Home | Search

2026-05-16

A startup to enable ETH-XMR atomic swaps may be profitable, and help whistleblowers as a side effect

Disclaimer

Main

Notes to strictly myself - I'm unsure about whether I should start this company myself, but probably not? - I don't know, the hardest part as usual is smart contract security, and I am not an expert on smart contract security. Maybe in another 12 months, AI can just do the smart contract security by itself lol. - Update - These contracts look prety simple? What am I missing, why has no one done this already? [Link to 4 .sol files](https://github.com/athanorlabs/atomic-swap/tree/master/ethereum/contracts) And lmao, yes GPT-5.5 says these contracts are insecure. Why is so much of the logic happening offchain? Ugh. I guess because there are timed deadlines on both sides, if the offchain code is insecure, even that is a problem. On the flipside, this also makes writing this app easier because offchain bugs are easier to fix than onchain bugs. - Update - I am semi-motivated to just blindly publish the GPT-5.5 contracts and seed it with maybe $5k of my own funds. Fastest way to find out if it is secure or not, honestly, if I don't care about the money. - I'm betting 80% probability AI can't write secure onchain code. If the onchain code is secure, the offchain code can be fixed afterwards also, even after a hack happens. Honestly 20% is kinda good odds? Maybe I should publish this? - I'm also annoyed by how much offchain messaging is required to coordinate this atomic swap. This is not actually significantly better than just trusting someone to do it p2p. If you don't trust the counterparty, just split it into smaller transactions and trade it p2p trusted. It is only when the transaction amounts get really big that you might prefer a smart contract (or a counterparty with significant irl reputation). - Whichever server is running the offchain code becomes a target as well, if a third party (like the govt) wants to stop the swap from happening. You might still need to run this server behind Tor. - Uniswap became super popular because both actors don't need to be online (or have their servers be online) in order for the swap to happen. - Holy fuck now I understand why atomic swaps are not more popular. Ugh - Okay, on ethereum you can pay an incentive for a third party watcher to trigger the tx - Idk, I think it is a cleaner design to atomic swap XMR for some ERC20 wrapped XMR, and then uniswap that for actual ETH. It also solves the whole issue of someone needing to be online to rebalance the price quotes. Obviously the person minting the wrapped XMR becomes a trusted entity here. - ugh okay, I need to read more about this whole landscape before opining - BTSE provides wrapped XMR. They have like $2M in liquidity on wrapped XMR to ETH uniswap pair. But the process for minting wrapped XMR from actual XMR is custodial and may have blacklists. Motherfucker these people have KYC-ed the wrapping process, completely unsurprising in retrospect. Even then, there can in theory exist a third party that can provide XMR to wrapped XMR atomic swap, without informing BTSE about it? - The offchain messaging is still a problem. Like, I could easily just post on my website, here's 10 wrapped XMR from me, send me XMR and trigger this API, then I will release the wrapped XMR for you. But I will still need an offchain script to stay online on the backend. I could make it as simple as, if anyone sends XMR to my address with a note, they automatically get back wrapped XMR to the address mentioned in the note. And ofcourse you need a hardened onion server to run this script. - Okay here's an even dumber idea than this. I could just airdrop a tiny amount of ETH to anyone who has an openAI email body and verifies its DKIM headers. They don't actually even need to pay me. On second thoughts, no, providing me with their email actually increases their exposure. - What if I cold DM them on twitter and airdrop them a tiny amount of ETH in their DMs? Okay but then it becomes obvious in future investigation that I provided them the ETH, since ETH is traceable, and they can also correlate the twitter DMs with the actual ETH addresses. This also does not work. - Okay another crazy dumb idea, what if I airdrop everyone on Earth with $1 worth of ETH? Aaa the core problem here still is that ETH is traceable. Unless the claim process for the airdrop is fully anonymous, a third party will know who received which ETH. - Here's a completely different class of solutions. What if the OpenAI employee purchases ETH from a KYC-ed exchange, then puts it in tornado (on their personal machine which is logged), and then a month or two later they withdraw it via a TAILS machine and publish the EIP4844 blob? openai employee purchasing ETH and putting it in tornado is a red flag for investigators yes, and investigators also know the publishing happened on ethereum, but this by itself is not enough to say, get a warrant on someone, it will just narrow their pool of suspects. - honestly this is not a bad solution, if the only goal is to keep anonymity for a few weeks, not indefinitely. Like, trustlessly mining XMR and trustlessly swapping it for ETH would be a better solution, but what I stated above isn't that bad a solution either. - At this point I honestly think everyone on Earth should keep a small amount of Tornado ETH lol, just as a sort of get-out-of-jail-free card for an emergency. - Lmao I am now wondering if there is some captcha farm where you can just earn $1 of ETH on a tails machine. The whole reasons I am bringing XMR into the picture is because it can be mined anonymously. But if there's a way to anonymously earn ETH that would also work. It will need a large anonymity set like monero or tornado.

Subscribe

Enter email or phone number to subscribe. You will receive atmost one update per month

Comment

Enter comment