A while ago, I bought a motorcycle from my childhood friend and hadn't paid him back. Then it had an accident, and today it's fixed but I don't want to ride it anymore, and another friend wants to buy one too. Our accounts are now piled up: I owe my friend money, my friend wants the motorcycle, and my friend is waiting for payment. How the accounts were settled in the end isn't important, but this incident made me think about a question: if three people don't trust each other, can this debt be settled? The @MidnightNetwork white paper, which includes $NIGHT, has a mechanism called ZSwap that solves this problem quite well, but it's not suitable for cross-chain transactions. ZSwap's core is atomic swaps. In transactions, this means: A transfers ETH to B, and B transfers NIGHT to A. These two actions are linked; they must both complete or both be canceled. It's impossible for only half to occur. This problem is particularly prominent in cross-chain transactions. Two different chains each have their own state, and there's no common clock to guarantee that two transactions will occur simultaneously. Traditional cross-chain swaps typically require an intermediary. You lock your assets with the intermediary, and the other party also locks their assets. The intermediary then releases them simultaneously upon confirmation. This model is effective but relies on the intermediary's integrity; if the intermediary fails, both sides' assets are at risk. We've seen numerous cross-chain bridge attacks in recent years. ZSwap bypasses this problem using ZK proofs. A user submits a transaction containing a ZSwap intent: "I'm willing to exchange X amounts of ETH for Y amounts of DUST, or other token combinations." This intent itself is a cryptographic commitment containing the exchange conditions but doesn't reveal the user's identity or the specific amount. Other participants in the network see this intent and, if they are willing to accept the conditions, submit a matching intent. Once the two intents match, the protocol automatically executes an atomic swap without any intermediary intervention. Here's a detail I think is very well-designed: the amount in the ZSwap intent is private. In traditional order book trading, your order price and quantity are visible to everyone. This is how large orders can be preemptively exchanged (MEV attacks). ZSwap's intent uses ZK proofs to protect transaction details; the matching party only knows the conditions are compatible, but cannot see the other party's specific parameters. This design naturally resists a type of attack very common on existing DEXs. The white paper mentions acting as a Babel Station. Users wanting to execute a transaction on Midnight using ETH submit a ZSwap intent containing ETH. The Babel Station operator accepts the order, advances the DUST for the user to complete the transaction, and receives a reward from the user's ETH. The entire process is simply a fee paid with ETH for the user; the underlying DUST mechanism is completely transparent to the user. What I want to say is that ZSwap is still on the roadmap and not a live feature. The white paper uses the wording "future protocol upgrades could enable," meaning it will be gradually implemented after the mainnet launch. What we can confirm now is the design direction and cryptographic foundation; the specific implementation timeline has not been disclosed. Returning to our three-person account, the two friends didn't actually have a direct trust relationship, but the exchange was completed through me as an intermediary node. ZSwap aims to replace my role as an intermediary node with mathematical proof. You don't need to trust anyone, only the protocol. Assets on both sides are exchanged simultaneously under cryptographic constraints, and no one can intercept the transaction. If this truly works, the trust issue in cross-chain transactions will shift from needing to trust the bridge's operator to "you only need to trust the mathematics." The difference between these two is, I think, greater than most people imagine. #night