Platform Documentation

DrugHub operates as a decentralized, censorship-resistant commerce platform hosted on the Tor hidden service network. This specific portal serves as the authenticated entrance node, providing cryptographically signed PGP verifications and real-time mirror status. We facilitate secure, private connections between vendors and buyers without central oversight or data collection.

Access is strictly limited to the Tor Network. Users must utilize the latest Tor Browser with the security slider set to 'Safest', which disables JavaScript globally. Connection requires a valid V3 Onion address found on our verified Links page. Standard clear-net browsers (Chrome, Firefox, Edge) are fundamentally incompatible with our hidden services.

Verification is mandatory for all interactions. The market signs all official mirrors and communications with its root PGP key (4096R/8A2F...). Users must import this public key into their local GPG keychain (Kleopatra/GPG4Win) and verify the signed message found on the login page. A matching signature confirms you are connected to the legitimate infrastructure.

DrugHub utilizes a strict passwordless authentication protocol. The platform does not store user passwords, eliminating the vector for database leaks. Login is achieved exclusively through PGP challenge-response. Upon login attempt, the server encrypts a random token to your public key; you must decrypt this token locally and paste the result to prove identity.

To mitigate Distributed Denial of Service (DDoS) attacks, the platform architecture generates a unique, cryptographically random .onion URL for each registered user. This "Private Mirror" acts as a personal gateway, isolated from the main public cluster. It ensures high availability, faster latency, and connection integrity for established accounts.

Bitcoin's transparent ledger compromises user anonymity by allowing transaction graph analysis. DrugHub strictly utilizes Monero due to its mandatory privacy features: Ring Signatures (obfuscating the sender), Stealth Addresses (hiding the receiver), and RingCT (hiding transaction amounts). This ensures complete financial opacity for all market participants.

We utilize a 2-of-3 Multi-Signature Escrow protocol. For every order, funds are locked in a generated wallet controlled by three keys: Buyer, Vendor, and Market. Releasing funds requires digital signatures from two of the three parties. Funds are only released to the vendor upon finalized delivery or strictly defined auto-finalization triggers (14 days default).

To maintain market quality, all vendor accounts require a security bond (variable 1-5 XMR based on market volatility). This bond is held in escrow during a mandatory probationary period. Established vendors with verifiable feedback from other recognized marketplaces may apply for a bond waiver by providing signed proof of reputation.

DrugHub enforces mandatory sample testing for new vendors to verify product purity and substance identity. Samples are analyzed via gas chromatography–mass spectrometry (GC-MS) by platform staff or partnered testing facilities. Any discrepancy between listing claims and chemical analysis results in immediate account termination.

DrugHub operates under strict harm reduction principles. The following items are strictly prohibited: firearms/weaponry, explosives, precursors for chemical weapons, fentanyl and its analogues, poisons, and child exploitation material (CSAM). The platform utilizes automated keyword filtering and manual moderation to enforce these restrictions.

In the event of non-delivery or product quality issues, the buyer may initiate a dispute before the escrow timer expires. A staff mediator will review the case, examining shipping evidence and communication logs. If the vendor fails to provide proof of dispatch or validity, the multisig funds are signed for return to the buyer.