Skip to content

Zero-fee, zero-tracking, open-source crypto swap frontend. Single Go binary, zero dependencies, FROM scratch container. Powered by NEAR Intents.

License

Notifications You must be signed in to change notification settings

uSwapExchange/zero

Repository files navigation

uSwap Zero

Zero-fee, zero-tracking, open-source crypto swap frontend powered by NEAR Intents.

Live: zero.uswap.net

What is this?

A single Go binary (~2000 lines, zero dependencies) that lets you swap 140+ tokens across 29 blockchains. No account needed. No JavaScript analytics. No cookies. No server-side logging of user data.

uSwap Zero passes the NEAR Intents exchange rate through at cost — no markup, no hidden fees. Every swap is verifiable against the public NEAR Intents API.

Why?

Most "zero-fee" swap services are resellers. They use the NEAR Intents API, add 1-5% to the rate, and pocket the difference. The user never sees the pre-markup price.

uSwap Zero is different:

  • Zero markup — the API call passes amounts through untouched
  • Open source — read every line of code that handles your swap
  • Verifiable deployment — the running binary's commit hash, build log, and image digest are public at /verify
  • No tracking — no analytics, no cookies, no IP logging, no session storage

See the full analysis at /case-study.

Tech Stack

Language:     Go 1.23 (stdlib only)
HTTP:         net/http
Templating:   html/template (auto-escapes HTML)
Encryption:   crypto/aes + crypto/cipher (AES-256-GCM)
Static:       embed directive (CSS + icons in binary)
Container:    FROM scratch (empty image + binary + TLS certs)
Dependencies: 0

Run Locally

git clone https://github.com/uSwapExchange/zero.git
cd zero

# Generate a random encryption key and start the server
ORDER_SECRET=$(openssl rand -hex 32) go run .

Open http://localhost:3000.

Build

# Binary
go build -o zero .

# Docker
docker build -t zero .
docker run -p 3000:3000 zero

Build with deployment metadata:

go build -ldflags "-s -w \
  -X main.commitHash=$(git rev-parse HEAD) \
  -X main.buildTime=$(date -u +%Y-%m-%dT%H:%M:%SZ) \
  -X main.buildLogURL=https://github.com/uSwapExchange/zero/actions/runs/12345" \
  -o zero .

Environment Variables

Variable Required Default Description
ORDER_SECRET Production Random on startup 64-char hex key for AES-256-GCM encryption of order tokens
NEAR_INTENTS_JWT No Empty JWT from NEAR Intents partners portal (enables 0% protocol fee)
NEAR_INTENTS_API_URL No https://1click.chaindefuser.com NEAR Intents API base URL
PORT No 3000 HTTP listen port

Project Structure

zero/
├── main.go           # Server, routes, templates, rate limiter
├── handlers.go       # HTTP handlers for all pages
├── nearintents.go    # NEAR Intents 1Click API client
├── tokencache.go     # In-memory token cache (5min TTL)
├── crypto.go         # AES-256-GCM encrypt/decrypt + CSRF tokens
├── qr.go             # QR code SVG generator (hand-rolled, no deps)
├── amount.go         # BigInt amount math (human <-> atomic)
├── templates/        # Go html/template files
├── static/style.css  # Single stylesheet
├── static/icons/     # 30 bundled SVG crypto icons
└── Dockerfile        # Multi-stage: golang:1.23-alpine -> FROM scratch

Routes

Method Path Description
GET / Swap form with currency selector modal
POST /quote Quote preview with fee breakdown
POST /swap Confirm swap, create order, redirect to /order/{token}
GET /order/{token} Order status with deposit address + QR code
GET /order/{token}/raw Raw JSON status from NEAR Intents API
GET /currencies Full searchable token list (140+ tokens, 29 networks)
GET /how-it-works How the swap process works
GET /case-study Analysis of swap service reseller markup practices
GET /verify Deployment metadata, build verification instructions
GET /source Redirect to GitHub repository
GET /static/* Embedded CSS and SVG icons
GET /icons/gen/{ticker} Server-generated fallback icon SVG

Privacy Model

What the server stores: Nothing. There is no database, no session store, no log files beyond stdout.

What the server logs to stdout: Token cache refresh counts. That's it. No IP addresses, no swap amounts, no wallet addresses.

How orders work: When you confirm a swap, the server encrypts the order details (deposit address, amounts, correlation ID) into an AES-256-GCM token. This token is part of the URL (/order/{token}). The server decrypts it on each page load to fetch status from NEAR Intents. If the server restarts with a different ORDER_SECRET, old order links stop working — the data existed only in the URL.

What the templates load: Nothing external. No Google Fonts, no CDN resources, no analytics scripts. The only JavaScript is an 8-line inline clipboard helper with a <noscript> fallback.

Verify

Every deployment's commit hash, image digest, and build log are published at /verify. To verify independently:

# Clone and build the same commit
git clone https://github.com/uSwapExchange/zero.git
cd zero
git checkout <commit-from-verify-page>
go build -o zero .

# Or build with Docker (same as production)
docker build -t zero .

Check nearintents.go for zero fee markup. Check handlers.go for zero logging. Check go.mod for zero dependencies.

License

MIT

About

Zero-fee, zero-tracking, open-source crypto swap frontend. Single Go binary, zero dependencies, FROM scratch container. Powered by NEAR Intents.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors 2

  •  
  •