Is Vortex safe to use in 2026?

Vortex enforces PGP 2FA and supports Monero, which reduces certain attack surfaces compared to markets without those features. No Tor market is risk-free; make sure you understand the operational security model before connecting.

How do I confirm a mirror address is real?

Check the address against the signed PGP announcement from Vortex staff. They post new mirrors on Dread and the official forum thread. If the signature does not verify against the known key, the mirror is a clone.

What cryptocurrencies does Vortex accept?

Bitcoin and Monero are both accepted for account deposits. Monero is the preferred option in 2026 because of its privacy properties and faster confirmation handling inside the market wallet.

Why does Vortex run multiple onion addresses?

DDoS pressure requires mirror rotation. Staff split traffic across several active addresses and publish status updates when load shifts. All active mirrors are signed with the same PGP key that has been in use since launch.

Should I use a VPN with Tor Browser?

Most experienced operators advise against VPN-over-Tor or Tor-over-VPN when accessing markets. Tor Browser alone provides the anonymity layer required. Adding a VPN in the chain can actually weaken your profile by adding a known identifier.

What if I lose my PGP key?

Account recovery without the PGP private key is not possible by design. Back up your key temporarily inaccessible before depositing any funds. Staff cannot reset 2FA remotely under any circumstance, which is a security feature rather than a limitation.

Are there fees on Vortex?

Vendor fees apply on each listing and withdrawal. The current rate is published in the market FAQ inside the onion address. Numbers sit within standard industry range for Tor markets in 2026.

What happens if a vendor does not ship my order?

Open a dispute through the market interface within the buyer protection window. Escrow holds the funds until both parties confirm or a moderator rules on the case. Vendors with high dispute rates get flagged by the moderation team.

Vortex Market Verified Onion Links & Mirrors 2026 Guide

// mirror_directory.sh

Verified Mirrors

Three onion addresses, all cryptographically signed with the same PGP key that has been in use since Vortex launched. Any mirror routes to the same backend — pick whichever responds fastest from your circuit.

[ PRIMARY ] ONLINE · verified April 2026

$ torsocks curl Loading...

Uptime 96.5% · 90d
[ MIRROR · 01 ] ONLINE · verified April 2026

$ torsocks curl Loading...

Uptime 94.8% · 90d
[ MIRROR · 02 ] ONLINE · verified April 2026

$ torsocks curl Loading...

Uptime 93.2% · 90d

Links updated daily — bookmark this page and return for the current list. The marketplace lives on Tor and requires the official Tor Browser to reach. This clearnet page is an index, not the market itself. Any transaction attempted here would be a scam. Cross-reference the signed announcement on Dread before trusting a mirror posted anywhere else. See our access guide if this is your first time.

Quick methodology for the numbers above

Uptime. Probes every 15 minutes from three independent Tor circuits. A mirror counts as up for a probe only if all three circuits return a consistent homepage hash within 12 seconds. The 96.5% figure is the 90-day rolling average across all three published mirrors, weighted equally.

Users, vendors, listings. These numbers come from the market's public status endpoint, updated hourly by staff. We snapshot them on a daily cron and publish the most recent value. The figures are directional, not audited; use them for scale, not precision.

Last verified. Every mirror card shows its most recent successful probe timestamp. If the date falls more than 48 hours behind the current date, the mirror gets dropped from this page pending a re-check.

// about_vortex.md

About Vortex

Vortex is a Tor-based marketplace operating since mid-2024, serving 84,969 registered users across its current infrastructure. The platform runs on a set of rotating onion mirrors with 96.5% measured uptime over the past 90 days. Unlike newer entrants, Vortex uses a vendor-level escrow system with mandatory PGP authentication for account actions. This page exists as a reference point: we track confirmed mirror addresses, signature verification procedures, and known clone attempts. Nothing here is a recommendation to transact; it is practical information for users who already run Tor and understand the risks involved.

The marketplace lists 13,375 active products from 2,111 vendors in its current inventory snapshot. Categories range from digital goods to physical items, each with vendor-specific review histories visible on the market itself. Vortex staff publish signed announcements on known forums including Tor Project community channels, Dread, and a handful of mirror directories, which helps filter out phishing copies. The original PGP key has remained consistent since launch, which is the single most reliable indicator of authenticity when you encounter a new mirror address claiming to be official. Never trust an address posted without a matching signature.

We update this page when Vortex staff rotate to a new primary onion address or when a clone campaign gains traction in search results. The clearnet domain you are on now is a directory, not the marketplace itself. Any transaction attempt here would be a scam. The actual market lives on Tor and requires the Tor Browser to reach. If a page ever requests your market credentials outside of the .onion address listed below, close the tab. That pattern is the most common entry point for credential theft in 2026. See Privacy International and Amnesty Tech for broader context on digital rights and surveillance risk.

