Signing up is a cinch. We don’t make you waste your time just to be able to get inside the market. You only need four pieces of info and roughly a quarter minute of time. Everything else can be added later. Simply go to the registration page and fill in a username, password, and your withdrawal PIN. After that, inspect the anti-phishing protection we have in place (more on that later), fill out the captcha, and you’re done! All other security features can be enabled on your profile.
How to Sign Up
First you need to visit one of SamSara Market’s official mirror addresses to sign up. They can be found below.samsaraccrn2jmin.onion
Captchas are case sensitive. The captcha text is 5 characters long. Notice the link you are on is also watermarked on the captcha itself, so please check that it matches. Again, to reiterate, the captcha is case-sensitive. Let us see what this means by way of example:
Look above the captcha and you will see something new. It is one of our anti-phishing prevention measures.
The “arms race” between users and dark markets versus the operators of phishing sites (who actively steal the users' deposits), seems to have escalated somewhat as of late. Naturally, our team set about to fix this. Historically, the main problem has been that the average user did not use 2FA. Unfortunately, the man-in-the-middle proxy sites currently plaguing the markets can cause users to have their money stolen even with 2FA. This proxy rewrites all of the deposit addresses and URLs that it encounters.
Some markets have taken to putting the URL (that the phishing proxy is contacting behind the scenes) into the second-factor PGP message that the user decrypts. Unfortunately, this doesn’t affect anything because the users who are diligent about logging in with PGP are the same users who are actually PGP-verifying their links in the first place. While we encourage everyone to learn and make use of PGP, we want everyone to be better protected, whether they know how to use a certain cryptographic protocol or not. Therefore, we have implemented some anti-phishing protection measures that you will see in use across the site. Their proxies will be unable to rewrite the phishing protections feature without breaking the site. Of course it would be great if we didn’t need to implement all of this and everyone would learn to utilize PGP to verify their site and Bitcoin addresses. Regrettably, however, history has shown this to be an unrealistic expectation.
We believe it is certainly the responsibility of each person to look out for their own safety and best interests. That having been said, likewise a market itself feels responsibility towards its users. So we must do what we can to solve (or at the very least, improve) some of these issues. Elsewise, when people get their money stolen it makes the whole market scene less attractive, driving people back to the streets—away from the ‘peer review’ quality-control and harm-reduction benefits of the markets. It is another step backward on the road to being “just like Amazon” in terms of convenience and safety. One of our goals with this endeavor is to cause those want to phish our users to have to sink extraordinary amounts of time, energy, and effort if they wish to creatively circumvent our security features. We hope this makes all of our legitimate users have a safer trading experience.