Tormarket is a simple darknet market created to make trading less risky than using the large well known darknet markets.
Tor Market Mirrors
Tor Market PGP Key
705B 8D46 BD9C 254E B50D ABE4 B66A 7541 077E CC76
Taken from here and available here in .txt format.
-----BEGIN PGP PUBLIC KEY BLOCK----- mQENBFqt1vQBCADWTKL8MIXrVY3rujzqwyDpl//iXEIAo5ScLAWXm2jGgw/n7iNC m787vVvDh4OkwG676E2Mk61pVo8JoAikmNvctwXJ7qMfsSAbrhUGn8W5XopxCOHX filYarVkO4Lifwg4WhN9EvGHc7EOydxqtLz/XsUewIdIeZ4dcc4g/ArJ+DY7OT3K TG6AN5mPfGgR0FOiDtwsoPUpLovdjdL6mLB2Rzf0VVntu2NNlsZhJJdMsFKj9n+t rWMxyajHGEgGA7xrxjdngdliuBNMuygDyeL7P+2rkbUm5wsVO0j/7B2oo7BaUmot HYc/RFB8LEFBEq64yLq5b8V3VqWC7aZiJq5fABEBAAG0CXRvcm1hcmtldIkBOAQT AQIAIgUCWq3W9AIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQtmp1QQd+ zHZG3QgAog2hIn5YAA7b7dqm/EbcI+U7hIyDVTeVoasrOhRJc4uSL16bqoRqjzYk Nfum0nTGTdB5dNKmircTKhsmpojYnkpISSGf5ZtowwkES/SVRpmLiXdLuFYyu3RA qeY7xvgHWFGl6lmHDu4D9VNPJ+A3FOQiGsXCMXj7pZa8wZk1rjCLGWYK//onI4co XEMi0Gy3ZncH710BH2IQiuZVJPIBuc8qrKPLPzs+5Lyc1pXcFOcVcDUTLF19Q6ow gEUf0TBpynyHbIgMn/nggAQ81QSfGBqJvKay5ft9eXwAZMcQaLaNb14f5wsydfwO 2C9RVnmuKrVLWVj/2hS2EKkSddvPh7kBDQRardb0AQgAmFgK/1ybC+rKNl0pVOGK U+8Xfha9YFXEVa0Q5bR9rRWUNQZVbV0IPJyuJzkJo2Fw7fUpp9D/HISOISve8GOK zkpS3roS3WKN2a5CakFs3EurfutnoxNwlE3u/d0JiIVm7krt/3p1ctE3oM3HCGK2 Xe37nBgVNwadjRFs+ZdQZuPYwuISDXB68jPjbvHoxf30mZFJMTxbzRz8+opng7gs UhTzBN9VDdkhuuivnvTPMeCQuUeWnyq31rtE/v2q1NTf8CtLrKLXuauoWZq1vZYv sKKGFH2glmEUDftcmOWsH9JqlHl4t81nU8dpS04N5bcSgWAHs7wXl4fqj5RcRiTC QQARAQABiQEfBBgBAgAJBQJardb0AhsMAAoJELZqdUEHfsx2/lwH/RHau4gHAlt4 LKcxwKeNBsgGl5sUe/uJrrKYgcVG2EboCsNGA458oyUouIpa2b94mRS5t5QHHnmH gD9oRGiDKGkxUEJxJ4Uz0VxnS8ZuxtyXtGO7RCtgxYrZCUlUMOdL8m7dzFSXPAY4 aFEFzlk5Q2OQnFMH1Ljq2zWdWq9vXaZtV8TrRaKnZhWJX2TVJWunStxIftWC+JqY UZx0Er6D7ugpbZLh+qC/vie33LepFLeCXW0kwndymykG806keDJepVyuMQDCu/eP SCVVep8piVvK33Fk0jgo1SiVSy2qRb/rh8erlSoB9qZj+7B+74Q75D+LnZBFw6/j /cH/qMJdHuc= =8MrZ -----END PGP PUBLIC KEY BLOCK-----
Tormarket is a simple darknet market created to make trading less risky than using the large well known darknet markets. History has shown that the larger a market website grows, the more headwinds it faces to continue operation. When they eventually fail, users often lose a lot of money. The goal of this site is to maintain stability and uptime for the long term.
