FixedFloat Security Update 2026: Is It Safe to Use Again?

TL;DR

FixedFloat relaunched after its 2024 hack with a V2 security overhaul, air-gapped settlement, automated scanning, and enhanced 2FA, and it remains non-custodial in 2026. It is safer than before for standard low-volume XMR swaps but still carries AML screening risks on flagged flows and lingering trust concerns from the past incident. Trocador and direct routing services like Baltex.io offer stronger privacy guarantees with fewer freeze risks. For most privacy-focused users, Baltex.io provides cleaner wallet-to-wallet execution without the historical baggage or partner-dependent AML checks.

FixedFloat launched in 2018 as a non-custodial instant swap service that let users exchange cryptocurrencies directly between wallets without registration or KYC for most transactions. It gained popularity for fast Monero swaps and Lightning Network support. In February 2024, the platform suffered a major security breach that resulted in approximately $26 million stolen from its infrastructure.

The team took the service offline, rebuilt the backend, and relaunched with improved protections. By 2026, FixedFloat claims a complete V2 security infrastructure that includes automated vulnerability scanning, multi-sig air-gapped settlement for high-value swaps, and enhanced 2FA options. Users’ funds were never at risk during the 2024 incident because the platform never custodies assets.

Past Incidents and Lessons Learned

The 2024 hack exposed vulnerabilities in FixedFloat’s hot wallet management and internal security structure. Attackers gained access to certain service functions and drained funds that belonged to the platform itself. FixedFloat publicly stated that no user funds were lost and emphasized its non-custodial design.

The incident led to a temporary shutdown and a full infrastructure rebuild. The team added real-time monitoring, stricter internal controls, and better key management practices. In 2026 the platform continues to operate with these upgrades in place and has not reported new major breaches.

Current Security Posture in 2026

FixedFloat now operates with air-gapped settlement for large fixed-rate swaps and automated scanning that monitors all wallet movements in real time. It offers optional order pins or temporary 2FA for sensitive transactions. The service remains fully non-custodial: users send funds directly from their own wallets and receive the swapped assets in their destination wallet.

Despite the improvements, the platform still uses partner liquidity providers for some routes. This means final execution depends on those partners’ security and compliance practices. FixedFloat itself does not hold user funds, but users must trust the chosen partner’s reliability during the brief swap window.

Custody Model and Non-Custodial Claims

FixedFloat has always marketed itself as non-custodial. Users never deposit funds into an account on the platform. The swap happens automatically once the incoming transaction is detected and the outgoing transaction is broadcast. This design protects users from platform-level insolvency or internal theft.

In practice, the non-custodial claim holds because FixedFloat never controls user assets. However, the 2024 hack showed that even non-custodial services can lose their own operational funds if hot wallets or internal systems are compromised. The V2 upgrades focus on isolating and protecting those operational components.

Risk Factors That Remain

FixedFloat applies automated risk scoring and may request source-of-funds information on flagged transactions to comply with AML rules. High-risk inputs can lead to temporary freezes while the security team reviews the case. This introduces uncertainty for users who send coins from privacy-focused or previously mixed sources.

Past trust erosion from the 2024 incident makes some privacy-conscious traders hesitant. Even with the security overhaul, the platform’s history creates a perception risk that newer or more transparent alternatives do not carry. Liquidity on certain XMR pairs can also vary depending on partner availability.

Comparison with Alternative Swap Services

Trocador.app emphasizes privacy screening with KYC/AML ratings and Tor support, offering users clearer visibility into partner risk levels. StealthEX focuses on anonymous instant swaps with a clean interface and strong Monero support. Both avoid the historical baggage FixedFloat carries and provide more consistent no-KYC experiences for standard volumes.

Baltex.io takes a different approach by offering direct multi-hop routing with built-in shielded Monero legs instead of simple partner redirection. It eliminates the need to evaluate multiple external providers and reduces exposure to any single point of failure. Our Trocador review and StealthEX review detail how these alternatives compare in practice.

Security Comparison

This table summarizes the current security landscape for XMR swaps. FixedFloat has recovered operationally but still carries reputational weight from its past breach.

Risks vs Alternatives

This table highlights why many privacy-focused traders now prefer alternatives or direct routing services over FixedFloat despite its post-2024 upgrades.

How Baltex.io Provides Safer Routing and Swap Execution

FixedFloat’s history and occasional AML checks make it less ideal for users who prioritize maximum privacy and minimal friction. Baltex.io offers a cleaner alternative by executing direct wallet-to-wallet swaps with built-in shielded Monero hops that add extra unlinkability layers. You deposit XMR or any input asset and select the output with Private Swap mode enabled for end-to-end non-custodial execution.

The platform avoids partner redirection risks and eliminates the need to evaluate multiple external providers. Settlement is fast and consistent because Baltex.io controls the routing path instead of relying on third-party liquidity. Our best no-KYC Monero swappers overview ranks Baltex.io highest for privacy-preserving flows that FixedFloat users often seek after the 2024 incident.

Traders who previously used FixedFloat now route through Baltex.io for Monero swaps that require stronger guarantees without the historical baggage. The workflow stays simple and non-custodial. Our Trocador review and StealthEX review show how Baltex.io complements or replaces older aggregator habits.

For high-volume or sensitive XMR moves, Baltex.io’s shielded routing reduces exposure compared to services that depend on external partners. Our best P2P Monero exchanges guide and hardware wallet for Monero guide help integrate Baltex.io into secure workflows. Our Monero wallet security best practices recommends testing small amounts first when switching from legacy services.

Advanced Safety Tips for XMR Swaps

Always verify the final receive address before sending any funds. Use fresh subaddresses on Monero after any swap to maintain separation. Test with tiny amounts when trying new routes or services.

Our best Monero desktop wallets guide and Monero GUI vs CLI wallet comparison recommend wallets that pair well with direct routing platforms. Our Feather Wallet review offers lightweight options favored by users moving away from legacy services.

Conclusion

FixedFloat has made meaningful security improvements since its 2024 incident and remains a functional non-custodial swap service in 2026. However, the platform’s history, occasional AML checks, and partner-dependent execution make it less ideal for strict privacy users compared to newer or more transparent alternatives. The V2 upgrades address many past weaknesses but cannot fully erase the trust impact of the original breach.

For users seeking maximum privacy and minimal friction when swapping XMR, direct routing services like Baltex.io provide a cleaner and more reliable path. Test small amounts on any platform before committing larger volumes. When you need fast, private, and non-custodial execution without the historical baggage of past incidents, our best no-KYC Monero swappers overview shows exactly why Baltex.io belongs in every serious trader’s toolkit.

For deeper wallet and swap strategies explore our Trocador review, the Cake Wallet review, or the hardware wallet for Monero guide. Security updates matter, but consistent non-custodial design and minimal third-party dependence matter more. Your Monero swaps deserve the strongest protection available.