DON'T TRUST US. VERIFY.
Every deployment is traceable from source code to running binary.
VERIFY IT YOURSELF
# Clone the source code
git clone https://github.com/uSwapExchange/zero.git
cd zero
# Verify the code matches this deployment
git checkout b3d999eb4a8798c34ec1e9b377bc31ddd5dd4c5f
# Build locally (requires Go 1.23+)
go build -o zero .
# Or build with Docker (exact same as production)
docker build -t zero .
# Run locally
ORDER_SECRET=$(openssl rand -hex 32) ./zeroWHAT TO AUDIT
The application is one Go binary: web UI, Telegram swap bot, and zero external dependencies. Here's what to look for:
nearintents.go
No uSwap app fee. Search for "appFees" — the quote request sends an empty array.
handlers.go
Zero logging of user data. No IP addresses, amounts, or addresses are stored. The only log is cache refresh counts.
crypto.go
Order tokens are AES-256-GCM encrypted. The key is random per restart (unless ORDER_SECRET is set). No server-side storage.
main.go
No middleware that logs requests. No analytics. External calls are limited to the NEAR Intents swap API and Telegram when the bot is enabled.
tokencache.go
Cached copy of the public token list. Refreshed every 5 minutes. No user data.
templates/
Pure HTML forms. No analytics scripts, no tracking pixels, no external requests, and no application JavaScript.
go.mod
Zero external dependencies. Only Go standard library. Nothing to supply-chain attack.
Dockerfile
FROM scratch — the container is literally empty except for our binary and TLS certificates.
tgorder.go
Telegram swap flow. No user data written to disk or database. Orders are encrypted into URL tokens — same model as the web UI, nothing stored server-side.
tgrender.go
All Telegram cards are monospace <pre> blocks — no external image services, no CDN, no third-party calls. QR codes generated server-side in pure Go stdlib.
tgsession.go
Telegram session state lives in memory only, scoped to the bot process. Nothing is persisted between restarts. No database, no file writes.