Technical Knowledge Base

The infrastructure operates exclusively on Tor V3 Onion Services. Unlike the deprecated V2 addresses, V3 addresses are 56 characters long and use ed25519 elliptic curve cryptography for key generation. This protocol ensures that the server's location remains hidden by routing traffic through a series of volunteer-operated relays before reaching the destination.

Accessibility issues are often attributed to two main factors:

• DDoS Attacks: Malicious actors flood the network entry nodes with traffic, causing congestion.
• Network Consensus: The Tor network requires time to propagate descriptor updates when a hidden service changes its introduction points.

Standard web browsers cannot resolve the .onion Top Level Domain (TLD). Access requires a specialized browser capable of routing traffic through the Tor network, typically the Tor Browser (based on Firefox). Researchers analyze these links in isolated environments to prevent IP leaks.

Two-Factor Authentication (2FA) via PGP involves the server encrypting a unique, random string (nonce) using the user's public PGP key. The user must then decrypt this message using their private key and return the string to the server. This proves identity ownership without transmitting passwords, mitigating the risk of credential interception.

To combat "Man-in-the-Middle" attacks where malicious actors create look-alike sites to harvest credentials, TorZon administrators cryptographically sign their mirror URLs. Users can verify these signatures against the market's known public key. If the signature is valid, the URL is confirmed to be generated by the legitimate private key holder.

Yes. The architecture avoids storing personal data such as email addresses. Upon account creation, a mnemonic seed phrase is generated. This phrase is the cryptographic key to the account. Without it, administrative support cannot verify ownership or reset credentials.

The escrow system acts as a trustless intermediary. When an order is placed, funds are moved from the user's wallet to a holding address. The funds remain locked until the buyer confirms the order is finalized or an auto-finalization timer expires. If a dispute occurs, a moderator holds the decryption key to release funds to the correct party.

The infrastructure primarily supports Monero (XMR) due to its opaque blockchain, which obscures sender, receiver, and amount data. Bitcoin (BTC) is also supported, typically integrated with mixing or coinjoin implementations to break the transaction graph analysis.

Auto-finalization is a protocol designed to protect vendors from unresponsive buyers. If an order is marked as shipped and the buyer does not dispute or finalize the order within a set timeframe (typically 7 to 14 days), the escrow smart contract automatically releases the funds to the vendor.

Captcha failures are often caused by the browser's session handling or clock synchronization issues within the Tor network. It is recommended to refresh the Tor identity (New Circuit) and ensure the browser window is not resized in a way that alters the fingerprint unpredictably.

Cryptocurrency deposits require a specific number of blockchain confirmations before being credited to the platform balance (e.g., 2 confirmations for BTC, 10 for XMR). Network congestion can extend these times. Additionally, the platform's internal node must sync with the blockchain, which can occasionally lag.