Trocador vs FixedFloat for Monero Swaps in 2026

On 16 February 2024, FixedFloat lost roughly $26 million in Bitcoin and Ethereum to a hot-wallet exploit — a sobering reminder that even the slickest no-KYC instant exchange is, ultimately, a custodian for the seconds your funds sit in its address. Two years later, users hunting for a clean route from Bitcoin or USDT into Monero still keep landing on two recognisable names: Trocador and FixedFloat. They look superficially similar — both promise fast, no-account swaps, both list XMR prominently, both have a clean web UI — yet they are not the same kind of service. One is an aggregator that routes you to dozens of underlying providers; the other is a single exchange that handles the swap itself.

This 2026 comparison breaks down what each does, where the privacy tradeoffs really live, how fees stack up after the recent rate-aggregator shakeups, and which option pairs better with a Monero-first workflow. If you are routing through MoneroSwapper as your habitual XMR on-ramp, you already understand why provider choice matters — the wrong instant swap can leak a clearnet IP, attach a sticky email, or freeze your funds mid-flow on a flimsy AML flag.

What Trocador and FixedFloat Actually Are

The first mistake most comparison articles make is treating Trocador and FixedFloat as direct competitors. They occupy adjacent but distinct layers of the swap stack.

Trocador: a non-custodial aggregator

Trocador.app is a Portuguese-language-origin aggregator launched in 2021 that lists quotes from dozens of underlying instant exchanges — ChangeNOW, SimpleSwap, Exch, Majestic Bank, Godex, Exolix, StealthEx, Swapter, NanSwap and others. You pick a pair (say, BTC → XMR), Trocador queries all configured providers, sorts by rate or by privacy score, and routes your transaction to whichever provider you choose. Trocador itself never holds your coins. It takes a small affiliate fee from the underlying provider in exchange for sending the trade.

Crucially, Trocador attaches a KYC risk rating to each provider, badges Tor-friendly ones, and runs a v3 onion mirror at trocadorfyhlu27aefre5u7zri66gudtzdyelymftvr4yjwcxhfaqsid.onion. It also supports paying providers from a desktop wallet without ever touching its own infrastructure beyond the initial quote — the destination address the user sends to belongs to the underlying exchange.

FixedFloat: a single Estonian-registered exchange

FixedFloat is a direct instant exchange — there is no upstream provider. It was founded in 2018, registered in Estonia, and is one of the most-routed-to providers inside aggregators like Trocador itself. Its calling card is the Fixed-rate vs Float-rate distinction: Fixed locks the quote at the start of the swap (with a wider spread), Float lets the rate move during the transaction (tighter spread, but you may receive less if markets move against you). FixedFloat also operates a Lightning Network endpoint, making it one of the fastest BTC-LN → XMR routes when it's working.

Unlike Trocador, FixedFloat is a custodian for the duration of the swap. Funds enter its hot wallet, are converted, and are dispatched to your destination. This custody window is precisely what the February 2024 attacker exploited.

Head-to-Head Comparison

The table below summarises the live picture in early 2026. Numbers shift; methodologies don't.

Dimension	Trocador	FixedFloat
Service type	Aggregator (non-custodial)	Single exchange (custodial during swap)
KYC requirement	Varies by underlying provider (filterable)	None by default, AML triggers possible
Email requirement	Optional; varies by provider	Required for order tracking
Tor / onion mirror	Yes, official v3 onion	No official onion
Typical XMR pair spread	0.3–2% depending on provider	0.5–1.5% Float, 1–3% Fixed
Lightning support	Provider-dependent	Yes, native
Past major incident	None publicly known	Feb 2024 hot-wallet hack (~$26M)
Fund-freezing reputation	Pushes blame downstream	Documented freezes on AML triggers
Affiliate fee absorbed	Trocador takes ~0.25% from provider	Trades directly with you

The headline takeaway: Trocador wins on architecture (no custody, Tor first-class, choice), FixedFloat wins on raw speed and Lightning fluency when nothing goes wrong. The "when nothing goes wrong" caveat is doing a lot of work in that sentence.

Privacy and Surveillance Resistance

For a Monero-bound swap, the threat model isn't "will the exchange run a credit check on me?" — it's "what data does the swap leave behind?" Three categories matter.

Network-layer leaks

Trocador runs over Tor cleanly. The onion mirror works, JavaScript is minimal, and the quote API responds without exotic fingerprinting headers. You can request a quote, get an address, send your BTC, and never expose a clearnet IP to Trocador's infrastructure. The downstream provider sees a Tor exit node IP (if you also routed the BTC-side wallet through Tor), which they may or may not flag.

