What is the PGP used for in my Dread account? : PGP | Torhoo darknet markets

So basically, if someone wants to send me a super secret message, they simply won't necessarily need to ask me for the public key because it's already available in my profile?

If you dont use 2FA for dread then this would be the only use case i have in mind.

And another question. Why is it so important to sometimes "sign" your messages, as I'm still seeing comments in some places where they have a plain-text comment and then a signed message?

With signing a message you can prove someone that it was really you writing that message (or at least the person in possession of your keys).

For example if you dont trust the dread mods but want to send me a message with PM and for some reason dont want to encrypt that message you could sign it so that i can be sure it really was you sending that message and not some of the dread admins impersonating you and just using your account for sending me messages.

Or if you post something and want that everyone can read it but you still want to make sure that the other ones could check if that message was really sent by you then you could sign it instead of encrypting it.

Signing is then useful when encrypting it is not needed but you still want to show that you were in possession of your keys.

Another reason why to sign messages:

When you encrypt a message to a vendor you use his PublicKey and he use yours.
But a malicious market could just change your PublicKey to his one without telling you and the vendor would grab "your" PublicKey and encrypts it for "you" but the market will be able to read it and your communication is not encrypted anymore.
Thats what LEA did with Hansa Market.

If you sign every message you encrypted with the vendors PublicKey then the other one can be sure to really talk with you.

I had a vendor once who refused to talk with me because i only encrypted the messages but did not signed them.