Technical Knowledge Base

The network utilizes Tor V3 hidden services to anonymize server locations. Traffic is routed through multiple nodes (relays), encrypting data at each step to prevent IP leaks and traffic analysis. The .onion address is a hash of the public key, ensuring that only the holder of the private key can host the hidden service.

Hidden services may experience downtime due to Distributed Denial of Service (DDoS) attacks, Tor network congestion, or scheduled server maintenance to rotate cryptographic keys. The decentralized nature of Tor means that route creation can fail even if the server is operational.

Access requires a browser capable of resolving .onion domains, typically the Tor Browser. Security settings are usually recommended to be set to 'Safer' or 'Safest' (disabling JavaScript) to mitigate browser fingerprinting and potential XSS vulnerabilities.

Authentic mirrors are cryptographically signed using the market's official PGP private key. Users verify the signature against the known public key to ensure the mirror has not been tampered with or replaced by a malicious phishing proxy.

PGP (Pretty Good Privacy) is fundamental for identity verification and encryption. It is used for Two-Factor Authentication (2FA), encrypting communication between entities (vendors and buyers), and verifying the authenticity of market mirrors and administrative announcements.

During login, the server generates a random alphanumeric string encrypted with the user's registered PGP public key. To proceed, the user must decrypt this string using their private key and return the plaintext to the server, proving ownership of the key pair.

Data is typically encrypted using AES-256 for storage at rest and RSA-2048 or higher for asymmetric communication. Order details and messages are stored in ciphertext format, ensuring they are accessible only by the recipient's private key and not by the server administrators in plaintext.

Users are assigned a unique image or phrase (mnemonic) upon registration or in account settings. This identifier is displayed on the login page before credentials are entered. If the mnemonic is missing or incorrect, it indicates the user is on a phishing replica site.

Escrow holds funds in a neutral market wallet until the buyer confirms receipt of the digital goods or the finalize timer expires. This prevents one party from absconding with funds without fulfilling obligations. Dispute resolution is available if the transaction is contested.

The platform generates a unique subaddress for each deposit to maintain privacy. The system scans the Monero blockchain for transactions matching the private view key. Deposits typically require 10 confirmations on the Monero network before the balance is credited to the account.

Market analysis indicates that vendors are required to pay a non-refundable bond (historically ranged between $200-$1000 USD equivalent in crypto) to deter spam and low-quality listings. Established vendors from other markets may receive bond waivers upon PGP verification.

If a buyer does not dispute an order within a set timeframe (typically 7-14 days depending on the item type) after it is marked as shipped, the funds are automatically released to the vendor. This prevents funds from being indefinitely locked in escrow due to buyer inactivity.

Upon account creation, a seed phrase (mnemonic) is provided. This phrase is the only cryptographic method to reset a password or PIN if credentials are lost, as no email recovery exists. Losing this mnemonic results in permanent loss of account access.

Repeated failures often stem from Tor circuit latency, clock synchronization issues on the client device, or case-sensitivity errors in the input. Rotating the Tor identity (New Identity) or disabling certain browser extensions can often resolve the issue.