FixedFloat is reachable over Tor but does not advertise an onion service. Its clearnet site uses Cloudflare, which makes Tor access friction-heavy — captcha walls and 403s appear depending on circuit. For habitual Tor users, this is a tangible papercut.

Account and identity surface

Trocador asks for nothing beyond a refund address (and only some providers require even that). No mandatory email, no account, no cookie state worth speaking of. The persistent identifier in your swap is the refund address you offer in case the trade fails — a meaningful linkability vector only if you reuse it.

FixedFloat requires an email for order tracking. You can use a disposable alias, but the email becomes a stable identifier across all your FixedFloat orders, defeating one of the basic hygiene goals of using a non-KYC service in the first place.

Post-swap blockchain analysis

The Monero side of the swap inherits Monero's own privacy guarantees — RingCT, stealth address, Bulletproofs, and the upcoming FCMP++ upgrade make the receiving side opaque regardless of who routed the trade. What matters is the BTC- or USDT-side: a swap address reused across many users (FixedFloat's pattern) is a known cluster to Chainalysis and TRM. A unique address per swap (the aggregator pattern with some downstream providers) is harder to cluster but not impossible. Either way, do not send fresh-from-CEX Bitcoin into either service expecting the on-chain hop to launder taint — it won't.

Privacy isn't a service you buy from an exchange — it's a property of the cryptosystem on the receiving side. Pick the swap path that leaks the least metadata, not the one with the loudest privacy marketing.

Step-by-Step: Swapping BTC to XMR on Each

The mechanical flows are short. The discipline is in what you do around them.

Via Trocador (aggregator route)

1. Open trocador.app over Tor, or the onion mirror directly. Disable JavaScript if your wallet flow allows it; quotes still render.
2. Choose BTC as send, XMR as receive. Enter the amount you intend to swap.
3. Filter the provider list by "No KYC" and sort by privacy score, not by best rate. The 0.4% you save chasing rate is rarely worth a provider with a freeze history.
4. Paste your Monero subaddress (generated locally in Feather, Cake, or Monero GUI). Never paste an exchange deposit address as the destination — that defeats the privacy point.
5. Trocador displays the underlying provider's deposit address. Send the BTC from your own wallet, ideally one that doesn't dox a clearnet IP via its node connection.
6. Wait for confirmations. The Monero arrives directly from the underlying provider to your subaddress.

Via FixedFloat (direct route)

1. Open fixedfloat.com. Tor is possible but Cloudflare-friction-heavy; a fresh circuit usually solves the captcha.
2. Select BTC → XMR. Choose Float for a tighter spread, Fixed if you cannot afford rate slippage.
3. Paste your Monero subaddress.
4. Enter a disposable email — not your real one, not one tied to any KYC service.
5. Send BTC to the deposit address within the quote window. For Fixed-rate orders, missing the window invalidates the rate.
6. Monitor the order page. If you see an "AML check required" state, the swap has been frozen — be prepared to either provide source-of-funds documentation or wait for an automated unfreeze that may or may not come.

When Each One Actually Wins

The choice is less "which is better" and more "which fits this specific swap." Three realistic scenarios.

You are a regular MoneroSwapper user buying XMR weekly

Trocador wins decisively. The aggregator model means you are not concentrating your swap history into one custodian's logs. The no-email default means each swap is independent. The Tor support means your weekly routine doesn't build a clearnet-IP timeline of XMR purchases. MoneroSwapper's affiliate page links into the same underlying providers Trocador routes to, so you can compare flow honestly.

You need Lightning Network as the source

FixedFloat's native Lightning support is genuinely useful here. Trocador's providers that accept Lightning are fewer and rate-disadvantaged. If you are draining a Lightning wallet to lock in XMR before a price move, FixedFloat is faster end-to-end despite the custody window.

You are swapping a large amount in one go

Neither is ideal. Large amounts trigger AML on FixedFloat — the 2024 history makes the company visibly more sensitive to suspicious-volume thresholds — and Trocador's downstream providers vary in how they handle whale flow. Atomic swap protocols (BTC↔XMR via libraries like COMIT or the unstoppableswap suite) are the better answer for large one-shot conversions, with no custody risk at all.

You are operating under a hostile network

Trocador. The onion mirror is decisive. If your ISP, employer, or government actively logs DNS queries to exchange domains, the v3 onion lets you operate without lighting up a flag. FixedFloat over Tor is possible but the Cloudflare layer makes circumvention noisy.

The 2024 FixedFloat Hack in Context

The February 2024 incident matters not because hacks are unforgivable — every custodian eventually has a bad day — but because of what FixedFloat's response revealed about its operational maturity. The hot wallets that were drained held customer funds in-flight; the postmortem disclosed by the team attributed the breach to a vulnerability in the wallet management system, not a phishing-of-employee or supply chain attack. Recovery for users whose orders were mid-flight took weeks. FixedFloat resumed operations, audited its custody pipeline, and has not had a publicly disclosed repeat. By 2026 it remains widely used and broadly trusted at the user-rating level — but the architectural fact remains: a custodian can be drained, and you have no recourse if your order was the unlucky one.

