Protocol Documentation

Always verify the V3 onion address against the signed PGP message available on our Links page. Import our public PGP key into your keychain (GPG/Kleopatra). When you access the market login page, verify the signed message presented there. If the signature matches, the connection is secure. Never input credentials without PGP verification.

• OS: Use Tails OS or Whonix. Do not use Windows.
• Browser: Tor Browser at 'Safest' security level.
• Data: Never share your mnemonic seed. Disable Javascript.
• Communication: Encrypt all shipping addresses with the vendor's PGP key manually. Do not rely on "auto-encrypt" features.

PGP Two-Factor Authentication (2FA) ensures that even if your password is compromised via a keylogger or brute force, the attacker cannot access your account without your private PGP key. This is a critical defense layer for wallet security.

Bitcoin (BTC) is a transparent ledger; transactions can be traced by analysis firms. Monero (XMR) is private by default, utilizing RingCT and stealth addresses to completely obfuscate the sender, receiver, and amount. BlackOps Market prioritizes user privacy over convenience.

1. Buyer places order; funds move to Market Escrow Wallet.
2. Vendor ships order and marks as "Shipped".
3. Buyer receives goods and marks as "Finalized".
4. Funds are released to Vendor.

If goods are not received, the buyer can extend escrow or open a dispute before the auto-finalize timer expires (14 days physical / 48 hours digital).

FE allows vendors to receive funds immediately upon marking an order as shipped. This status is only granted to vendors with 500+ sales and >98% positive feedback. While these vendors are highly vetted, buyers forgo escrow protection on FE orders. Proceed at your own risk.

Vendor applications are open. A non-refundable bond of $500 (payable in XMR) is required to prevent spam. Established vendors from other markets (Archetyp, ASAP, etc.) may apply for a bond waiver by verifying their identity via PGP on the application page.

We utilize a rotating mirror system with End-of-Game (EoG) protection. If the main link is unreachable, use one of the official mirrors listed on the Links page. We recommend saving the mirrors list locally.

Yes. The canary is signed every 14 days with the admin PGP key. It confirms that the administration has not been compromised, no warrants have been served, and no logs have been seized. You can verify the latest canary in the footer of the market homepage.