Many past darknet markets have implemented their wallets live, accessible to the web server so once hacked it is impossible for them to recover. This site implements the wallet and payment systems in a separate location isolated over the TOR network.
The market is basically a collection of independent vendor shops on the same platform for efficiency. But with the advantage of a mediator to step in and help if something goes wrong with the agreement between buyer and seller. The buyer is provided with information about sellers in profile pages and reviews to help guide their decision on who to trade with. It is important that they choose reputable sellers because disputes may not always be settled fairly.
Tormarket is free for anyone to create a buyer account. To become a vendor a bond payment of $200 is required.
Some features of the market are: 2FA login, no-escrow available for some vendors, paying for multiple orders with one payment, product cloning, stock quantity management, very simple order process, feedback system.
The website operator provides an escrow service and dispute resolution so vendors receive funds after buyers have finalized their orders.
The security of funds is top priority and is achieved by separating the wallet from the web server. The web server has no way to contact the wallet or even know its location.
Bitcoin, Litecoin, Zcash are the only supported payment methods. Vendors set the payment methods they accept on each product. Payments by the market to users are always made in the same currency that the order was paid with.
Read more about the technical differences here.
There is only one software implementation of Zcash that supports shielded transactions, called zcashd. zcashd is a full node and stores the entire blockchain - about 25GB. Desktop wallets ZECwallet and Zepio are graphical frontends to zcashd.
An order becomes paid after payment has sufficient blockchain confirmations. Bitcoin payments need 3 confirmations. Litecoin needs 10. Zcash needs 18.
How to avoid your account being hacked
Bookmark this website and always use the bookmark for future access. If you use links provided by someone else, such as on a forum or wiki, they may be links to a fake (phishing) site which looks identical to this site but its sole purpose is to steal your login credentials. If you follow this rule, it is unlikely your account will ever be hacked because your login username is secret. This means brute forcing passwords isn’t feasible without knowing the username.
There is an option to enable PGP two factor authentication (2FA). This will require you to decrypt a random string of characters every time you login and when you make account settings changes. In addition to enabling PGP 2FA, logging out (Logout link) after use can also make the account more secure.
Order states change based on events like payment being received. Some states change automatically such as paid or expired states. Other states such as shipped, finalized are manually set by the vendor, customer or administrator.
This diagram shows all possible state transitions of an order.
When an order is in one of the finalized states, there is no way to reverse the process or make any changes. Funds will have been paid out already and the market is no longer be involved. So if problems with the trade remain, the buyer and seller must resolve it themselves.
All orders have an attribute named delivered which should be updated by the customer when their package arrives. For escrow orders it can be updated at the same time as finalizing. For no-escrow orders, click the Delivered button to update it. The delivered attribute has no effect on payments. It is only for informational purposes and helping detect problems with vendors.
You will need to create a new account to send a support message. Passwords can be reset by the administrator if proof of PGP key ownership provided. If you have lost your password and PGP key then it may be possible to prove account ownership by showing you control bitcoin addresses associated with the account. No other information can prove account ownership, no exceptions. This rule is so all users and vendors in particular can be assured that their accounts are safe from social engineering attacks that aim to take ownership of their identity and funds. There exist phishing proxies built to impersonate TorMarket which can obtain passwords and all account details.
Proving identity using bitcoin. Locate in your wallet the change address or the address spent when paying for an order. If one is empty (no funds) then provide the private key. If they still hold funds, send a few satoshis from that specific address (utxo) to the order address and this will prove you control that wallet.
It is safe to leave feedback because the system hides the identity of who left the feedback and also what other products that customer purchased. Only the vendor knows which customer left the feedback.
