Knowledge Base

Verification is mandatory for OpSec. Every legitimate mirror will display a PGP-signed message in the footer or a dedicated /verify endpoint.

1. Import the DrugHub Official Public Key (0xF45A...) into your GPG keyring.
2. Copy the signed message from the mirror.
3. Run gpg --verify to confirm the signature matches the market key.

Never enter credentials on a mirror that fails signature verification.

While many legacy markets disable JS entirely, DrugHub uses sanitized, minimal JavaScript for essential cryptographic operations (client-side encryption) and dynamic UI loading. Our scripts are non-obfuscated and audit-friendly. Users with "Safest" Tor settings may experience limited functionality. We recommend "Safer" for the optimal balance of functionality and security.

We have eliminated the "username/password" paradigm to prevent credential stuffing attacks.

• Registration: You provide a PGP Public Key.
• Login: The server encrypts a random nonce (token) with your Public Key.
• Decryption: You decrypt this token with your Private Key and paste it back.

This ensures that only the holder of the private key can access the account.

Funds for orders are generated into a multisignature wallet associated with three keys: Buyer, Vendor, and Market. Moving funds requires 2 of 3 signatures.

Scenario A (Success): Buyer + Vendor sign to release funds upon delivery.
Scenario B (Dispute): Buyer + Market sign to refund buyer, OR Vendor + Market sign to release to vendor.

This system prevents exit scams, as the market administrator cannot seize funds without a second signature.

Bitcoin (BTC) is a transparent ledger; transaction history is public and traceable by chain analysis firms. Monero (XMR) forces privacy by default using Ring Signatures (hides sender), RingCT (hides amount), and Stealth Addresses (hides receiver). To protect our vendors and buyers from correlation analysis, we enforce XMR exclusivity.

To mitigate server-side risk, the market hot wallet holds minimal funds. The majority of assets are moved to offline Cold Storage. Consequently, withdrawals are not instant. They are processed in batches every 6-12 hours manually by staff. This time delay serves as a security buffer against automated exploit attempts.

Vendor Bond: A deposit of 1-5 XMR required to sell. This prevents "sybil" spam attacks and ensures vendor commitment.

FE (Finalize Early): A privilege granted to trusted vendors allowing funds to be released upon dispatch rather than delivery. Only vendors with 500+ sales and 98% positive feedback are eligible for FE status.

Upon reaching Level 2 Buyer status, users are assigned a private .onion URL. This URL is unique to the user account. This isolates the user from public DDoS attacks targeting the main entry nodes and provides a high-speed, low-latency lane for established customers.