Security Guide for New Users
Verifying a mirror with PGP (step by step)
1. Install GnuPG on your computer (Linux: sudo apt install gnupg; Windows: Gpg4win; macOS: GPG Suite).
2. Copy the official PGP public key from our About page into a text file named wtn.pub and import it: gpg --import wtn.pub
3. When you open a mirror, scroll to the bottom and copy the entire PGP signature block.
4. Save it as signature.asc and run gpg --verify signature.asc. If the output says "Good signature", the mirror is authentic.
Safe crypto practices
Never keep more funds on the marketplace than you are willing to lose. After making a deposit and completing your purchase, withdraw any remaining balance to a wallet you control. Use a dedicated wallet for darknet transactions — do not reuse addresses from exchanges.
Understanding escrow
When you place an order, the funds are not sent to the vendor. They are held in a multi-signature address that requires both your approval and the vendor’s (or a moderator’s) to release. If the product does not arrive, you can dispute the order and present evidence. A neutral moderator will review the case and release funds accordingly.