Security & OpSec Protocols

Mandatory operational security guidelines for the Nexus Market ecosystem. Failure to adhere to these protocols may result in improved data leakage or loss of funds.

Current Threat Level: ELEVATED (PHISHING ACTIVE)

01. PGP Encryption (Mandatory)

"If you don't encrypt, you don't care." PGP (Pretty Good Privacy) is the backbone of darknet security. You must encrypt all sensitive data client-side (on your own device) before pasting it into any text box on the web.

  • Never use the "Auto-Encrypt" checkbox on market forms.
  • Use Kleopatra (Windows) or GPG Keychain (macOS).
  • Always verify your own public key is correctly uploaded to your profile.
  • Enable 2FA (Two-Factor Authentication) immediately upon account creation.

02. Phishing Defense & Verification

Man-in-the-Middle (MitM) attacks are sophisticated. Attackers create clones of Nexus Market that look identical but steal your credentials. The ONLY way to detect them is cryptographic verification.

The Golden Rule

Never trust a link from Reddit, Wikipedia, or random forums. Always verify the PGP signature of the .onion address against a known trusted key (e.g., from Dread).

Anti-Fraud Practice

Bookmark your verified links. If the market asks for your PIN or Mnemonic Seed immediately after login, you are on a phishing site. Close the tab immediately.

03. Identity Isolation

Your Tor identity must be completely walled off from your real life (Clearnet) identity. Cross-contamination often occurs through behavioral slips rather than technical exploits.

  • Do not reuse usernames from Steam, Reddit, Twitter, or forums.
  • Do not use the same password you use anywhere else.
  • Never discuss your location, timezone, or weather conditions.

04. Financial Hygiene

Blockchain analysis is permanent. Once a link is established between your KYC exchange account and a darknet market, it cannot be undone.

The Laundering Workflow
Exchange (KYC) Personal Wallet Nexus Market

NEVER send from Coinbase, Binance, or Kraken directly to a market. Always use an intermediary wallet (Electrum, Cake, Feather). Use Monero (XMR) whenever possible as it provides privacy by default.

05. Tor Browser Hardening

A default installation of Tor Browser is secure, but specific habits compromise it.

  • Set Security Level to "Safer" or "Safest".
  • Disable JavaScript globally if the site allows it.
  • Never install extensions/addons in Tor Browser.
  • Do not resize the browser window (fingerprinting).
  • Use a bridge if Tor is censored in your region.
  • Restart the browser regularly to clear RAM.

Ready to verify your connection?

View Verification Tutorial