Operational Security Protocols

Security on the Nexus network is not passive; it requires active participation. The following protocols are mandatory for maintaining privacy and integrity within the ecosystem.

PGP Required
No JS Allowed
Identity Isolation

1. Identity Isolation

Compartmentalization is the first line of defense.

Never mix your real-life identity (clearnet) with your Nexus identity. This includes usernames, passwords, and writing styles. If you use the handle "DarkWizard99" on Reddit or Discord, do not use it on Nexus Market.

  • Do not access Nexus from the same device used for personal social media without virtualization (Whonix/Tails).
  • Do not discuss your market activity on platforms like Telegram or Discord.
  • Never provide personal contact information (email, phone number) in vendor communications.

2. Phishing Defense & Verification

Man-in-the-Middle (MITM) attacks are the #1 threat.

Attackers create identical copies of market interfaces to steal credentials and deposit addresses. The URL bar in Tor is not enough validation. You must verify the PGP signature of the onion service.

Verification Protocol:

  1. Import the Nexus Market public PGP key into your keychain.
  2. Navigate to /mirrors.txt or the verification page on the market login screen.
  3. Copy the signed message provided by the server.
  4. Verify the signature using your PGP software (Kleopatra/GPG).
  5. CRITICAL: If the signature does not match, leave immediately.

Never trust links from unverified wikis, YouTube comments, or Reddit DMs. Use only established indexes like checking the PGP signature yourself.

3. Tor Browser Hardening

Minimizing your digital footprint.

The default Tor Browser settings prioritize usability over maximum security. For accessing critical infrastructure like Nexus, you must harden your configuration.

Security Slider Set to "Safer" or "Safest". This disables JIT compilers and restricts dangerous media codecs.
Window Size Never maximize the Tor window. Keep it at the default size to prevent screen resolution fingerprinting.

JAVASCRIPT WARNING: Nexus Market functions without JavaScript. It is highly recommended to disable JS entirely via NoScript to prevent de-anonymization exploits.

4. PGP Encryption (The Golden Rule)

"If you don't encrypt, you don't care."

PGP (Pretty Good Privacy) is not optional. It is the mathematical guarantee that only the intended recipient can read your messages.

  • Client-Side Only: Always encrypt messages on your own device (Kleopatra/GPG4Win) before pasting them into the browser.
  • Avoid Auto-Encrypt: Never use the "Auto-Encrypt" checkbox provided by markets. Server-side encryption requires trusting the server with your plaintext.
  • 2FA Login: Enable PGP Two-Factor Authentication immediately upon account creation. This prevents access even if your password is phished.

5. Financial Hygiene

Break the blockchain analysis chain.

Sending cryptocurrency directly from a KYC (Know Your Customer) exchange like Coinbase or Binance to a darknet market connects your identity directly to the transaction.

Exchange
Identity Linked
Personal Wallet
Intermediate Hop
Nexus Market
Destination

Recommendation: Use Monero (XMR) whenever possible. Its inherent privacy features (Ring Signatures, Stealth Addresses) make it superior to Bitcoin for privacy preservation. If using Bitcoin, always mix coins or use CoinJoin before depositing.