Zero-fee, zero-tracking, open-source crypto swap frontend powered by NEAR Intents.
Live: zero.uswap.net
A single Go binary (~4000 lines, zero dependencies) that lets you swap 140+ tokens across 29 blockchains β via web or Telegram bot. No account needed. No JavaScript analytics. No cookies. No server-side logging of user data.
uSwap Zero passes the NEAR Intents exchange rate through at cost β no markup, no hidden fees. Every swap is verifiable against the public NEAR Intents API.
Most "zero-fee" swap services are resellers. They use the NEAR Intents API, add 1-5% to the rate, and pocket the difference. The user never sees the pre-markup price.
uSwap Zero is different:
- Zero markup β the API call passes amounts through untouched
- Open source β read every line of code that handles your swap
- Verifiable deployment β the running binary's commit hash, build log, and image digest are public at
/verify - No tracking β no analytics, no cookies, no IP logging, no session storage
See the full analysis at /case-study.
Language: Go 1.23 (stdlib only)
HTTP: net/http
Templating: html/template (auto-escapes HTML)
Encryption: crypto/aes + crypto/cipher (AES-256-GCM)
Static: embed directive (CSS + icons in binary)
Container: FROM scratch (empty image + binary + TLS certs)
Dependencies: 0
git clone https://github.com/uSwapExchange/zero.git
cd zero
# Generate a random encryption key and start the server
ORDER_SECRET=$(openssl rand -hex 32) go run .Open http://localhost:3000.
The bot is optional. When TG_BOT_TOKEN and TG_APP_URL are set, the server auto-registers a webhook and the bot becomes active. If either is unset, the web interface still works normally.
The bot renders everything as monospace <pre> cards β no images, no external services. QR codes for deposit addresses are generated server-side (stdlib only) and sent as photo messages with a dark frame.
Try it: @uSwapZero_Bot
# Binary
go build -o zero .
# Docker
docker build -t zero .
docker run -p 3000:3000 zeroBuild with deployment metadata:
go build -ldflags "-s -w \
-X main.commitHash=$(git rev-parse HEAD) \
-X main.buildTime=$(date -u +%Y-%m-%dT%H:%M:%SZ) \
-X main.buildLogURL=https://github.com/uSwapExchange/zero/actions/runs/12345" \
-o zero .| Variable | Required | Default | Description |
|---|---|---|---|
ORDER_SECRET |
Production | Random on startup | 64-char hex key for AES-256-GCM encryption of order tokens |
NEAR_INTENTS_JWT |
No | Empty | JWT from NEAR Intents partners portal (enables 0% protocol fee) |
NEAR_INTENTS_API_URL |
No | https://1click.chaindefuser.com |
NEAR Intents API base URL |
PORT |
No | 3000 |
HTTP listen port |
TG_BOT_TOKEN |
No | β | Telegram bot token from @BotFather β enables the Telegram bot |
TG_APP_URL |
No | β | Public base URL of the deployment (e.g. https://zero.uswap.net) |
TG_WEBHOOK_SECRET |
No | Auto-generated | Secret for verifying Telegram webhook requests |
See .env.example for a complete reference.
zero/
βββ main.go # Server, routes, templates, rate limiter
βββ handlers.go # HTTP handlers for all pages
βββ nearintents.go # NEAR Intents 1Click API client
βββ tokencache.go # In-memory token cache (5min TTL)
βββ crypto.go # AES-256-GCM encrypt/decrypt + CSRF tokens
βββ qr.go # QR code SVG generator (hand-rolled, no deps)
βββ amount.go # BigInt amount math (human <-> atomic)
βββ tgbot.go # Telegram bot init, webhook registration
βββ tghandler.go # Telegram update router + command handlers
βββ tgorder.go # Telegram swap flow (quote β confirm β order β status)
βββ tgrender.go # Monospace card renderers (<pre> box-drawing)
βββ tgqr.go # Dark-framed QR PNG generator for deposit step
βββ tgsession.go # Per-user session state
βββ tgswapcard.go # Swap card builder + inline keyboard
βββ templates/ # Go html/template files
βββ static/style.css # Single stylesheet
βββ static/icons/ # 30 bundled SVG crypto icons
βββ Dockerfile # Multi-stage: golang:1.23-alpine -> FROM scratch
| Method | Path | Description |
|---|---|---|
| GET | / |
Swap form with currency selector modal |
| POST | /quote |
Quote preview with fee breakdown |
| POST | /swap |
Confirm swap, create order, redirect to /order/{token} |
| GET | /order/{token} |
Order status with deposit address + QR code |
| GET | /order/{token}/raw |
Raw JSON status from NEAR Intents API |
| GET | /currencies |
Full searchable token list (140+ tokens, 29 networks) |
| GET | /how-it-works |
How the swap process works |
| GET | /case-study |
Analysis of swap service reseller markup practices |
| GET | /verify |
Deployment metadata, build verification instructions |
| GET | /source |
Redirect to GitHub repository |
| GET | /static/* |
Embedded CSS and SVG icons |
| GET | /icons/gen/{ticker} |
Server-generated fallback icon SVG |
What the server stores: Nothing. There is no database, no session store, no log files beyond stdout.
What the server logs to stdout: Token cache refresh counts. That's it. No IP addresses, no swap amounts, no wallet addresses.
How orders work: When you confirm a swap, the server encrypts the order details (deposit address, amounts, correlation ID) into an AES-256-GCM token. This token is part of the URL (/order/{token}). The server decrypts it on each page load to fetch status from NEAR Intents. If the server restarts with a different ORDER_SECRET, old order links stop working β the data existed only in the URL.
What the templates load: Nothing external. No Google Fonts, no CDN resources, no analytics scripts. The only JavaScript is an 8-line inline clipboard helper with a <noscript> fallback.
Every deployment's commit hash, image digest, and build log are published at /verify. To verify independently:
# Clone and build the same commit
git clone https://github.com/uSwapExchange/zero.git
cd zero
git checkout <commit-from-verify-page>
go build -o zero .
# Or build with Docker (same as production)
docker build -t zero .Check nearintents.go for zero fee markup. Check handlers.go for zero logging. Check go.mod for zero dependencies.