Trocador, by sitting one layer up, is not exposed to that class of attack on its own infrastructure. It is exposed to the same risk in whichever downstream provider it routes you to — which is why the privacy score and KYC filter exist. The aggregator architecture distributes that risk; it doesn't eliminate it.

Fees, Spreads, and the Aggregator Discount

Headline fees are misleading on both platforms because the real cost is the spread embedded in the quote. A "0% fee" exchange that buys your Bitcoin 1.8% below market is more expensive than a "1% fee" exchange quoting at mid-market. Trocador's listed rate is the rate you receive; the affiliate cut comes out of the provider's margin, not your trade. FixedFloat's quote already includes its margin; the Fixed-rate version tacks on an additional buffer to compensate for rate-lock risk.

Empirically in early 2026, for a 0.05 BTC → XMR swap, Trocador's best-rate provider typically beats FixedFloat Fixed by 1–2.5% and ties or slightly trails FixedFloat Float depending on time of day. The Float advantage on FixedFloat erodes when network congestion delays the confirmation, because the longer the swap takes, the more rate drift bites you. Trocador's downstream provider quotes hold for the standard confirmation window most of the time.

FAQ

Is Trocador safer than FixedFloat after the 2024 hack?

"Safer" depends on what you're measuring. Trocador has no custody surface, so a Trocador-side breach cannot drain user funds — but the downstream provider it routes you to may have the same custody risk FixedFloat had. Choose a downstream provider with a clean track record and you are architecturally safer than going directly to FixedFloat. Choose a sketchy downstream provider through Trocador and you've just added a hop without reducing the risk.

Can I really swap without an email on Trocador?

Yes, for most providers Trocador lists. A handful require email and Trocador flags this in the provider card before you commit. The exchange flow only requires a refund address (in case the swap fails) and your destination Monero subaddress. No account, no cookie, no email loop.

Does FixedFloat freeze Monero swaps?

FixedFloat has documented cases of freezing swaps for AML review when the source-side Bitcoin appears flagged by their compliance tooling. The XMR side of the swap is fine — the freeze happens before conversion, on the Bitcoin entering the hot wallet. If your BTC source is clean (mined, swapped from a CEX with full KYC behind you, or fresh from an atomic swap), the risk is low. If it's tumbled or has touched a sanctioned cluster, expect friction.

Which is faster for a small BTC → XMR swap in 2026?

FixedFloat is marginally faster end-to-end if you use Lightning as the source, because Lightning confirmation is instant and FixedFloat dispatches XMR after one Monero block. Trocador's typical downstream provider waits for one BTC confirmation when using on-chain Bitcoin, adding ~10 minutes. For on-chain BTC sourced swaps, the difference is negligible.

Does using Trocador make me anonymous?

No service can grant anonymity by itself. Trocador minimises the metadata it collects and lets you route over Tor — that's a meaningful improvement over signing up to a clearnet account. But the Bitcoin you send still has a public history, the wallet you send it from has a fingerprint, and the receiving Monero subaddress is only as private as the wallet that controls it. Use a privacy-respecting wallet, route over Tor, and treat the swap as one privacy step among several.

Why does MoneroSwapper recommend specific providers?

MoneroSwapper curates routes that have a clean record on the three dimensions that actually matter for XMR users — no aggressive KYC, Tor-friendly access, and reasonable rate fidelity. The list is regularly pruned when a provider's behaviour degrades. Both Trocador and several of its downstream providers appear in MoneroSwapper's recommendations; FixedFloat appears with the 2024 incident noted, not buried.

Conclusion

If a single principle survives the comparison, it is this: aggregators distribute counterparty risk and metadata exposure, while direct exchanges concentrate both. Trocador is the structurally better fit for a privacy-first Monero workflow, especially over Tor, especially without an email, especially when you don't need Lightning. FixedFloat remains a competent direct exchange with a useful Lightning rail and a real custodial hack in its history that you should not pretend didn't happen.

For most readers of MoneroSwapper — people swapping into XMR regularly, treating each swap as an independent event, and routing through Tor — Trocador's aggregator model with a downstream provider chosen on the privacy score is the better default. Reserve FixedFloat for the specific case where its Lightning fluency or rate tightness genuinely outweighs the custody and metadata costs. And for any sum large enough that a frozen swap would actually hurt, look past both and learn atomic swaps. The technology exists; the tooling is rough but maturing; the trust model is the one Monero deserves.