noKYCme

Case file · Exchange

Haveno (RetoSwap network)

Monero-native, non-custodial P2P over Tor, with no ID ever. But "Haveno" is a framework: you actually trade on an independent network (mainly RetoSwap) - and that network was exploited twice in 2026.

Never KYC
Based
No company. Framework by pseudonymous "woodser"; main live network RetoSwap run by a pseudonymous operator since May 2024
Price
Refundable XMR security deposit; low protocol fees
Reviewed
2026-07-15
Audited by
The noKYCme Bureau

The systematized overview

The bureau vs the internet.

What the bureau found

3.0/10 · Guaranteed no-KYC

On privacy it is close to ideal: Monero-native, Tor-only, no account, no ID, and the software cannot even take custody of your funds. But this is where reliability and trust collapse - "Haveno" runs no exchange itself; the live network (RetoSwap) is run pseudonymously and was exploited twice in 2026 for about $2.7M with no confirmed reimbursement, and trading was suspended pending a patch. Under our rule that an unreimbursed loss of user funds caps the score like a fund-freeze, the overall is held to 3/10 - treat this as a live, provisional verdict and a high consumer-protection risk.

What the internet says

3 recurring praises · 3 recurring gripes

Most praised: genuinely no-kyc, monero-native and non-custodial. Most cited downside: two 2026 exploits badly shook confidence.

We track our editorial score and community sentiment separately — neither moves the other. Read together, they're the systematized overview.


The facts

Custody & jurisdiction.

Jurisdiction
No legal entity; framework by pseudonymous "woodser", network by RetoSwap
Custody
Non-custodial - 2-of-3 Monero multisig (buyer, seller, arbitrator)
Escrow
2-of-3 Monero multisig + refundable XMR security deposit
Traded
Monero (XMR) native, vs fiat and BTC/ETH/BCH
Fiat rails
No - fiat settled directly between the two traders
Payment methods
Per network; bank transfer, cash and others agreed peer-to-peer
Payment privacy
Monero-native, Tor by default, local data storage
Disputes
In-app chat, then arbitrator (holds 1 of 3 keys) - the 2026 attack surface
KYC trigger
None - no account, no ID; peer-run software
Open source
Yes - AGPL-3.0, github.com/haveno-dex/haveno
Audited
No published independent security audit found
Operating since
RetoSwap mainnet since May 2024 (young); core has no mainnet

The full read

Our analysis, in plain words.

Haveno is the Monero community’s answer to no-KYC trading, and on privacy it is about as strong as this category gets: Monero-native, routed entirely over Tor, with no account, no email and no ID, and a design where the software never takes custody of your coins. The official FAQ puts it bluntly - "Haveno is and will always be non-KYC" - and an independent directory scores its privacy 95/100. If identity protection were the only axis, Haveno would sit near the top.

The complication starts with what "Haveno" even is. It is a framework, not an exchange - the core project deliberately runs no live network. Actual trading happens on independent deployments run by separate, pseudonymous operators, and in 2026 that means mostly RetoSwap. So a user is not trusting an accountable company or even a transparent DAO; they are trusting one pseudonymous operator and its arbitrators, with no legal entity anywhere and no independent security audit we could find.

That fragility turned concrete in 2026. RetoSwap was exploited twice - in May an attacker impersonated the arbitrator and drained about $2.7M in Monero, and in June a second, different bug let an attacker release XMR without paying the BTC leg. Trading was suspended pending a full patch, and no reimbursement was confirmed for the May losses. The 2-of-3 multisig means the operator cannot simply steal your funds, but it does not stop a protocol bug, and the arbitrator’s third key was the very surface that was abused. Our verdict reflects that split honestly: privacy near the top, reliability and trust near the bottom because the network recently lost user funds and was not operating normally. Anyone considering it should verify the current status first and treat this score as provisional.


The score, broken down

How the 3.0 is built.

Privacy 4.6Trust 1.3Reliability 0.3 Headroom 3.8

Privacy

weight 50%

What identity, data and metadata the service can demand or collect.

92/100

92 × 50% = 4.6 of 10

Trust

weight 30%

Whether it can technically deliver what it claims — code, audits, age.

42/100

42 × 30% = 1.3 of 10

Reliability

weight 20%

Whether the no-KYC claim holds under real-world pressure.

15/100

15 × 20% = 0.3 of 10

Weighted score was 6.2 — a reliability rule capped it to 3.0. See the rubric →


Every point, sourced

What earned the score.

Privacy

  • +10Monero-native and Tor-only; no account, no email, no ID
  • +6"Haveno is and will always be non-KYC" (official FAQ)
  • +4Anti-doxxing rule: penalties for demanding a peer’s personal data
  • +-3Cross-chain trades can leave detectable on-chain linkage (research)

Trust

  • +5Fully open source (AGPL-3.0), donation-funded, no token
  • +3Non-custodial: arbitrators hold only 1 of 3 keys, never custody
  • +-4No accountable entity - you trust a pseudonymous network operator
  • +-4No published independent security audit found

The fine print, read for you

The clause they bury.

Verbatim — the honest version
“Haveno is and will always be non-KYC. All connections between Haveno peers run through the Tor network. There is no central authority. All trades are P2P between users.”

What it meansThe no-KYC and privacy posture is structural and genuine - Monero-native, Tor-only, no account, non-custodial. On identity protection there is essentially nothing to fault. The problems are entirely on the reliability and trust side.

Read the source →
Verbatim — the trapdoor
“When the attacker took a trade, they sent a fake, out-of-order ACK message impersonating the arbitrator, causing the software to update the arbitrator’s node address to their own.”

