Operational Security Documentation

Security & OpSec Guide

Welcome to the mandatory protocols for safe navigation of the DarkMatter Market Onion ecosystem. Mistakes in operational security can permanently compromise your infrastructure and identity. The guidelines contained within this manual are non-negotiable standards for engaging with decentralized networks.

1. Identity Isolation

Absolute compartmentalization is the foundation of operational security. You must never mix real-life identity markers with your Tor identity. Any crossover provides a statistical vector for deanonymization.

  • Zero Reuse: Do not use reuse usernames, passwords, or variations of monikers from clearnet platforms or previous market accounts.
  • Data Blackout: Warning against giving out personal contact info, local landmarks, weather patterns, or operational timetables in communications.
  • Hardware Separation: Where possible, utilize dedicated, encrypted hardware exclusively for darknet operations, operating on a hardened OS like Tails or Whonix.

2. Routing Defense & Verification

The darknet is hostile by default. "Man-in-the-Middle" (MITM) attacks are deployed continuously by malicious actors setting up spoofed access nodes that silently harvest credentials.

MANDATORY PROTOCOL:

Verifying the PGP signature of the onion link against the market's known public key is the ONLY cryptographically sound way to be sure you are not being intercepted.

  • Do not trust routing links from random wikis, social media forums, or clearnet aggregators.
  • Always retain your own verified list of mirrors (e.g., darkmmulnqwpmxaszs7l2wauxqepsl463bbqlwsxetter62m2br47mid.onion).
  • Enable 2FA (Two-Factor Authentication) via PGP on your market account immediately upon creation.

3. Tor Browser Hardening

The standard configuration of the Tor Browser requires modification to survive advanced network analysis. Your local client must be fortified against exploit attempts.

  • Security Level: Always set the Tor Browser security slider to "Safer" or "Safest". This disables risky web features inherently.
  • NoScript: Disable JavaScript where possible. Malicious scripts can break sandbox environments and reveal your true IP address.
  • Viewport Protection: Never resize the Tor Browser window from its default launch state. Resizing allows entities to deploy window fingerprinting protection bypasses based on your specific monitor resolution.

4. Financial Hygiene

Cryptocurrency ledgers are mostly transparent. Transferring funds incorrectly will directly link your real identity (via KYC) to darknet activity.

  • Exchange Blacklist: Never send Bitcoin directly from an exchange (Coinbase, Binance, Kraken) to DarkMatter Market or any darknet infrastructure.
  • Intermediary Wallets: Always route funds through an intermediary personal wallet (such as Electrum for BTC or the official Monero GUI) that you control the private keys for.
  • Monero Standard: We heavily recommended the use of Monero (XMR) over Bitcoin (BTC) for privacy. XMR obscures the sender, receiver, and amount by default.

5. PGP Encryption (The Golden Rule)

"If you don't encrypt, you don't care."

Relying on marketplace infrastructure to handle your encryption is a critical failure. If a market server is seized or compromised, unencrypted data becomes evidence.

  • Client-Side Only: All sensitive data, communications, and shipping addresses must be encrypted client-side (on your own computer using Kleopatra/Gpg4win) BEFORE pasting into the site.
  • No Auto-Encrypt: Never use the "Auto-Encrypt" checkbox on a marketplace website. Server-side encryption is fundamentally unsafe.
  • Key Management: Store your private PGP keys securely. Losing your key means losing access to your 2FA-protected accounts irreversibly.