White House Market is a market with a high level of security and anonymity while maintaining a simple user interface
Market PGP Keys
- 7384 F249 0795 BD86 B00E EFDC D3AE E04F C4C6 007E
- 4A37 316D 30CC FAB0 6DC4 0349 F75C 0B68 26BB 917C
- E1CD 0F51 1665 D682 AFBA 4A6D 4A55 E017 DC69 FD34
About WhiteHouse Market
- Our goal is to create a simple user experience while maintaining a high level of security and anonymity.
- Everything is written from scratch. No public market script.
- Simple, intuitive design without unnecessary bells and whistles.
- Bug Bounty program.
- Fast customer service. If we get overloaded, we will suspend registration until we get more admins/moderators or until we clear our backlog.
- The official language is English. We may also offer limited support in Spanish or French.
- Both Tor and I2P mirrors.
- No vendor bond, open for everybody. We may consider adding a bond/registration fee at some point in the future.
- No withdrawal or deposit limits.
- 5% fee for sellers, no fee for buyers. This is a flat fee for finalized orders only. No hidden fees, no deposit fees, no withdrawal fees. For high volume sellers, fee can be negotiated.
- We only accept Monero for payment. Bitcoin lacks the required privacy and some users don’t know how or neglect cleaning their coins.
- Listing prices are in USD or EUR, and the exchange is calculated when ordering. XMR to EUR/USD rates are updated periodically.
- Up to 4 pictures per listing, up to 5M picture size.
- Up to 15000 characters per listing description.
- Private listings. Can be used for custom orders/discounts to specific buyers.
- Quick listing clone/duplicate.
- Idle timeout selected at login.
- Vendor selectable auto-finalize time (5-45 days).
- Detailed logging of failed sign in attempts. You will be able to see of someone tried to sign in to your account and what credentials were wrong (password or 2fa). Logs are kept for limited time.
- Simple image-based captcha, very easy to solve for humans yet hard for bots.
- Vacation mode.
- Partial refunds, can be issued by seller or by admins in case of a dispute.
- PGP signed mirror list / market statement / canary with proof of freshness, updated at least once every 72 hours.
- Configurable, PGP encrypted jabber/xmpp notifications, for both vendors and buyers.
- For now we only support escrow. We may add multisig if many users are requesting it, but for now we want to keep things simple.
- Except for some generic administration messages, no plaintext communication is allowed. You will not be able to use this market without a PGP key.
- Withdrawal requests have to be signed with PGP. This way even if someone bypasses both your password and 2fa, they can’t steal your money without your PGP private key.
- Mandatory two factor authentication based on a list of random words.
- All messages are truly end to end encrypted, so are the attached files. Nobody except the sender and the receiver will have access to your communication, not even us. Users have to encrypt the message/attachment with the receiver’s key before sending them.
- We assume that any server can be hacked or seized eventually, so we don’t want to keep more data our servers then we need to.
What is Kept in Plaintext
- Listing information (title, description, pictures, price, shipping).
- User names.
- Sign in logs (for limited time).
- Limited order information history, including vendor, buyer, order totals.
- Limited feedback information.
- Monero deposit and withdrawal addresses (for limited time).
- Generic admin messages (for limited time).
- Message subjects (both between users and support tickets,for limited time).
- Public PGP keys.
- Jabber/XMPP addresses used for notifications.
What is kept encrypted
- Messages between users (end to end encrypted, kept for a limited time).
- Messages between users and admins (end to end encrypted, kept for a limited time).
- Support tickets (end to end encrypted, kept for a limited time).
- Message attachments (end to end encrypted, kept for a limited time).
- Order details (shipping / delivery info or notes, kept for a limited time).
- User passwords.
- Two factor authentication word list
- If a user decides to close his account, all information related to that specific user/account will be purged.
- No PGP private keys are kept on the servers.
- No Monero private keys are kept on the servers.
- Main wallet is only kept offline. Because of this, we verify/process all withdrawals in batches, within 24 hours, usually much faster.
- We take periodic backups of databases, including wallets, orders, attached files.
These measures ensure that even in the event our servers are compromised/seized:
- No plaintext messages will be recovered.
- No coins will be seized.
- The attacker can only view the wallet balance, but he will not be able to transfer any funds.
- We can be up and running in no time, and no order information will be lost.
- Dedicated onions for active, large volume users.
- Messages will be deleted soon after an order is completed or support ticket is resolved, so if you need anything in those messages save them locally, as you will not be able to access them otherwise.
- Time zone is UTC, 24 hour time format.
This list is not complete. For more info visit one of our official mirrors. We are also open to suggestions from the community, if a requested feature is reasonable, we will implement it.