Vortex Mirror Registry —
All Active Nodes
Three independently-hosted Vortex Market nodes. Each address is PGP-signed by the market team. Copy once, verify once, save to an encrypted file.
Verified Onion Nodes
The Mirror Architecture
Why nodes exist
A single .onion address is a single point of failure. Tor hidden services are resilient against passive surveillance but not against the sustained high-traffic attacks that occasionally target market infrastructure. The node model means that disrupting one address has zero effect on the other two — each runs on separate hardware in separate jurisdictions, and each can serve the full market independently.
Traffic balancing
Node 01 (Primary) absorbs the majority of daily traffic — approximately 64% based on recent access logs. Nodes 02 and 03 serve the remainder and act as overflow capacity during peak hours. All three share the same backend database over an encrypted channel, so your account, cart, and order history are identical regardless of which node you land on.
Node failover
When a node goes into maintenance or experiences unexpected downtime, the market team updates the Dread subdread within 15 minutes. The average unplanned downtime per node over the last 12 months was 7.3 hours. Across all three nodes simultaneously, full network downtime has occurred exactly once, for 41 minutes, in November 2024 — a planned migration.
Authenticating before you connect
The team signs all official node announcements with a PGP key whose fingerprint is pinned to the Vortex subdread sidebar. Before saving any address, fetch the latest signed announcement from Dread, verify the signature, and compare the address string character by character. Address substitution attacks — where a single character in the middle of a 56-character string is changed — are the most common phishing technique. A comparison tool or gpg --verify catches them instantly.
| Node | 30-day uptime | 60-day uptime | Response avg | Status |
|---|---|---|---|---|
| Node 01 — Primary | 99.2% | 98.7% | 1.1 s | Online |
| Node 02 — Mirror | 97.8% | 96.3% | 1.4 s | Online |
| Node 03 — Backup | 96.4% | 95.1% | 1.7 s | Online |
Phishing — Spot It Before It Costs You
Phishing replicas of Vortex exist with visually identical interfaces. The only difference at first glance is the .onion address — which may be off by a single character. These sites record your credentials on login and may also deploy JavaScript keyloggers.
You will not know you're on a fake until your account is emptied. Verification takes 90 seconds and eliminates this risk entirely.
How to verify any Vortex address
- Download the signed announcement from the Vortex subdread on Dread. Every official address update is posted there with a PGP-signed block. This post is the only authoritative source.
- Import the market's public key if you haven't already. The fingerprint is pinned to the subdread sidebar. Cross-check it against any recent forum thread — it doesn't change.gpg --import vortex-public-key.asc
- Verify the signature on the announcement:gpg --verify vortex-announcement.txt.ascExpected output: "Good signature from Vortex Market". Any other result means the file was modified.
- Compare addresses character by character. Do not rely on visual scanning. Use a text diff tool or paste both addresses into a terminal and use
diff.
| Red flag | What it means |
|---|---|
| Address from Telegram or Reddit | Unverifiable source — treat as compromised until PGP-verified |
| Login page asks for PGP private key | Credential harvesting — leave immediately |
| Address shared by a new account (<30 days) | Common distribution vector for phishing addresses |
| Site loads over clearnet HTTPS | Not Vortex — the real market is .onion only |
| Deposits requested before login | Scam site — real Vortex never prompts deposit on landing |
Need the setup guide?
Tor Browser configuration, registration walkthrough, OpSec checklist, and first-trade instructions — all in one place.
Read the access guide →