What cryptocurrencies are supported for settlement?

The marketplace infrastructure currently supports Bitcoin (BTC) and Monero (XMR). Analysis indicates a heavy preference for Monero due to its ring signature privacy features, which obfuscate transaction origins and amounts on the blockchain.

How does the Escrow system operate within the market?

MarsMarket employs a standard multi-signature or server-held escrow system. Funds are held in a temporary wallet controlled by the market logic until the transaction is finalized by the buyer or the auto-finalize timer expires. In disputes, a moderator reviews the case to release funds to the appropriate party.

What is the purpose of the Mnemonic Recovery Code?

During account registration, a unique mnemonic phrase is generated. This cryptographic seed is the only method to recover an account if the password or PGP key is lost. It is stored locally by the user and is never saved in plaintext on the server database for security reasons.

How are deposits confirmed on the blockchain?

The system requires a specific number of blockchain confirmations (typically 2 for BTC, 10 for XMR) before crediting a wallet. This prevents double-spend attacks. Users can track these confirmations via public block explorers using the transaction ID (TXID).

What is the 'Auto-Finalize' timer mechanism?

To protect vendors from unresponsive buyers, an auto-finalize timer is implemented. If a buyer does not dispute or finalize an order within a set period (usually 7-14 days depending on the product type), the escrow system automatically releases the funds to the vendor.

Mars Darknet Market | Research & FAQ Database

Q: How does the PGP Two-Factor Authentication (2FA) protocol function?

The 2FA system on MarsMarket is based on standard GPG implementation. Upon login, the server generates an encrypted nonce (random string) using the user's public key. The user must decrypt this message using their private key and return the plaintext code to verify identity. This prevents unauthorized access even if password credentials are compromised.

Access & Connectivity

Mars Darknet Market operates exclusively as a Tor hidden service (.onion). The architecture utilizes a decentralized ring of load-balanced mirrors to mitigate DDoS attacks and ensure uptime. Access requires a Tor-compatible browser to resolve the onion routing protocol.

Mirror rotation is a defensive strategy against Distributed Denial of Service (DDoS) attacks. By constantly cycling through different .onion addresses, the market infrastructure makes it difficult for attackers to concentrate traffic on a single entry point, maintaining accessibility for legitimate traffic. Verified mirrors are typically signed with the market's PGP key.

The core functionality of MarsMarket is designed to work with Javascript disabled (Security Level: Safest in Tor Browser). However, some captcha challenges used during DDoS mitigation periods may require temporary Javascript enablement to verify the user is not a bot.

Security Architecture

The 2FA system relies on standard GPG asymmetric encryption. Upon login, the server generates a unique, random string (nonce) and encrypts it using the user's stored public key. The user must decrypt this message using their private key and enter the resulting plaintext code. This ensures that even if a password is stolen, the account cannot be accessed without the private key.

During account registration, the system generates a cryptographic seed phrase (mnemonic). This phrase is the mathematical key to the user's account identity. It is displayed only once and is not stored in plaintext on the server. It is the only method to reset a password or recover a lost PGP key.

The only cryptographically secure method is PGP verification. The market signs a message containing the current active mirrors with its private admin key. Users should verify this signature against the known public key of the market. If the signature is valid, the links in the message are authentic.

Marketplace Functionality

MarsMarket uses a centralized escrow model. When an order is placed, funds are moved from the user's wallet to a holding wallet controlled by the market logic. Funds remain locked until the order is finalized by the user or the auto-finalize timer expires. In the event of a dispute, market staff review the case to release funds to the correct party.

The infrastructure currently supports Bitcoin (BTC) and Monero (XMR). Monero is the preferred standard due to RingCT (Ring Confidential Transactions) and stealth addresses, which obfuscate the sender, receiver, and amount on the blockchain.

The auto-finalize timer is a mechanism to ensure vendors are paid if a buyer becomes unresponsive. If an order is marked as shipped and the buyer does not dispute or finalize it within a set window (typically 7 to 14 days), the escrow automatically releases the funds to the vendor.

Troubleshooting

Deposits require blockchain confirmations before they are credited to the market wallet. For Bitcoin, this is typically 2 confirmations (~20 minutes). For Monero, it is 10 confirmations (~20 minutes). Delays may also occur if the Tor network backend is experiencing latency.

Clock skew errors occur when the user's system time differs significantly from the server's time. This invalidates time-sensitive tokens and 2FA codes. Users must ensure their system clock is synchronized correctly (UTC) when accessing Tor services.

MarsMarket implements strict session timeouts (usually 15-30 minutes of inactivity) to protect user accounts. If a user leaves their terminal unattended, the session is terminated to prevent unauthorized access.