Security & OpSec Protocols
This document outlines the mandatory operational security standards for interacting with the Nexus Market Link network. Failure to adhere to these protocols may result in deanonymization or loss of funds.
01. Identity Isolation
Your darknet identity must remain completely distinct from your clearweb identity. Cross-contamination of metadata is the primary vector for deanonymization.
Prohibited Actions
- Never reuse usernames from Reddit, Discord, or Telegram.
- Never reuse passwords from any other service.
- Never discuss your market activity on social media.
- Never upload photos containing EXIF data.
Recommended Actions
- Create a new identity specific to Nexus Market.
- Use a password manager (KeePassXC) strictly offline.
- Compartmentalize vendor communications.
- Utilize temporary, encrypted email services if required.
02. PGP Encryption
The Golden Rule: Client-Side Only
Never rely on "Auto-Encrypt" checkboxes provided by the market. If the server is compromised, your cleartext messages are readable by law enforcement. You must encrypt all sensitive data (shipping addresses, tracking numbers) on your own device before pasting it into the browser.
- Import the Vendor's Public Key into your PGP Keyring.
- Write your sensitive message in a text editor (Notepad/TextEdit).
- Copy the message to clipboard.
- Use GPG tool to "Encrypt" using the Vendor's key.
- Copy the resulting -----BEGIN PGP MESSAGE----- block.
- Paste ONLY the encrypted block into Nexus Market.
[!] IF YOU DO NOT ENCRYPT, YOU DO NOT HAVE SECURITY.
03. Verification & MITM Defense
Man-in-the-Middle (MITM) attacks are the most common threat. Attackers create clones of Nexus Market that look identical but steal your credentials and deposit addresses.
How to Verify a Nexus Onion Link
Nexus Market provides a cryptographically signed message at the login page or in the footer. You must verify this signature against the market's known public key.
1. Get the Signed Message
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 This is Nexus Market. Current onion: nexus...onion Timestamp: 2026-02-04 -----BEGIN PGP SIGNATURE----- ...
2. Verify in Terminal/GPG
Copy the signed message to a file, then run:
gpg --verify nexus_message.txt
If output says "Good signature from Nexus Market", the link is safe. If it says "Bad signature", LEAVE IMMEDIATELY.
04. Browser Hardening
-
01.
Security Level: Safest
Set Tor Browser security shield to "Safest". This disables JavaScript completely, preventing most browser-based exploits and IP leaks.
-
02.
Window Size
Never resize the Tor Browser window repeatedly. Leave it at the default size or maximize it if letterboxing is enabled. Unique window dimensions create a unique fingerprint.
-
03.
Clean Sessions
Restart the Tor Browser completely (New Identity) before logging into Nexus Market, especially if you have been browsing other sites.
05. Financial Hygiene
Protocol Violations
NEVER:
Send coins directly from an Exchange (Coinbase, Binance, Kraken) to Nexus Market. Exchanges use chain analysis and will freeze your account instantly.
NEVER:
Use Bitcoin (BTC) for sensitive transactions if Monero (XMR) is available. BTC is a public ledger and is easily traceable.