Bitcoin–Monero Cross-chain Atomic Swap
Go to file
bors[bot] ff7d036ab7
Merge #1357 #1358 #1359
1357: build(deps): bump conquer-once from 0.3.2 to 0.4.0 r=delta1 a=dependabot[bot]

Bumps [conquer-once](https://github.com/oliver-giersch/conquer-once) from 0.3.2 to 0.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/oliver-giersch/conquer-once/releases">conquer-once's releases</a>.</em></p>
<blockquote>
<h2>v0.4.0</h2>
<p>This release bumps the MSRV to <code>1.49.0</code>, allowing some depracated <code>std</code> functionality to be replaced with alternatives that were stabilized in that version.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/oliver-giersch/conquer-once/blob/master/RELEASES.md">conquer-once's changelog</a>.</em></p>
<blockquote>
<h3>Release <code>0.3.2</code></h3>
<ul>
<li>fixes potential UB due to insufficiently strict bounds on <code>Sync</code> implementation for <code>OnceCell</code> (see [Issue <a href="https://redirect.github.com/oliver-giersch/conquer-once/issues/3">#3</a>](<a href="https://redirect.github.com/oliver-giersch/conquer-once/issues/3">oliver-giersch/conquer-once#3</a>))</li>
</ul>
<h3>Release <code>0.3.3</code></h3>
<ul>
<li>improves and clarifies wording of public documentation</li>
<li>improves internal documentation around all uses of unsafe code</li>
</ul>
<h2>Release <code>0.4.0</code></h2>
<ul>
<li>bumps MSRV to 1.49.0</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="82747caafd"><code>82747ca</code></a> bump version in README</li>
<li><a href="3ef336f03e"><code>3ef336f</code></a> revert edition bump</li>
<li><a href="43f816a162"><code>43f816a</code></a> bump Cargo.toml version, rust edition to 2021,MSRV</li>
<li><a href="9370e0a194"><code>9370e0a</code></a> bump MSRV to 1.49.0</li>
<li><a href="82ebf601ea"><code>82ebf60</code></a> bump version to 0.3.3</li>
<li><a href="f788ee4855"><code>f788ee4</code></a> completes internal unsafe docs/clarification</li>
<li><a href="f75a52e371"><code>f75a52e</code></a> fix clippy warning under 1.36.0</li>
<li><a href="6f2924915e"><code>6f29249</code></a> clippy 1.36 should fail but doesn't?</li>
<li><a href="dc267663b1"><code>dc26766</code></a> fix CI toolchain</li>
<li><a href="4bc74b003d"><code>4bc74b0</code></a> fix CI</li>
<li>Additional commits viewable in <a href="https://github.com/oliver-giersch/conquer-once/compare/v0.3.2...v0.4.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=conquer-once&package-manager=cargo&previous-version=0.3.2&new-version=0.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

1358: build(deps): bump serial_test from 1.0.0 to 2.0.0 r=delta1 a=dependabot[bot]

Bumps [serial_test](https://github.com/palfrey/serial_test) from 1.0.0 to 2.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/palfrey/serial_test/releases">serial_test's releases</a>.</em></p>
<blockquote>
<h2>v2.0.0</h2>
<p>Main change is the <a href="https://redirect.github.com/palfrey/serial_test/pull/96">Syn 2.x upgrade</a> which required an MSRV bump. MSRV is now 1.68.2. Note this is minimum <em>supported</em>, as it may well compile with lower versions, but they're not supported at all.</p>
<p>There's also a small bug fix for an issue when <a href="https://redirect.github.com/palfrey/serial_test/pull/94">running under vscode and stripping attributes</a></p>
<p><strong>Full Changelog</strong>: <a href="https://github.com/palfrey/serial_test/compare/v1.0.0...v2.0.0">https://github.com/palfrey/serial_test/compare/v1.0.0...v2.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7e3a5ca6f3"><code>7e3a5ca</code></a> 2.0.0</li>
<li><a href="a7222e1f35"><code>a7222e1</code></a> Merge pull request <a href="https://redirect.github.com/palfrey/serial_test/issues/96">#96</a> from palfrey/syn-2</li>
<li><a href="113f07662e"><code>113f076</code></a> Upgrade to Syn 2</li>
<li><a href="21b7a7fa6f"><code>21b7a7f</code></a> Merge pull request <a href="https://redirect.github.com/palfrey/serial_test/issues/94">#94</a> from palfrey/remove-ignore-ignore</li>
<li><a href="fc0497c8e8"><code>fc0497c</code></a> Stop stripping ignore/should_panic attributes</li>
<li><a href="7d6af096bf"><code>7d6af09</code></a> Merge pull request <a href="https://redirect.github.com/palfrey/serial_test/issues/91">#91</a> from palfrey/dependabot/cargo/tokio-1.18.5</li>
<li><a href="1607dec900"><code>1607dec</code></a> Bump tokio from 1.18.4 to 1.18.5</li>
<li><a href="30b772a3d1"><code>30b772a</code></a> Merge pull request <a href="https://redirect.github.com/palfrey/serial_test/issues/92">#92</a> from palfrey/test-rust-version</li>
<li><a href="c1c65d24ea"><code>c1c65d2</code></a> Set rust-version in test to fix clippy issue</li>
<li>See full diff in <a href="https://github.com/palfrey/serial_test/compare/v1.0.0...v2.0.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serial_test&package-manager=cargo&previous-version=1.0.0&new-version=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