What it meansThis is the May 2026 RetoSwap exploit in reporters’ words: a flaw in the Haveno trade protocol let an attacker impersonate the arbitrator and drain roughly 7,000 XMR (~$2.7M) from live trades. A second, different exploit followed in June 2026. Non-custodial protects you from the operator stealing funds - it does not protect you from a protocol bug, and here there was no confirmed reimbursement.

Read the source →
KYC trigger threshold

None - no account, no ID, peer-run software over Tor. Trades are secured by 2-of-3 Monero multisig where each party (buyer, seller, arbitrator) holds one key. The real risk is not identity but the protocol: the arbitrator’s third key was the surface abused in the 2026 exploits.

Policy review — point by point

  • Structurally no-KYC and non-custodial

    No account or ID, Tor-only, and 2-of-3 multisig where the software never holds funds; the FAQ commits to being non-KYC permanently.

  • Framework, not an exchange

    Core Haveno runs no mainnet; you trade on an independent network (RetoSwap) run by a pseudonymous operator, which is who you are actually trusting.

  • Two 2026 protocol exploits, unreimbursed

    RetoSwap was drained twice in 2026 (~$2.7M total) via arbitrator-impersonation and dispute-flow bugs; no reimbursement was confirmed and trading was suspended.

  • No independent audit

    No formal third-party security audit of the protocol could be found, which is notable given the exploits.

Jurisdiction analysis

There is no jurisdiction and no entity to point at: the framework is a donation-funded open-source project led by a pseudonymous developer, and the live network is run by a separate pseudonymous operator. This maximizes censorship-resistance and privacy but minimizes recourse - after the 2026 exploits there was no company to pursue, no DAO treasury reimbursement of the kind Bisq used, and no legal claim available.


We keep watching

Incident & policy timeline.

  1. 2023-2024

    Successor to LocalMonero; RetoSwap network goes live

    After LocalMonero shut down in Nov 2023, Haveno became the Monero community’s flagship no-KYC DEX. Core Haveno runs no mainnet; the main live network, RetoSwap (formerly Haveno-Reto), launched May 2024 under a pseudonymous operator.

    source ↗
  2. May 2026

    RetoSwap exploited for ~$2.7M (arbitrator impersonation)

    An attacker impersonated the arbitrator via a fake ACK message and drained about 7,000 XMR (~$2.7M), mostly from large crypto trades. RetoSwap halted trading within minutes and banned the attacker. kycnot.me reports no reimbursement was confirmed.

    source ↗
  3. Jun 2026

    Second exploit; trading suspended pending a full patch

    A different vector abused the dispute/forced-arbitration flow to release XMR without sending the corresponding BTC - the same arbitrator/multisig subsystem as May. RetoSwap again suspended trading, saying it would stay paused until a full security patch was developed, tested and released. Resumption was unconfirmed as of our review (2026-07-15).

    source ↗

The verdict

Where it stands.

Strengths

  • Monero-native and Tor-only - the strongest privacy stack in the category
  • No account, no email, no ID; the software cannot take custody of funds
  • Fully open source (AGPL-3.0), donation-funded, no token
  • Fills a real need as the Monero community’s no-KYC DEX after LocalMonero

Trade-offs

  • The live protocol was exploited twice in 2026 (~$2.7M) with no confirmed reimbursement
  • Both 2026 exploits hit the same arbitrator/multisig subsystem - a design regression, not bad luck
  • Trading was suspended pending a full security patch; resumption unconfirmed as of our review
  • You trust a pseudonymous network operator (RetoSwap), not an accountable entity
  • No independent security audit exists despite the 2026 exploits
  • Low liquidity, young network, and a complex install
Visit Haveno (RetoSwap network) No affiliate relationship. We link to the official site directly.

Across the internet

What reviewers report.

Consistently praised

  • Genuinely no-KYC, Monero-native and non-custodial
  • Fills the gap left by LocalMonero for private XMR trading
  • Successful, private trades reported by users when the network is up

Recurring complaints

  • Two 2026 exploits badly shook confidence
  • Low liquidity and a complex installation
  • Lingering apprehension about network/operator trust

An independent directory rates it highly for privacy (9/10 overall) but its trust score fell to 73/100 with an explicit -19 impact attributed to the two 2026 exploits. Direct Reddit/X threads could not be captured; this synthesis leans on kycnot.me and an arXiv study of Haveno, and should be refreshed with a manual community pass.


Ask the bureau

Haveno (RetoSwap network), common questions.

Is Haveno no-KYC?

Yes, unambiguously - the official FAQ says "Haveno is and will always be non-KYC." There is no account, no email and no ID; it is Monero-native and Tor-only, and the software never takes custody of your funds. On privacy it is one of the strongest options anywhere.

Can I actually trade on "Haveno"?

Not directly. Haveno is a framework, and the core project runs no live network. Real trading happens on independent networks run by separate operators - mainly RetoSwap. You are trusting that specific pseudonymous operator and its arbitrators, not "Haveno" as a single accountable entity.

Is my money safe on Haveno / RetoSwap?

Custodially it is non-custodial - funds sit in 2-of-3 Monero multisig. But the protocol was exploited twice in 2026 for around $2.7M, with no confirmed reimbursement, and trading was suspended pending a patch during our review. This is a high consumer-protection risk right now; check current status and treat our score as provisional.

Why is the score so much lower than its privacy?

Because we weight Reliability and Trust, and both are badly hit: two unreimbursed protocol exploits, a suspended network, a pseudonymous operator and no independent audit. Excellent privacy cannot offset a service that recently lost user funds and is not currently operating normally.

Your exact case not covered? The live Ask the bureau answers it and turns it into a public FAQ.