Archetyp down : what about my PGP and accounts ? : OpSec | Torhoo darknet markets

You should always be using unique usernames/passwords/PGPs/Emails/XMPPs

Each market gets its own unique set of credentials, everytime.

You should get rid of all accounts, wallets, emails and PGP-keys related to Archetyp. You don't want anything there be interlinked with you.

Other accounts unrelated and isolated from Archetype should be safe as long as you have not made any mistakes. If you are not sure, better be safe than sorry and delete potentially infected accounts (like Dread accounts that could be interlinked with Archetyp).

Regarding Tails, best is to export all PGP-keys, copy wallets seeds, export KeePassXC entries to a fresh Tails persistency. When you are sure you have everything, low level format the old Tails USB-memory (Overwrite existing data with zeros and format once more with the ATA secure erase and optionally destroy the USB-memory).

Hi my friend,
I understand that situations like this often bring anxiety and paranoia, and that’s probably justified.
The first thing I’d like to say is that, regardless of whether there was a seizure or not, you should always use different credentials for each market, no matter what.

Regarding your PGP key, I assume you're referring to the public key you used for communication and receiving messages, I don’t think there’s any real need to change it, personally I find it unnecessary.
As for emails or any addresses, if you encrypted everything locally before sending an order or message, you can change them for extra security, but no one would have access to them anyway. Keep in mind that it’s the market that got seized, not the vendors you were buying from. Those communications will remain private between you and the vendor, as long a like you said you encrypted them first using Kleopatra.

If wiping everything and starting from scratch makes you feel safer, go for it.
But personally, I believe it’s enough to simply create new accounts on other markets with fresh credentials.

Best regards
TedKaczy

look up perfect forward secrecy. its means using different username, passwords and GPG keys. As if one is ever compromised it will greatly limit the exposed data. Like if you one GPG key, and it gets in the wrong hands. ALL your communications would be compromised.

Also as a buyer I would create new accounts and GPG keys every once in a while. That way if the market was to ever to get in the hands of LE . Only a certain amount of transactions on that market [b]might]/b] be linked to you. It also makes LE have more work to link you to other buyer accounts. It might be a lot but it will give you peace of mind.

Also use a password manager and use the features to generate an programmatically random password instead of relying on your brain to generate one.


So in conclusion yes you should delete and change all usernames and fresh account used on Archetyp. Accounts that did not touch or get in contact with archetyp should be fine. but if it gives you peace of mind you should change/delete it .