This guide covers the basics of just about everything you need to know to get started using darknet markets and how to buy drugs online. It provides a high-level overview of what is required of the user and explains some universal concepts in a step-by-step approach, such as:
- Installing the Tor Browser
- Installing and using TailsOS
- Generating a PGP key pair
- How to find a verified market link
- Making a deposit
- Product listings
- Wallet systems
- Order types
Darknet markets have come a long way since the days of Silk Road. Back then, it was possible to get away with a lot more because nobody was paying attention to what was going on, or even knew what to look for. Today, however, substantial portions of the darknet are being actively monitored and indexed. Multi-national law enforcement efforts are working tirelessly to take markets offline, arresting their participants in the process. Huge stores of information are being analyzed using highly sophisticated techniques — a process which extends to blockchain analysis. These reasons are why its more important than ever to develop an understanding of how to use the tools at your disposal to maintain privacy online.
Warning: This guide is for educational purposes only. Following its instructions could constitute illegal behavior in some jurisdictions. Use of darknet markets is an inherently risky endeavor and the contents of this guide in no way condone illicit actions performed on them. Darknet market use is solely at the user’s discretion, who bears all responsibility for their actions, legal and otherwise.
It’s true that a lot of the stuff for sale on darknet markets is illegal pretty much anywhere. You run the risk of jeopardizing your freedom by participating in darknet market transactions and we cannot recommend doing so. In the spirit which Bitcoin and Silk Road were created, however, we believe in personal liberty and responsibility, and that people should have the right to do whatever they want so long as they don’t harm others. We also recognize that access to darknet markets serves a vital role in keeping violence out of drug deals, providing a much safer alternative to the traditional experience.
Before Getting Started
This guide is written to be understood by anyone with a basic grasp of computers and the internet. It is highly recommended, however, that you be comfortable with the following concepts before proceeding straight away to darknet markets:
- Cryptocurrency. You will need a decent or better understanding of how to make cryptocurrency transactions; specifically as they relate to Bitcoin (BTC) and Monero (XMR). If you are interested in performing multisig transactions (a good way to place orders for those who don’t trust the market), you will additionally need to know how to create a multisig Electrum wallet and co-sign a transaction.
- The Tor Network. It helps to know what the Tor browser is and how it works ahead of time. This browser provides the gateway to the darknet allowing access to “.onion” domains, which darknet markets use by definition. You can get started learning about Tor and downloading it now by visiting the project’s website.
- OpSec. OpSec is short for “operations security” and refers to the practice of being mindful about potential security vulnerabilities introduced by your activities, whether on the internet or in real life. OpSec entails putting oneself in the shoes of their adversary before acting. This is done to identify possible ways in which your adversaries could use the action against you. Good OpSec entails being able to maintain an online presence while remaining completely anonymous.
- PGP encryption. Knowing how to encrypt sensitive communications transmitted between parties over the darknet is a must. While we expand on how this is done later, it would not hurt to develop a basic understanding of what Pretty Good Privacy (PGP) means before proceeding.
There is no quick and easy way to use a darknet market the right way. Attempting to apply shortcuts when doing this is a good way to get burned. Today, personal information is a highly sought-after commodity and privacy is becoming scarcer all the time. Therefore, regardless of your intentions, you can never learn too much about how to maintain your privacy online. A good starting point for really learning how to do this is The Hitchhiker’s Guide to Online Anonymity, published by Anonymous Planet.
Installing Tor browser
The Tor browser is just like any other web browser but is specially configured to provide privacy-related features other browsers don’t have. It also has the distinction of being able to connect to top-level domains that end with the “.onion” suffix. It is these domains that comprise the darknet, also known as the dark web. There are several reasons why people use the Tor browser and the darknet:
- To protect one’s privacy
- To communicate freely about sensitive subjects
- To share files or programs
- To sell illegal or restricted goods and services
- To share critical information that could result in legal repercussions for the messenger
To download the Tor browser, visit the Tor Project website. Select the version that applies to your OS. There are versions of Tor for Windows, iOS, Linux, and Android. For additional questions regarding Tor installation or use, you can check out their user manual here.