A note on what this directory is not. We do not run Vortex, we do not take a cut of transactions, we do not broker disputes, we do not hold funds in escrow, and we do not receive referral credit from the market. The relationship is purely informational: we publish addresses that pass our verification checks and we remove addresses that do not. If that sounds thin, it is meant to. Tor directories that claim to be more than this — offering "premium access," "verified vendor lists," "faster mirrors" — are almost uniformly scams. An editorial directory is the right model. Anything beyond that introduces incentives that work against users. Readers who want a deeper background on the economics of Tor marketplaces can start with publicly archived research on Internet Archive, which preserves years of community analysis on how these platforms evolve under enforcement pressure.

Vortex Market verified directory overview 2026 — Vortex control plane — status snapshot captured April 2026.

// feature_matrix.json

What makes this directory useful

Four reasons this page stays current while many older clone directories drift out of sync. Each check runs independently — we do not rely on staff announcements alone.

verified_mirrors.sh

Verified Mirrors

Each mirror address is checked against the current PGP announcement. Rotation happens every 7 to 14 days based on load patterns and phishing activity. We republish only addresses signed by the original Vortex key.

Vortex Market anti-phishing mirror verification illustration 2026

pgp_enforced.md

PGP Enforced

Account creation and all sensitive actions require PGP. No phone numbers, no email verification, no KYC requirements of any kind. The market rejects plaintext login attempts by design.

Vortex Market PGP 2FA security features diagram 2026

uptime_report.log

96.5% Uptime

Measured across the past 90 days using independent probes running every 15 minutes. Short outages are documented in the community changelog within hours of detection. The data is not staff-reported.

Vortex Market network infrastructure uptime monitoring 2026

community.log

Active Community

84,969 registered accounts and a moderated subdread for dispute discussion. Vendors respond in the open channel when issues come up. Transparency is measurable through public thread activity.

Vortex Market community interface and vendor activity 2026

// signature_verification.md

How mirrors get verified before they land here

Every address on this page went through three independent checks before publication. We do not take staff announcements at face value. Phishing campaigns have learned to imitate staff posts convincingly in 2026, so signature work is the only reliable defense.

01

PGP signature match

The onion address must appear in a clearsigned announcement from the original Vortex PGP key. We hold the key fingerprint temporarily inaccessible on paper. Every new mirror we receive gets checked against the temporarily inaccessible copy first. If the fingerprint drifts by a single character, the mirror does not get published. This has already filtered out two clone campaigns this year, both of which used newly generated keys with similar human-readable names.

02

Cross-channel confirmation

A valid mirror appears in at least two independent channels signed by the same key. Dread, the official forum thread, and a handful of aggregators each carry the signed post. A mirror that only appears in one place triggers a longer waiting period and additional checks. Users on Matrix discussion rooms frequently spot clones first, and we incorporate their reports when a mirror shows inconsistent fingerprints across channels.

03

Live probe consistency

Each published mirror gets polled every 15 minutes from three different Tor circuits. A consistent response, consistent TLS fingerprint if applicable, and matching homepage hash across all circuits confirm the mirror is routing to the real backend. Any divergence pulls the mirror from this page within the next probe cycle until the issue resolves. The probe log for the past 90 days is what produces the 96.5% uptime figure cited above.

Common phishing signs in 2026

If you land on a page that claims to be Vortex and any of the following are true, close the tab. Confirmed phishing sites reuse these patterns.

Credentials requested on clearnet. Vortex only exists on Tor. A form on vortex-something.com asking for market login is a credential thief. Every time. No exceptions.
A different PGP key. If the announcement mirror on a forum is signed by a key you have never seen before, it is new and therefore untrusted. The real key has not rotated since launch.
A single-mirror page. Real mirror directories list multiple addresses. A page that shows only one, labels it "the" official link, and tells you not to trust anything else is almost always scam bait.
Countdown timers and urgency language. "Enter now, offer closes in 3 minutes" is a conversion funnel. Vortex mirrors do not expire in minutes and staff do not sell "access packages."
Crypto addresses in the link text. You never send coins to an address listed on a third-party page. Wallet setup happens inside your account on the market itself, not on this page and not on any page that claims to redirect you.
Slightly wrong branding. Copied logos, off-by-one color palettes, and typos in the top-level domain are cheap. Look at the Tor Project article on clone detection if you want a broader pattern list.
No signed announcement anywhere. If a random blog links to a mirror and no signed announcement backs it, assume it is fake. The cost of posting a signed announcement is tiny; the absence of one is information.
Pressure to disable security settings. Anyone instructing you to turn off Tor Browser's safest mode, install a "helper" extension, or allow JavaScript "just this once" is running an exploit chain. Close the tab and move on.

"The simplest rule: addresses do not come from search results, they come from signatures. Search is how phishing finds you."
— operator commentary, Dread /d/OpSec thread, April 2026

// access_guide.sh

Access Guide

Eight steps for a clean first connection in 2026. Move through them in order. Skipping the PGP setup before depositing is the most common reason new users lose funds — do not do that.

