Protocol v.2.0 Strict Compliance Required

Operational Security

The Tor network provides anonymity, but security is the user's responsibility. The following protocols are mandatory for maintaining identity isolation and ensuring the integrity of your connection to the Dark Matter infrastructure.

Critical Security Warning

Never access .onion sites with JavaScript enabled. Never use the same username across different markets. Never deposit funds directly from a centralized exchange (Coinbase, Binance) to a darknet service. Failure to adhere to these rules compromises your anonymity immediately.

01

Identity Isolation

Separation of Concerns: Your darknet identity must be completely walled off from your real-world identity ("meatspace"). Never discuss your location, age, profession, or gender.

Credential Hygiene: Do not recycle usernames or passwords used on the clearnet (Reddit, Twitter, Gaming Forums). Automated crawlers correlate usernames across the Tor network and the clear web to de-anonymize users.

Digital Fingerprinting: Do not upload images containing EXIF data. Do not share files (PDFs, Docx) created on your personal computer, as they contain author metadata.

02

PGP Encryption

The Golden Rule: "If you don't encrypt, you don't care." PGP (Pretty Good Privacy) is not optional. It is the only barrier between your data and interception.

Client-Side Only: Never use "Auto-Encrypt" checkboxes provided by websites. You must encrypt sensitive data (such as shipping addresses) on your own device using software like Kleopatra, GPG4Win, or GPG Suite before pasting it into the browser.

2FA Implementation: Enable PGP Two-Factor Authentication (2FA) on your account immediately. This prevents login even if your password is compromised via phishing.

03

Mirror Verification

Man-in-the-Middle (MitM): Attackers create fake versions of markets to steal credentials. These sites look identical to the real ones.

Signature Verification: The only way to trust a .onion link is to verify the PGP signed message from the site administration.

// Verification Workflow

  1. Import the Market's Public Key into your PGP software.
  2. Copy the signed message found on the landing page.
  3. Use "Decrypt/Verify" in your PGP tool.
  4. Confirm the output says "Good Signature".
  5. Compare the URL in the signed message to your browser bar.

Tor Configuration

  • 01.
    Security Slider Set Tor Browser security level to "Safer" or "Safest". This disables JIT compilers and harmful scripts.
  • 02.
    Window Size Never maximize the Tor Browser window. Leave it at the default size to prevent screen resolution fingerprinting.
  • 03.
    NoScript Ensure JavaScript is disabled globally. Dark Matter Onion functions without JS.

Financial Hygiene

EXCHANGE
(Coinbase/Binance)
PERSONAL WALLET
(Local Monero Node)
CLEAN
DARKNET MARKET
(Deposit Address)

Never send funds directly from an exchange to a market. Always use an intermediary wallet you control. Prefer XMR (Monero) over BTC.

Research Key

Use this key to verify messages from the Dark Matter Onion Research Group.