Remember that Tor takes a bit longer to load than normal web browser as it takes additional time to connect to the network. Give the launch process at least a minute before giving up and trying something else.
- Type “about:config” in the URL title bar
- Press “Accept the risk and continue” to proceed
It should look like this when correctly set:
You will now be ready to start connecting to darknet markets.
TailsOS is a privacy-oriented operating system that routes all traffic through the Tor network by default. It is not essential for connecting to the dark web but highly recommended for OpSec purposes. As Tails is based on Linux, it is far more secure and less prone to attacks than Windows, iOS, or Android systems. Perhaps best of all, Tails leaves no trace of anything done with it after the session with the device has ended. It does not record, for example,
- Browsing history or login credentials
- Device connection history
- Recently-used app or file list
- Any changes saved to the TailsOS drive
Because the OS is burned onto a USB stick via way of image file, you can think of TailsOS as a DVD or virtual machine whose contents are permanently etched and can only be altered temporarily, during the length of the session.
Tails can be downloaded from all three OS types (Windows, OS, Linux) here. You will need a fresh, never-used USB stick to dedicate to TailsOS installation. Even though the download itself is only 1.2 GB total, it is recommended that you use a USB that is at least 8 GB in storage size.
1. First download the version of Tails that suits your current OS (the one on which you are currently running Tor). The download process will take about an hour.
2. Verify the download. This is a relatively simple process to make sure you have downloaded the official TailsOS and not a compromised version. The team at Tails notes that downloading a compromised version is a theoretical possibility – even when downloading it from the official website – so learning how to verify Tails definitely wouldn’t hurt. The verification process takes about 1 minute to complete.
3. Press “Install Tails (2/5)”. If you are installing the Windows version, you’ll be brought to a screen instructing you to download a program called Etcher (also hosted at boum.org). After downloading Etcher, plug in the USB stick on which you will be installing Tails. This will be used to burn the TailsOS disc image file onto the USB stick, allowing it to act as a bootable drive.
4. After you have downloaded and installed Etcher, run the program. Select the Tails disc image file as the file and the blank USB stick as the target. Next, press “Flash!”. This will begin the burning process, which depending on the speed of your computer will take somewhere between 30 seconds to 2 minutes to complete. After the burning process has concluded, the TailsOS installation will now be complete, and you can unplug the USB stick.
To boot your computer with TailsOS, restart the computer while holding down the shift key. This will bring up a list of boot options before the computer restarts. Re-insert the Tails USB stick and select the USB boot option (found under Use a device>USB Storage Device>Tails). The computer will now reboot using TailsOS. You will have to select “Tails” as the operating system before it will load. It is recommended that you leave all settings as default. Press “Start Tails” to get started.
In the upper-left corner you will see the Applications menu options. Clicking on it will bring up the list of pre-installed applications, with Tor Browser displayed prominently up top.
TailsOS looks like a standard Linux operating system, which is familiar in form and function to Windows and iOS. It also comes with a suite of software titles built-in. Among these are:
- Tor Browser (all internet traffic is forced through Tor by default)
- Thunderbird (email client)
- Electrum (Bitcoin wallet)
- Pidgin Instant Messenger
- Various text, image, and audio editing applications
- PGP and password management utility (can create private keys and import other keys)
Keep in mind that Tails saves nothing by design, so each time you reboot you will lose anything you created and saved to the system. Tails also remembers nothing about what happened the last time it was used. This means it records nothing about your device connection, file access or browsing history. You will need to re-import anything required of you each time you start Tails.
It is possible to plug other USB devices into your computer while running Tails, and save files edited while using Tails onto external devices.
