BasicSwap has been listed:
https://kycnot.me/service/basicswap
"Privacy-first, cross-chain trading exchange (DEX) with no central point of failure that lets you freely swap cryptocurrencies such as Bitcoin or Monero without restrictions or the need for third-party involvement."
@kycnotme Some of their claims appear highly dubious.
Especially this: https://particl.wiki/learn/marketplace/smsg/
>SMSG is a decentralized P2P message mixnet where all nodes store a copy of everyone’s end-to-end encrypted messages and data
Sounds like a bunch of buzzwords thrown together. Do they even know what mixnet is? Apparently their protocol is based on the abandoned Bitmessage protocol: https://kewde.gitbooks.io/protocol/content/data-storage-network/smsg.html
But there's no detailed description of how it works. Looks like they just made it up.
>It operates parallel to Particl’s network and is hosted on the same nodes running the blockchain.
Even if this SMSG protocol really exists, it is not clear who runs the nodes. Their explorer says there are 74 peers, but this number can be fake. Or these nodes can be controlled by developers.
The app has Tor support, but it is not enabled by default:
https://particl.wiki/tutorial/privacy/tor/
Users might not be aware of that, so whoever operates the nodes can de-anonymize them.
-----
I'm not saying it shouldn't be listed. But until their software gets an independent audit, everyone should treat it like a regular centralized exchange which for some reason wants you to download an executable.
- replies
- 1
- announces
- 0
- likes
- 0
@Hyolobrika @kycnotme I haven't heard of that. Probably it was some other "DEX"
@silverpill You are pointing some valid concerns. What changes do you propose to the listing to better reflect this? I am out right now and can't investigate further.
@kycnotme I think the rating should be lower (currently it has 10), but I'm not sure about the exact number.
I did investigate it further and had a look at their code:
https://github.com/tecnovert/basicswap
The readme says it's in beta, so it is possible that some features have not been implemented yet (the website, however, presents BasicSwap as a finished product). I was able to locate code that does BTC-XMR atomic swaps, and @kayaba suggested that their implementation could be real. I didn't find atomic swap implementations for other currencies listed on the website.
The orders are sent to a local Particl node. It's a fork of Bitcoin Core with various additions, so the P2P network is probably real (Bitcoin Core provides that), but it is not clear how decentralized it is.
The Particl blockchain is a PoS chain powered by the PART token, which lost 99.48% of its value since ATH. I think it is reasonable to assume that the people behind this project are the only ones who hold significant amounts of coins, because everyone else had quit long time ago. And since it's PoS, this means they have total control over the chain, and in my view that makes it equivalent to a single server.
I can't find any information about past security incidents, apart from this strange github post talking about an inflation bug: https://github.com/particl/ccs-proposals/pull/5
Particl-Core and most of BasicSwap were developed by a single person.
So my conclusion is that foundations for "Privacy-First Cross-Chain DEX" might be present, but the product is presented in a misleading way, not properly documented, and not independently audited. Furthermore, the market valuation of PART token indicates an extremely low trust in it, which might have caused by past incidents.
@silverpill @kycnotme The security of swaps should be independent to the network. The network should be as decentralized as the nodes, even if block production is 'centralized' with PoS, unless they limited SMSG to staking nodes only
@kayaba @kycnotme My suggestion for kycnot.me is to split peer to peer category into two distinct categories: peer to peer trading (like LocalMonero) and peer to peer networking (like Bisq, and in the future, Serai).
True decentralization requires much more effort, and needs to be proven. This way only the best of the best will be rewarded with 10/10 rating.