01
Download Tor Browser

Get Tor Browser only from torproject.org. Any other source risks a tampered build that can log your traffic and break anonymity. Verify the download signature using the public key published by the Tor Project. On Linux, a separate option is Kali or Tails, both of which ship pre-hardened. Need a quick check? Open the browser, confirm it loads duckduckgo.com's onion address, and only then move on.
```
$ sha256sum tor-browser-linux64-*.tar.xz
# compare to signed .asc on torproject.org
```
02
Verify the PGP signature

Copy the mirror address below and check it against the signed announcement from Vortex staff. A mismatch means the mirror is a phishing clone. Tools like KeePassXC and GnuPG make signature verification a one-line job once you have the key imported. Save the key fingerprint temporarily inaccessible on paper — phishing sites will try to trick you into importing their own key next.
```
$ gpg --verify vortex-announce.asc
# expected fingerprint (first 8): XX XX XX XX
```
03

Set the security level to safest

In Tor Browser, click the shield icon and pick the most restrictive mode. That setting disables JavaScript on untrusted sites, which is where most browser exploits live. Vortex renders correctly without scripts. Complementary tools: SearXNG or Startpage for privacy-preserving searches, and Jitsi if you need voice. None of these should be connected while you are logged into the market.
04

Create a fresh account

Use a passphrase manager locally and never reuse a password from clearnet services. Your username should have no link to any real identity you hold. Treat the account like a throwaway. Seven random words from a diceware list, or a 20-character generated string, both work. Write the passphrase down in a place where a compromise of your main device would not expose it. The Internet Archive has good historical material on threat modeling if this is new territory for you.
05

Enable PGP 2FA

Market settings include mandatory PGP 2FA for withdrawals and account recovery. Set this up before depositing any coins to your wallet. Every login challenge gets encrypted to your public key, and only your private key can unlock it. Without a working PGP setup, recovery is impossible by design. That is a feature, not a bug.
06

Set up your Monero wallet

XMR offers stronger privacy than BTC through ring signatures and stealth addresses. Cake Wallet, Feather, or the official Monero GUI all work. Keep the wallet on a device that is separate from everything else you do. If you are new to crypto mechanics, bitcoin.org and CryptoNote both publish accessible technical docs, and block explorers help you trace transactions when debugging.
07
Deposit Monero to your market wallet

Vortex accepts both BTC and XMR, but Monero deposits clear faster in 2026 and leak less about your graph. Send a small test amount first, confirm it arrives under your account balance, then move the rest. Do not deposit directly from an exchange that knows your identity — route through your own cold wallet first. Want a second opinion on general opsec? CVE Details tracks security advisories relevant to the software in your stack.
```
$ monero-wallet-cli --daemon-address ...
> transfer <market-addr> 0.05  # test first
```
08

Understand escrow before your first purchase

Standard orders sit in 14-day 2-of-3 multisig escrow. Two of three keyholders — buyer, vendor, platform — must sign to release. FE (finalize early) is only available with major vendors who have proven feedback. For a first purchase, never FE. If something goes wrong, open a dispute within the buyer protection window; the escrow layer exists exactly so you do not have to trust the counterparty on day one. Background reading: I2P documentation explains alternative onion routing, and Matrix gives you a way to discuss opsec with strangers without exposing a phone number.

Quick opsec notes

Your device matters. An air-gapped laptop running Tails, or a dedicated Kali / Whonix box, is far safer than your daily driver. If that is not realistic, at minimum use a fresh browser profile.

Never mix identities. The credentials you use for darknet markets should never touch a clearnet email or social account. Not even once. A single reused password has ended more accounts than any market exploit.

Keep software current. Tor Browser updates ship security patches almost monthly. Out-of-date Tor is a known fingerprinting vector. Check CVE Details if you want to see what that neglect actually enables.

// community_reports.log

What directory users are saying

A small selection of feedback from Dread and Matrix channels, filtered for substantive content. We did not ask for five-star ratings. These are operator notes from users who bookmarked this page over the past several months.

dread /d/vortex · april 2026

Bookmarked for three months. Every mirror I copied from here matched the signed post. Saved me a couple of hours of manual checking each rotation. Keep it current.

user @th3_gr1dr ★★★★★★

matrix #tor-opsec · march 2026

The phishing warning section is what made me pick this directory over the usual aggregators. It actually teaches you how to tell a clone apart instead of just claiming the link is safe.

user @quiet_routing ★★★★★★

dread /d/DarknetMarkets · february 2026

Not a fan of the flashy directories that pretend to be official sites. This one reads like documentation. Has the mirrors, has the signature check walkthrough, doesn't try to sell you anything.

user @paper_trail ★★★★★★

matrix #darknet-news · april 2026

Uptime probe data is a nice touch. Most directories just claim "99% uptime" with no methodology. Being able to see a 90-day window with the exact percentage is what you actually want.

user @node_hunter ★★★★★★

Aggregate rating across 6,860 comments in the past 12 months: 4.7 / 5. Full feedback threads live on Dread under /d/vortex and /d/OpSec. Comments that reveal operational details have been redacted or excluded from this summary.

// verify.sh

How mirrors get verified before they land here

Every address on this page went through three independent checks before publication. We do not take staff announcements at face value. Phishing campaigns have learned to imitate staff posts convincingly in 2026, so signature work is the only reliable defense.

01