Generating a PGP Key Pair
There are more advanced guides on how to do this, but basically you will need your own PGP key pair in order to transact on any darknet market. In many cases, you will need one just to sign up, so its essential to do this ahead of time. We recommend downloading Gpg4win and using the Kleopatra application to generate your PGP key pair. A key pair refers to the combination of a public key (used to encrypt messages to be read by you) and a private key (used to decrypt messages sent to you). PGP stands for “pretty good privacy” and refers to the encryption system used to encrypt messages and other data.
Here is an example of what a PGP-encrypted message looks like:
Most darknet markets will have a separate page or tab in the user profile or settings area where users will paste their PGP public key. All communication between darknet market participants should be encrypted before being sent. Vendors will have their PGP public key displayed somewhere on their vendor page, as well. This is an example of the upper portion of a public key:
PGP is used in the following ways on darknet markets:
- To encrypt shipping information for orders and messages to other users
- To decrypt messages sent from a vendor or other users
- Acts as 2-FA for login (some markets require or have an option that you must decrypt a message encrypted with your public key before entering the market)
- Acts as 2-FA for purchases or withdrawals (similarly, a message must be decrypted before these actions can be completed)
After you’ve generated your PGP key pair, know how to find your public key, and are comfortable encrypting and decrypting messages, you’re now ready to register an account at a darknet market.
Darknet Market List
Here are a few top-tier markets that we can recommend to our readers:
|Total Listings||Finalize Early||Multisig||XMR Support||Wallet Type|
|White House Market||45,000+||Yes||No||Yes (no BTC)||Central|
|Cannazon Market||3,000+||Yes||Yes||Yes||Single Order|
|Vice City Market||5,000+||Yes||Yes||No||Central|
|ToRReZ Market||33,000+||Yes||Yes||Yes||Central/Single Order|
For a complete updated list of darknet markets please visit our complete list here.
Finding a Link / Avoid Getting Phished
One of the most common ways people lose money on darknet markets is by depositing crypto on fake websites that have been built to imitate popular markets. These are known as phishing sites and lure victims through placement of links on sites, posing as an official market link provider. The phishing site may look like the real thing in every way; they only difference being it is not a real market, and your coins will definitely be lost.
Finding an official URL for a darknet market can prove to be difficult as markets often change their URLs or go down to DDOS attacks. There are a couple of sites considered to be trusted for finding these links; the most famous of which are darkfail and darknetlive. Unfortunately, even trusted resources can be subject to hackers, as was the case with darkfail in early 2021. During the incident, hackers replaced legitimate market links with phishing site URLs, resulting in untold losses during the few days the fake market links were displayed.
The best thing you can do to avoid falling prey to phishers is to verify the legitimacy of the link for yourself. This can be a bit cumbersome and requires that you have the PGP public key of the market admin responsible for updating the world with new market links (frequently called “mirrors”). The quickest way to do this is to append “/mirrors.txt” to the end of a market URL. For example, this is what the mirror list looks like for Dark0de, one of the most popular darknet markets:
You can see 2 official market URLs followed by a PGP signed messaged. The quick way to verify if the PGP signature is valid is to copy the contents of the signed message (starting with the first dash and ending with the last) and paste it into this PGP verification tool provided by darkfail. Getting a market’s PGP key can be done similarly to finding a mirror, by appending “/pgp.txt” to the end of the URL. This will bring up the market’s key. After pasting the key into the second box in the verification tool and pressing “Submit,” you will receive a message similar to the following if the signature matches:
It is highly recommended that you add market PGP keys to your personal PGP keyring. This will make it easier to verify mirrors in the future and lessen the risk of getting phished.
Making a Deposit
Depositing funds to pay for a darknet market order can be one of the most stressful parts. This is because you are pretty much entrusting anonymous parties (the market and/or vendor) to do what they say they are going to do, and you may have little recourse if they don’t.
Most darknet markets use an account wallet system (central wallet) where all deposited funds are controlled by the market. In the last couple years, alternative systems have come into popularity where the buyer need only send the exact payment to cover an order. Multisignature transactions can also be used to pay for orders, which require 2 of 3 parties to sign off on the completion of an order.
