News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Idea for better vendor/buyer communication? : DarknetMarketsNoobs | Torhoo darknet markets

I have had this idea for a while, and I wanted to share it. What if the vendor/buyer used PGP to exchange an AES-256 key that they use for the rest of their communications, and then if there was a problem from either side, either side can tell the market staff the AES-256 key so that way the staff can read past messages without having to compromise a PGP key. If you are worried this would be a security issue, remember, that if either side wanted, they could always disclose encrypted information anyway. Thoughts???
/u/tonypackets T-pAck
4 points
7 months ago
There's actually no need for this because it's already part of GPG and uses "session keys". When you send a vendor a message you will need to encrypt it to both them and yourself to be able to show it to third parties. Messages from the vendor just to you will work fine for you to let other people read that message.

To get the session key of a message (where one of the recipients is your private key), run:
# gpg --show-session-key
Then paste in the encrypted message.

You will get a line back starting with "gpg: session key: " and the value after this is the session key, which if you give to someone they will be able to read the content of that specific message only, and there is no need to disclose your private key.

To then decrypt a message using a session key you run:
# gpg --override-session-key "value_of_session_key_from_above"
Paste in the encrypted message, and it will show it to you without needing the private key or any passphrase.

So if you had 5 messages you wanted to share with the market, you would have to run --show-session-key for each one and provide them with each individual PGP message and the associated key that goes with each one.
/u/DojaDesperado P
1 points
7 months ago
Good info, tonypackets. Is this possible using Kleopatra? I clicked around in the app and didn't find anything relevant.
/u/tonypackets T-pAck
2 points
7 months ago
Just from doing a quick search it doesn't look like it. They probably didn't add that functionality in because it's not something that will be widely used by people on a day to day basis.
/u/DojaDesperado P
1 points
7 months ago
Thanks for checking!
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo