Security & OpSec Guide

The foundation of operational security requires absolute compartmentalization. You must never mix your real-life identity (clearnet) with your Tor identity.

• >> Username Segregation: Do not reuse usernames, monikers, or variations of handles that you have previously utilized on clearnet sites, gaming forums, or social media.
• >> Password Uniqueness: Passwords must be cryptographically secure and entirely unique. A password manager operating offline (such as KeePassXC) is strictly recommended.
• >> Information Blackout: Under no circumstance should you provide personal contact info, real names, or clearnet email addresses to any vendor or user.

Man-in-the-Middle (MitM) attacks occur when an adversary intercepts your connection by providing a deceptive routing node. If you authenticate on a compromised node, your credentials and funds will be intercepted.

Do not trust URLs posted on random wikis, social media platforms, or unverified forums. Always cross-reference against signed PGP messages provided directly by the platform administration.

The standard installation of the Tor Browser contains vulnerabilities if not configured to maximum security parameters. You must harden the browser environment prior to network entry.

Blockchain ledgers are public and immutable. Tracing un-obfuscated transactions from centralized exchanges directly links your real-world identity to network activities.

• >> No Direct Transfers: Never send Bitcoin directly from an exchange (e.g., Coinbase, Binance, Kraken) to market infrastructure. Likewise, never withdraw directly to an exchange.
• >> Intermediary Wallets: Always route funds through a personal, non-custodial intermediary wallet. Electrum is recommended for Bitcoin, and the official Monero GUI for XMR.

"If you don't encrypt, you don't care."

Pretty Good Privacy (PGP) is non-negotiable. It is the only mathematical guarantee that intercepted communications cannot be decoded by hostile network observers or compromised servers.