In 2021, the number one darknet market cryptocurrency of choice is Monero (XMR). This is because its blockchain does not record transaction details like amounts or sending/receiving addresses. Bitcoin (BTC) is of course the second most popular and universally available option. Because Monero exists and its privacy mechanism has not been cracked, we recommend using it over Bitcoin (or any other coin) when given a choice.
Here are some good rules of thumb to be aware of before making your first darknet market deposit:
- Never make a deposit straight from an exchange. This is considered a big no-no and terrible OpSec as it potentially creates an association between your darknet market activities and real-life identity.
- Only deposit the amount necessary to cover the purchase of a single order (plus shipping). Don’t keep large stashes of coins in an account wallet as darknet markets could go down at any time (remember that these markets have a long-term survival rate of zero).
- Never re-use deposit addresses. Normally markets will assign you a new address for each deposit. The ones that don’t almost always have an option where you can generate a new address, and this function should be taken advantage of regularly.
If you’ve ever used a mainstream online marketplace like Amazon or eBay, you should be able to navigate your way around a darknet market just fine. Most markets use a similar format, which consists of the following:
- Menu bar below the header (contains menu selections like Home, Market, Profile, Orders, Deposits, etc.)
- Product and service categories in the left panel, with search and filter options below
- Product and service listings in the right or main panel
In the listings overview, you can see what coins are accepted by the vendor for each listing, their price, rank of the item’s vendor, and the vendor’s total amount of sales. In parentheses and separated by three slashes are vendor feedback counts (good/neutral/bad).
Listings can usually be sorted and filtered in a large variety of ways. The most helpful filters narrow down items according to their ship to/from locations, your preferred price range, and the experience of the vendor. Clicking on a listing will reveal much more detailed information about the product or service being offered. Here you can find:
- Product description, quantity, and pricing amount
- Product sales statistics and feedback left by other buyers
- Shipping options
- Refund policy
- Other information related to order placement
Several markets also have messaging options, and a listing page will contain a button to send a message to the vendor if you have any questions about a listing (remember to encrypt all communication with the recipient’s PGP key, even if it does not contain personal information). It is also from here where you will add an item to your “cart” for checkout.
As with the layout design, darknet markets use a vendor and feedback system rather similar to major sites like Amazon and eBay. The system varies little from market-to-market and tracks the following vendor statistics:
- Number of total completed orders
- Positive / Neutral / Bad review totals
- Number of disputes and their outcome (won/lost)
- Last login date / account creation date
Due to the anonymous nature of darknet markets, a vendor’s reputation is everything. Maintaining a good reputation is important because it is what helps give a vendor their competitive edge, encouraging customers to place trust in their operation. Because feedback and good ratings are that important, several markets now import a vendor’s ratings from other markets, even if the markets are no longer operational.
Below is an example of a vendor page, taken from White House Market:
Here you can see vital information about the vendor, including whether they are currently online, a breakdown of their feedback/sales/disputes, FE status info, and imported feedback. Note that also displayed in the vendor’s PGP fingerprint. This can be used to verify a vendor across markets and to make sure you are encrypting information to the vendor using the right public key. Below this information, or sometimes displayed in separate tabs, is the vendor’s entire public key for easy reference.
Note that the vendor page also contains information from the vendor about the standards they expect for order placement, such as address format, delivery rules, refund policy, etc. It’s a must to read through this information before placing an order with a vendor for the first time.
As a buyer, your decision to purchase a product or service should weigh heavily on the reputation and experience of the vendor, as this choice can make or break your darknet market shopping experience. You may find it tempting to purchase a similar product at a cheaper price from a less-experienced vendor, but we recommend leaving the testing of vendor competence to others. Always go with the more experienced, better rated vendor when given a choice.
Wallet Systems & Payment Options
Before placing an order, you’ll need to know what kind of payment options are available for your purchase. Here are the most common payment systems used by darknet markets:
- Traditional Escrow (central wallet). The market holds all funds, releasing them to the vendor upon finalization of an order.