The buyer usernames displayed in feedback are hashes but additional data (salt) is added to the hash input which differs for each vendor. So the buyers hashed username is different for every different product they leave feedback on. This means that a vendor who has received feedback from a customer, cannot determine all the other vendors that the customer purchased from by looking at feedbacks of other vendors.
Market rules and policies
Product listings must be medications, drugs and drug paraphernalia.
No fentanyl or its analogs.
No fake drugs or inaccurate descriptions.
No shipping to USA.
No impersonating other vendors. Avoid similar vendor names.
Do not deceive other users of the system.
Do not program automated requests without asking permission first.
Personal information in messages, orders, and support tickets must be encrypted with PGP. This includes tracking numbers, and address details.
If a vendor does not visit this site for 7 days and not in vacation mode, their products listings may be automatically disabled.
The administrator may remove product listings and disable accounts to enforce these rules.
Payments owing to buyers from refunds, expired, or declined orders will be held for 21 days waiting for buyer to enter the wallet address. After 21 days the funds may be removed from the system.
Russian vendors can request a lower commission rate of 3.5%.
Do not create orders that are left deliberately unpaid.
When you receive your package, promptly Finalize to expedite vendor receiving their payment.
Do not send spam messages to vendors. Messages should be product related.
Feedback left on an order should be specific to that order. Therefore you should not alter historical feedback from good to bad based on a newer order.
New vendors go through a trial period to assess their suitability on this market and if there are multiple customer complaints their ability to sell and the bond can be revoked. This rule applies even when the vendor is not deliberately scamming, ie they could be ignoring orders and causing problems in other ways.
No doxxing customer information.
Vendors must not ask buyers to finalize early unless their account has been given permission to create no-escrow products.
Shipping information such as time between order being placed and expected shipping date must be clearly described in the product listing or vendor profile.
Vendors must not set status to shipped prior to day of shipping.
When accepting an order, the vendor is confirming that they can fulfil the order and delivery details could be decrypted, and shipping options are correct.
When you have products available for sale, you need to login every 4 days to avoid orders being withdrawn by the customer.
Only make products available for sale if you have the product ready to ship. Occasionally you may sell out elsewhere so can’t fulfill an order. Vendors who decline orders are reviewed and may loose vendor status if it happens without good reason.
The vendor must respond to a customers refund request in the form of Tor Market messaging and maintain consistent communication until the issue is resolved otherwise escrow funds will be paid to the buyer.
When vendors are out of stock for an extended time they should hide the product listing to keep the site uncluttered. Please try to minimize products showing that are not purchasable.
Only one product listing per product is necessary. You can clone products and have duplicate products for custom orders only.
No advertising for direct deals or listing products that are advertisements for another website.
Asking users to communicate directly with you (ie wickr) is deemed suspicious because scammers typically use this technique. Keep communication on the market because if any disputes occur they will be resolved easier.
There are no fees for buyer accounts. Vendors pay a commission on their sales.
Each product purchase results in a separate order and each order has a unique bitcoin (or litecoin) address. The usual method of payment is to pay each orders bitcoin address. There is no shopping cart. When bitcoin transaction fees are high, paying for multiple orders can be expensive. If you have multiple orders to pay, it is best to use a wallet that supports paying multiple bitcoin addresses in one transaction. This is called payment batching and will allow you to pay less in bitcoin transaction fees.
Also a Tormarket feature called multipay allows you to pay for two or more orders by paying a single bitcoin address. This is cheaper than using payment batching. To use multipay, first create a set of two or more unpaid orders. Now at the top of the order list, a button will show ‘Multipay using bitcoin’ and clicking this will show instructions on how to pay all your unpaid orders with one payment. Basically, it sums the total owing of all payment pending orders. If this total is paid to the bitcoin address of the oldest payment pending order the server will change all those orders to paid. Read the instructions after clicking multipay because you must do exactly what the instructions say otherwise it will not work. Using multipay will increase the buyers privacy if they are buying from multiple vendors - it means the vendors will not be able to identify the payment transaction on blockchain.
