← Start Swapping

DON'T TRUST US. VERIFY.

Every deployment is traceable from source code to running binary.

Deployment Metadata

Commit 1947244b14ee3bec88f07afa063705d5072ff32b

Build Time 2026-03-16T12:36:44-07:00

CI Build Log View Build Log →

Go Version go1.23.6

Binary Size 8.3 MB

Uptime 101h45m54s

Requests Served 58,016

Environment Configuration

Which env vars are configured on this deployment. Values are never shown.

ORDER_SECRET ✓ set

NEAR_INTENTS_JWT ✓ set

NEAR_INTENTS_EXPLORER_JWT ✓ set

NEAR_INTENTS_API_URL not set

PORT ✓ set

TG_BOT_TOKEN ✓ set

TG_APP_URL ✓ set

TG_WEBHOOK_SECRET ✓ set

TG_MONITOR_GROUP_ID ✓ set

TG_MAIN_CHAT_ID ✓ set

TG_SWAPMY_THREAD_ID ✓ set

TG_EAGLESWAP_THREAD_ID ✓ set

TG_LIZARDSWAP_THREAD_ID ✓ set

VERIFY IT YOURSELF

# Clone the source code
git clone https://github.com/uSwapExchange/zero.git
cd zero

# Verify the code matches this deployment
git checkout 1947244b14ee3bec88f07afa063705d5072ff32b

# Build locally (requires Go 1.23+)
go build -o zero .

# Or build with Docker (exact same as production)
docker build -t zero .

# Run locally
ORDER_SECRET=$(openssl rand -hex 32) ./zero

WHAT TO AUDIT

The entire application is ~6700 lines of Go across 20 files — web UI, Telegram bot, and reseller monitor combined. Zero external dependencies. Here's what to look for:

nearintents.go Zero fee markup. The API call passes amounts through untouched. Search for "appFees" — it's an empty array.

handlers.go Zero logging of user data. No IP addresses, amounts, or addresses are stored. The only log is cache refresh counts.

crypto.go Order tokens are AES-256-GCM encrypted. The key is random per restart (unless ORDER_SECRET is set). No server-side storage.

main.go No middleware that logs requests. No analytics. External calls: NEAR Intents swap API and NEAR Intents Explorer API (reseller monitor only).

tokencache.go Cached copy of the public token list. Refreshed every 5 minutes. No user data.

templates/ Pure HTML. No analytics scripts. No tracking pixels. No external requests. The only JS is an 8-line clipboard helper.

go.mod Zero external dependencies. Only Go standard library. Nothing to supply-chain attack.

Dockerfile FROM scratch — the container is literally empty except for our binary and TLS certificates.

tgorder.go Telegram swap flow. No user data written to disk or database. Orders are encrypted into URL tokens — same model as the web UI, nothing stored server-side.

tgrender.go All Telegram cards are monospace <pre> blocks — no external image services, no CDN, no third-party calls. QR codes generated server-side in pure Go stdlib.

tgsession.go Telegram session state lives in memory only, scoped to the bot process. Nothing is persisted between restarts. No database, no file writes.

explorer.go Read-only client for the NEAR Intents Explorer API. Fetches public on-chain fee data for Swap.my, LizardSwap, and EagleSwap. No user data — only affiliate fee transactions from the public ledger.

monitor.go Reseller monitor: polls Explorer API, maintains a 2000-entry in-memory ring buffer of fee transactions, and persists only a pagination cursor to disk. No user swap data is stored anywhere.

tgmonitor.go Posts double-border monospace fee cards to Telegram forum threads. Updates thread titles and channel description with running totals. No user data sent — only public on-chain fee amounts.

wrapperpage.go /wrapper-logs handler. Snapshots the in-memory ring buffer and renders it as a searchable HTML table. No database, no disk reads — data comes entirely from the live ring buffer.

← Start Swapping