- Single Order Escrow (direct payment). The buyer submits a specific amount of funds to an address that represents payment for an order. The market holds the funds until the order is finalized, then releases them to the vendor.
- Multisignature Escrow (BTC only). The buyer, vendor and market create a multisignature address that requires 2 of 3 parties to sign for the funds to be spent. This is the fairest system to handle a payment but often the least available.
With traditional escrow and single order payment systems, the buyer must confirm they have received their order and are satisfied with it for the vendor to get paid. This is called finalizing the order. Only after the buyer does this will the market release the funds held in escrow. It is considered good etiquette to finalize your order as soon as you have received it and determined it to be to your satisfaction. If an order is not to your satisfaction, all markets have a dispute system where a moderator will intervene and attempt to determine if you should be offered a refund.
Finalize Early (FE)
Most markets offer a FE option. When placing an order using this option, you must finalize the order as soon as it has been placed, instead of waiting for it to be shipped and delivered. Certain vendors who have developed a good reputation are given access to this option, which means you should usually have no problems when making this type of payment. Keep in mind that FE orders are usually non-disputable, so only use this option if you have utmost confidence in the vendor’s abilities.
Some Common Darknet Market Q&A’s
Q: What is the best way to get Bitcoin or Monero?
Today there are few options for getting BTC or XMR without having to provide some sort of identification, as most major (legitimate) exchanges now require their customers to pass the KYC/AML process. There are a few KYC-free exchange websites like ShapeShift.io and ChangeNOW that facilitate the conversion of fiat currency to crypto. P2P exchange sites like Paxful and LocalBitcoins are also good choices for anonymous cryptocurrency purchases. Once you have BTC, it is much easier to buy XMR. As mentioned earlier, we do recommend using XMR over BTC when given the choice as transaction details are not recorded to the Monero blockchain (as they are with Bitcoin). This makes it much harder to trace the movement of XMR.
Q: My market is offline. Should I freak out?
A: No. Even the best markets go down from DDOS attacks all the time. Sometimes they go offline for other reasons and reappear in a matter of hours. Give the situation at least 24 hours to resolve itself. You can also check for updates on a trusted link provider like darkfail to see if they have the market listed as online or offline, and to find verifiable mirror links as well. Sometimes markets do go down for good; the result of any one of several unfortunate possibilities. If this is the case, well at least you only lost one order because you were following the instructions provided in this guide.
Q: What is a “Honeypot” and how can you spot one?
A: In this case, a “honeypot” refers to a darknet market that has been covertly taken over by law enforcement and is being actively used to gather information from buyers and sellers. There are a few famous instances where LE managed to apprehend market admins while they were still logged in to the market. This allowed them to basically take full control of it, learning as much as they could about its participants without anyone else being able to tell the difference. While there may be no surefire way to know if a darknet market is a honeypot or not, serious market admins provide a “canary PGP message” every 2-4 weeks, signed from a PGP key known to belong to the market admin. This is one way of knowing that – at the very least – the admin’s PGP key is still being used. If these messages stop getting signed without explanation, it should definitely be taken as a warning sign that something is wrong.
Q: Does it help privacy to run Tor over a VPN?
A: In one small way: By first connecting to a virtual private network (VPN) and then Tor, your ISP will not record that you ever visited Tor in the first place. The ISP cannot know what sites you are visiting while using Tor, but connecting to Tor straight from your ISP-assigned IP address reveals that you were using Tor. Doing things the other way around (Tor then VPN) is actually privacy-reducing and not recommended.
Q: Can you recommend other educational resources about darknet markets, cryptocurrency and OpSec?
A: Two of the most comprehensive guides on these subjects that we highly recommend reading are The Darknet Market Bible and The Hitchhiker’s Guide to Online Anonymity. These manuals are updated periodically to reflect changing views and new technologies. They contain a trove of information on how to maintain privacy while accessing the internet and go into far more detail than what is presented here.