Signed payment addresses
The payment address you see on an order is unique and will not exist yet on the blockchain. The order shows you a PGP signature of the order address. Buyers should verify the PGP signature is valid and signed by tormarket key. Provided the signature is valid you can be sure your funds are being sent to the correct wallet and not an address belonging to a hacker or scammer.
Expired, under-paid and over-paid orders
There is a 24 hour payment window. This allows you to lock in a price at order creation, then have enough time to ensure payment confirms on blockchain. If payment is received after the payment window expires, your order will be set to state expired.
When orders are under-paid they will also become expired. If you have under-paid, then make additional payments to the same order address to cover the order price. There is no problem if you over-pay an order, but once status is paid you cannot be refunded any overpayment unless the vendor declines the order.
Vendors cannot process expired orders without administrator intervention. Ensure your payment transaction has a sufficient fee to allow it to confirm on the blockchain before the order expires. Some wallets have RBF (BIP125) support which allows the payment to be sent again with a higher fee to speed up confirmation.
If you are manually choosing the fee to use on your bitcoin transactions then this site is helpful http://core.jochen-hoenicke.de/queue.
Expired orders will be refunded to the buyer. However, it is possible for the administrator to change expired orders to status paid which would allow the vendor to process the order. This is preferable to refunding the order. If the buyer and vendor agree to this change, they should both send a support message requesting the order be changed to paid.
Encrypted postal addresses
It is strongly recommended to use PGP to send postal address details. Other darknet markets have been compromised and customer postal details exposed because the customer did not encrypt their address. If you don’t want to install PGP then there are web based alternatives for encrypting messages but those sites may record what you encrypt. ie https://sela.io/pgp/
The address field can be left empty when ordering products such as ebooks or when you have already given the vendor your address.
Old orders and deleted orders will have the address field deleted from the database to further increase privacy.
Orders autofinalize one week after they are shipped to ensure vendors receive payment when the buyer forgets to finalize the order. The Extend autofinalize button will delay autofinalizing when you are still waiting to receive the product. This option appears in the three days leading up to the autofinalize date.
Finalizing before receiving the product bypasses escrow and there is no way to be refunded.
No escrow orders
Some vendors who have established a good reputation may list products having no-escrow or finalize early requirements. “Escrow: no” will show on the product listing and once paid, funds are allocated immediately to the vendor instead of being held until you finalize. Vendors do this so they receive payment faster but the disadvantage is the market cannot mediate conditions of sale.
When you receive a no-escrow order, click Delivered button so the vendor and market can keep track of undelivered packages.
When the order status is changed to “refund requested”, then the vendor must approve the amount and a payment will be scheduled.
To specify a refund address once order is “admin finalized” or “refund finalized”, view the order details and look for a button that allows entering the refund address. Refunds will be paid out same day or on the day after you specify the address. Payments occur at a random time.
To contact a vendor, visit their profile and click “Send message”.
Here is a list of all vendors.
Vendor accounts cannot make purchases. This is to prevent de-anonymisation of vendors.
Vendor account creation and bonds
Register a new account with no purchase history - there is a reason markets keep buyer and vendor account separate. With the new account, purchase the bond. Once bond is paid, your account will change to vendor type within ten minutes. The bond is refundable (in bitcoin) after six months from the purchase date if a good sales history is established. To be eligible for the refund, the account must have generated some sales. The bond is to dissuade the vendor trying to scam customers and the bond may be forfeited for breaking the rules. Record the details of the bond payment because when the account is changed to vendor type the bond purchase order will no longer be visible.
Commission is 5% of the funds paid to an order. The only other fee is the withdrawal fee which is currently 0 BTC.
Stock available must be specified on each product. When orders become paid then the product stock value is reduced automatically until the product listing changes to sold out.
Disabling sales can be done three different ways.
Vacation mode will disable sales of all products. A product stock value can be changed to 0. A product can be set to disabled. It will still show in product lists but customers cannot purchase it.
Hidden products are only accessible to someone that knows their URL and do not show in product listings.
When taking photos for product listings, do not use your everyday phone. Use a dedicated phone/camera. This protects against correlating sets of images taken by the same camera that are publicly accessible on sites such as Facebook.
