
└── Dockerfile # Multi-stage: golang:1.23-alpine -> FROM scratch
| Method | Path | Description |
|---|---|---|
| GET | / |
Swap form with currency selector modal |
| POST | /quote |
Quote preview with fee breakdown |
| POST | /swap |
Confirm swap, create order, redirect to /order/{token} |
| GET | /order/{token} |
Order status with deposit address + QR code |
| GET | /order/{token}/raw |
Raw JSON status from NEAR Intents API |
| GET | /currencies |
Full searchable token list (140+ tokens, 29 networks) |
| GET | /how-it-works |
How the swap process works |
| GET | /case-study |
Analysis of swap service reseller markup practices |
| GET | /verify |
Deployment metadata, build verification instructions |
| GET | /source |
Redirect to GitHub repository |
| GET | /static/* |
Embedded CSS and SVG icons |
| GET | /icons/gen/{ticker} |
Server-generated fallback icon SVG |
What the server stores: Nothing. There is no database, no session store, no log files beyond stdout.
What the server logs to stdout: Token cache refresh counts. That's it. No IP addresses, no swap amounts, no wallet addresses.
How orders work: When you confirm a swap, the server encrypts the order details (deposit address, amounts, correlation ID) into an AES-256-GCM token. This token is part of the URL (/order/{token}). The server decrypts it on each page load to fetch status from NEAR Intents. If the server restarts with a different ORDER_SECRET, old order links stop working — the data existed only in the URL.
What the templates load: Nothing external. No Google Fonts, no CDN resources, no analytics scripts. The only JavaScript is an 8-line inline clipboard helper with a <noscript> fallback.
Every deployment's commit hash, image digest, and build log are published at /verify. To verify independently:
# Clone and build the same commit
git clone https://github.com/uSwapExchange/zero.git
cd zero
git checkout <commit-from-verify-page>
go build -o zero .
# Or build with Docker (same as production)
docker build -t zero .Check nearintents.go for zero fee markup. Check handlers.go for zero logging. Check go.mod for zero dependencies.