SECURITY CENTER

Compartmentalization is key. Your Tor identity must be completely separate from your real-world identity.

• Never use a username you have used on the clear web.
• Do not use passwords recycled from other services.
• Never discuss your real life, location, or occupation on the market.
• Avoid accessing personal accounts (email, social media) in the same Tor session used for Nexus Market.

Anti-Phishing Protocol. Phishing sites are the #1 threat. They look exactly like Nexus Market but steal your credentials.

• Only use mirrors signed by the official Nexus Market PGP key.
• Bookmark verified onion links; never trust links from wikis or forums blindly.
• Beware of "Man-in-the-Middle" attacks where a fake site proxies traffic to the real site to steal data.
• If the captcha or login process feels different, abort immediately.

Wallet Isolation. Breaks the link between your identity and your purchases.

• NEVER deposit directly from an exchange (Coinbase, Binance, Kraken) to Nexus Market.
• ALWAYS withdraw to a personal intermediary wallet (Monero GUI, Cake Wallet, Electrum) first.
• Set Tor Browser Security Level to "Safer" or "Safest" to disable dangerous JavaScript.
• Use Monero (XMR) whenever possible for maximum blockchain privacy.

End-to-End Security. PGP is mandatory for all sensitive data.

• Enable PGP 2-Factor Authentication (2FA) immediately upon account creation.
• Encrypt your shipping address with the Vendor's PGP key yourself. Do not rely on "auto-encrypt" checkboxes.
• Use software like Kleopatra (Windows), GPG Suite (Mac), or Keychain (Linux).
• Never share your Private Key with anyone.