No escrow products are those which have the no escrow setting enabled. Vendor accounts are manually given permission to use this feature if they have a good history. Without permission, the no escrow setting will appear disabled.
When the order is finalized by the customer, you need to click Set address on the order view to specify your wallet address for receiving payment. To automate this, you can specify your wallet address in account settings, then you will be paid automatically.
Payments from finalized orders will be processed at least once per day at a random time. In account settings you specify which days you would like to receive payment. If multiple orders have been finalized the amounts owing are summed and you will receive a single payment.
A network fee will be deducted from your payment but it is usually a very small amount if not zero. The network fee will show in the navigation bar for vendor accounts (if the fee is not zero). The network fee only changes on Monday, then remains constant for the week.
When the withdrawal fee is cheap you will likely want payments sent every day. But when the fee is high you can save money by receiving your payments less frequently. For example, setting the schedule to Sunday only will result in a single payment on Sunday of all bitcoin owing to you from finalized orders, with the withdrawal fee deducted from the payment. The withdrawal fee and payout schedule was implemented as a result of the very high bitcoin transaction fees of December 2017 when transactions cost over $20 in miner fees.
Another advantage of receiving your payments less frequently is your wallet will be cleaner and have less UTXOs. This means when you eventually spend from your wallet, the transaction sizes will be smaller so you will pay less in bitcoin fees.
After the payments are broadcast by Tormarket, you can expect a confirmation on the blockchain within 24 hours. You can see the transaction id of your payment on the order view or the Payment history page. To ensure a confirmation in that time frame, payments may be re-broadcast with a higher fee. Some wallets allow spending unconfirmed payments (CPFP) and that could be an option for you if the blockchain is congested and you want to use the funds without waiting.
When customers over-pay an order, the vendor will receive the over-payment, less commission calculated on the paid amount.
All order payments for every vendor go into the escrow wallet and payments are generally paid out from this same wallet. The source bitcoin addresses of your payment are selected by the wallet algorithm and will be addresses from other orders placed on the system.
Disputes and refunds
When the customer wants a refund, the vendor and the customer try to resolve the issue. ie re-ship, return goods, partial or full refund. The customer can change the refund amount they request. When it is something both parties agree on, the vendor can accept the refund amount and funds are paid out. Or the buyer can cancel the refund request and finalize.
If no agreement is reached, the market decides how to distribute the money in escrow. In the case that the vendor has ignored a refund request, the market may approve the customers refund after 7 days. The vendor must respond to the customers refund request in the form of Tor Market messaging and maintain consistent communication until the issue is resolved.
The archive button simply removes the order from the order list and you need to click the Show Archived button to see it. An archived order can be moved back again to the main order list page by Unarchiving it. This can be helpful to keep track of which orders need attention. ie Shipped orders can be archived so the order list only shows orders that need processing.
There is an alternate URL available http://alias1.tt2mopgckifmberr.onion. This allows you to log in with two different accounts simultaneously using the same browser. Use a different URL for each account such as a buyer and vendor account.
Should vendors mix their payments from orders? If you need to spend the funds and that process reveals your true identity, you may want to mix the funds first.
Buyers can see funds being paid out to vendors by watching the blockchain. Mixing is the process of making it too difficult to use blockchain analysis alone to follow the funds.
In the first step of being paid by Tormarket, you can mix the funds a little by reducing the frequency of your payment schedule. When paid once a week for example it will be harder for the buyer to see which payment out of the Tormarket wallet was to you.
The cheapest and less risky way is to self mix (rather than using an anonymous service) but the process is time consuming. This is done by holding accounts on several websites that allow bitcoin transfer in and out such as localbitcoins or other exchanges. Using TOR or a proxy when using the websites means no site will know the user identity. Funds are sent through a chain of wallets. The wallets can be any online service that allows you to store bitcoin such as localbitcoins, exchanges, Bitpay etc.
ie PC wallet => online wallet 1 => online wallet 2 => online wallet 3 => PC wallet 2
This is analogous to having multiple bank accounts with anonymous identities. As the funds flow through the chain of accounts it becomes very hard to trace without co-operation from all the companies to provide their log files of transactions in and out. The more wallets in the chain the harder is it for someone to get all the logs. Using geographically diverse websites will help more (ie China, Russia, Venezuela) because no juristiction has authority everywhere. You would need to vary the amounts throughout the process.
