Security Center
Operational Security (OpSec) is not a feature; it is a discipline. Follow these four pillars of defense to ensure your anonymity on DarkMatter Market.
Identity Isolation
Zero Contamination: Your DarkMatter identity must exist in a vacuum. Never use usernames, passwords, or handles that you have used on the clearweb, gaming forums, or other darknet markets.
Digital Fingerprinting: Do not maximize your Tor Browser window. Maximizing allows websites to determine your screen resolution, creating a unique fingerprint. Leave the window at its default size.
Cryptographic Verification
Trust No Link: Man-in-the-Middle (MitM) attacks are sophisticated. A malicious mirror looks exactly like the real site but steals your credentials.
The Protocol: Before logging in, always verify the onion address. DarkMatter Market provides a cryptographically signed message on the login page. Import our PGP key (below) and verify the signature using GPG or Kleopatra.
Operational Security
Javascript Policy: Set Tor Browser Security Level to "Safer" or "Safest". JavaScript can be used to de-anonymize users. DarkMatter works perfectly without JS.
Financial Isolation: NEVER send Monero directly from a KYC exchange (like Binance or Kraken) to the market.
- XXX Exchange -> Market (DANGEROUS)
- OK Exchange -> Local GUI Wallet -> Market
Mandatory Encryption
End-to-End: All sensitive data, especially shipping addresses, must be PGP encrypted before being pasted into the order form. Do not rely on "Auto-Encrypt" checkboxes.
2FA Activation: Enable PGP Two-Factor Authentication (2FA) immediately after account creation. This prevents account takeover even if your password is phished.
OFFICIAL DARKMATTER PUBLIC KEY
VERIFIED SIGNATUREImport this key into your PGP software. Use it to verify signed messages from the market and to encrypt communication with support.