1359: build(deps): bump async-trait from 0.1.67 to 0.1.68 r=delta1 a=dependabot[bot]

Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.67 to 0.1.68.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/dtolnay/async-trait/releases">async-trait's releases</a>.</em></p>
<blockquote>
<h2>0.1.68</h2>
<ul>
<li>Improve error message if an async fn is written without a function body in an impl block</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="dce60601d7"><code>dce6060</code></a> Release 0.1.68</li>
<li><a href="346f0509c6"><code>346f050</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/async-trait/issues/244">#244</a> from dtolnay/verbatimfn</li>
<li><a href="344a4f2a68"><code>344a4f2</code></a> Handle async impl fn without body</li>
<li>See full diff in <a href="https://github.com/dtolnay/async-trait/compare/0.1.67...0.1.68">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=async-trait&package-manager=cargo&previous-version=0.1.67&new-version=0.1.68)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting ``@dependabot` rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- ``@dependabot` rebase` will rebase this PR
- ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it
- ``@dependabot` merge` will merge this PR after your CI passes on it
- ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it
- ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging
- ``@dependabot` reopen` will reopen this PR if it is closed
- ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-20 12:46:58 +00:00
.cargo .cargo/config.toml for specifying linker 2021-03-15 14:36:05 +11:00
.github build(deps): bump actions/checkout from 3.5.0 to 3.5.2 2023-04-14 11:58:03 +00:00
docs Change example rendezvous node to /dns4/discover.unstoppableswap.net/tcp/8888/p2p/12D3Ko... 2022-04-22 14:51:37 +02:00
monero-harness feat: upgrade monero images to v0.18.1.2 2022-11-07 09:53:50 +02:00
monero-rpc build(deps): bump hex-literal from 0.3.4 to 0.4.1 2023-04-18 11:58:22 +00:00
monero-wallet Update dependencies and rust-toolchain to 1.59 2022-03-12 13:05:36 +02:00
swap Merge #1357 #1358 #1359 2023-04-20 12:46:58 +00:00
utils/gpg_keys docs: add gpg key readme and delta1.asc 2022-08-11 13:05:21 +02:00
.gitignore docs: update sqlx script and add ci 2022-11-30 15:30:32 +02:00
bors.toml feat(swap): merge cancel/refund commands into one command 2023-01-08 12:53:56 +02:00
Cargo.lock Merge #1357 #1358 #1359 2023-04-20 12:46:58 +00:00
Cargo.toml Update secp256kfun and rand to latest version 2021-05-25 15:35:13 +10:00
CHANGELOG.md ci: update msrv and github actions toolchains 2023-01-10 14:57:09 +02:00
CONTRIBUTING.md Create CONTRIBUTING.md 2021-06-29 10:58:00 +10:00
dprint.json chore: fix dprint config and run fmt 2023-03-15 14:19:57 +02:00
LICENSE Change license to GPLv3 2020-10-12 17:13:25 +11:00
README.md readme: fix minor grammar error 2023-02-27 15:13:17 -05:00
rust-toolchain.toml ci: update msrv and github actions toolchains 2023-01-10 14:57:09 +02:00

XMR to BTC Atomic Swap

This repository hosts an MVP for atomically swapping BTC to XMR. It implements the protocol described in section 3 of this paper.

More information about the protocol in this presentation and this blog post.

Currently, swaps are only offered in one direction with the swap CLI on the buying side (send BTC, receive XMR). We are working on implementing a protocol where XMR moves first, but are currently blocked by advances on Monero itself. You can read this blogpost for more information.

Quick Start

  1. Download the latest swap binary release for your operating system.
  2. Find a seller to swap with:
./swap --testnet list-sellers
  1. Swap with a seller:
./swap --testnet buy-xmr --receive-address <YOUR MONERO ADDRESS> --change-address <YOUR BITCOIN CHANGE ADDRESS> --seller <SELLER MULTIADDRESS>

For more detailed documentation on the CLI, see this README.

Becoming a Market Maker

Swapping of course needs two parties - and the CLI is only one of them: The taker that occasionally starts a swap with a market maker.

If you are interested in becoming a market maker you will want to run the second binary provided in this repository: asb - the Automated Swap Backend. Detailed documentation for the asb can be found in this README.

Safety

This software is using cryptography that has not been formally audited. While we do our best to make it safe, it is up to the user to evaluate whether or not it is safe to use for their purposes. Please also see section 15 and 16 of the license.

Keep in mind that swaps are complex protocols, it is recommended to not do anything fancy when moving coins in and out. It is not recommended to bump fees when swapping because it can have unpredictable side effects.

Contributing

We encourage community contributions whether it be a bug fix or an improvement to the documentation. Please have a look at the contribution guidelines.

Rust Version Support

Please note that only the latest stable Rust toolchain is supported. All stable toolchains since 1.63 should work.

Contact

Feel free to reach out to us in the COMIT-Monero Matrix channel.