Other methods can be used such as coinjoin algorithm which is implemented in the Wasabi wallet and JoinMarket wallet.
The majority of the order processing code has been in use since Sept 2015 and is well tested. As a multi-vendor market it has been running since early 2018.
The architecture consists basically of two separate systems.
The public system running the market web server and TOR has no bitcoin private keys stored. It only holds a list of payment address strings in the database. The market server provides an API for retrieving data about payments owing. An isolated payment server running the private bitcoin wallet(s) , locked down with minimal software installed. It only runs a wallet process, TOR and an application to process payments from data retrieved via the market API. It connects out to the market web server API over the TOR network. This helps to conceal the location of the bitcoin wallet so even the market webserver can never access the payment server.
With Tor .onion addresses, https is not necessary because Tor ensures you are connected with the real authenic website and not a fake one. Tor also handles end to end encryption between this website and your Tor Browser to keep communication private. Traffic never leaves the encrypted Tor network. Provided you enter the .onion URL correctly Tor will take care of network security and privacy for you.
Theft of escrow funds would be extremely difficult because the public server doesn’t store bitcoin. A hacker would need to modify the database to have their own bitcoin addresses so payments go to the wrong recipient. Any database tampering would likely be detected by the scripts on the payment server that process payments.
Periodically the escrow funds are replaced with fresh coins from Chaumian CoinJoin. This means that anyone who has paid into the wallet so they can analyse it, will have a limited window in time between their payment and when all the funds are replaced, to follow transactions. Then the trail stops and it’s like a new wallet was started.
The web server does not hold any PGP private keys. This means PGP encrypted messages in the database can’t be decrypted, even if a full copy of the server is obtained.
The web server (and all systems used in maintaining and administering tormarket) have full disk encryption and use the most secure open source operation systems (not Windows, or Apple).
All network access to the web server is through TOR and includes additional hops though other networks in addition to TOR. The server does not send email or make any contact to the internet other than DNS, software updates and TOR access. This means that network traces of the server do not reveal any users or operators of the server.
Session data (cookies) are all stored client side, signed and encrypted. No session data is stored on the server. This gives speed improvements and additional security because database leaks cannot reveal session tokens.
Crypto currencies technical
Litecoin and Zcash were added because their network transaction fees are cheaper than Bitcoin. At times the Bitcoin network can be too slow and expensive so alternatives are needed. Both of these currencies are clones of the bitcoin source code which makes it easier for vendors and customers to learn about their use. Compared to Bitcoin, they are riskier to hold funds in and their main advantages are as fast, cheap transactional currencies, not long term stores of value.
Zcash has very good privacy. No other crypto-currency has better privacy than Zcash, hiding both transaction amounts and addresses. With Bitcoin, to make some details of a transaction private requires building a special type of transaction called a Coinjoin. This requires specialized software that coordinates with other users contributing to the transaction. Using Zcash is much better alternative to Bitcoin coinjoins in terms of privacy.
Although Litecoin and Zcash offer many advantages over Bitcoin, they are not decentralized in the same way Bitcoin is. Decentralization is what protects against censorship and theft of funds by government.
Monero may be added in future. Its privacy features allow hiding amounts transferred, and obscuring inputs to transactions by adding additional dummy inputs. It achieves better privacy than Bitcoin but not as private as Zcash.
There is no support for bitcoin multi-signature addresses because it is difficult and time consuming for most buyers to use.
In summary, Bitcoin is the best way to safely store value. Other crypto-currencies can offer cheaper transaction fees and privacy features but it is advisable to exchange them for Bitcoin instead of holding them.
If you have any questions please send a support message.