Technical Knowledge Base

Access requires the utilization of the Tor (The Onion Router) network protocols. Standard web browsers cannot resolve .onion top-level domains. The infrastructure relies on hidden services (v3 onion addresses) to maintain anonymity and decentralization.

The network employs a rotating mirror system where multiple entry nodes are distributed across the Tor network. If a specific .onion address experiences high latency or a Distributed Denial of Service (DDoS) attack, traffic is automatically rerouted or users are directed to alternative signed mirrors to maintain uptime.

Due to the multi-hop nature of onion routing (Entry Guard → Middle Relay → Exit/Rendezvous), latency typically ranges between 200ms and 800ms. Variations depend on the current load of the Tor network and the physical distance of the selected circuit nodes.

All official communication and mirror links are signed using PGP (Pretty Good Privacy) with RSA-4096 bit encryption keys. This cryptographic signature allows researchers to verify that a specific URL originates from the established administrative keypair and has not been tampered with.

The 2FA implementation utilizes PGP encryption. During login, the server encrypts a unique challenge string using the user's public PGP key. The user must decrypt this message using their private key and return the correct string to authenticate the session.

For security analysis within the Tor network, the 'Safest' security level is standard. This disables JavaScript, which prevents potential browser fingerprinting and reduces the attack surface for malicious scripts that could de-anonymize the connection.

No. To maintain strict isolation and prevent IP leaks, all resources (CSS, images, fonts) are hosted locally within the hidden service container. No connections are made to external Clearnet Content Delivery Networks (CDNs).

The Escrow system acts as a neutral intermediary holding funds in a multi-signature wallet. Funds are only released to the counterparty once the transaction is finalized or the finalized timer expires. In disputes, a moderator key is required to release funds.

Smart contracts within the market infrastructure include an auto-finalization timer. If a user does not dispute a transaction within a set window (typically 7-14 days depending on the item class), the funds in escrow are automatically released to the counterparty.

The infrastructure supports Bitcoin (BTC) and Monero (XMR). Monero is preferred for research due to its ring signature privacy features. Each deposit generates a unique sub-address to prevent blockchain analysis linking multiple transactions to a single identity.

High-difficulty graphical captchas are a defense mechanism against automated bots and scraping scripts. They regulate request rates to the hidden service, ensuring resources remain available for human traffic during periods of network congestion.

Upon account creation, a mnemonic seed phrase is generated locally. This cryptographic seed is the only method to recover account access if passwords or PGP keys are lost. Due to the decentralized nature of the database, administrative password resets are technically impossible without this phrase.