mars market portal

How Mars Market keeps your session intact

Security on Mars Market is layered rather than dramatic. Most of the protection comes from boring choices made carefully — a strong passphrase, a working two-factor code, a multisig contract per order — rather than from any one feature you can point at. This page sets out the layers so you can see which ones rely on you and which ones the storefront handles on its own.

Onion routing, in plain terms

Every visit to a mirror is wrapped in three layers of encryption by the Tor Browser before it leaves your computer, and unwrapped one layer at a time by three different relays on the way to the storefront. No relay sees both who you are and what you are doing. The storefront itself sees only a Tor exit, never your real network address, and that is the structural property that makes onion-only marketplaces possible in the first place.

Two-factor authentication on the account

The storefront supports a one-time code from a standard authenticator app. Enable it the same day you register, ideally before you fund the wallet. The recovery mnemonic shown at setup is the only way back into the account if the device with the authenticator app is lost — write it down on paper, store the paper somewhere a casual visitor would not look, and do not photograph it.

Multisig escrow on every order

Each order on Mars Market settles through a two-of-three multisig contract. Three keys exist — one for the buyer, one for the vendor, one for the platform — and any two of them are enough to release the funds. In an order that goes well, the buyer and vendor sign and the platform key stays out of the picture. When the buyer and vendor disagree, the platform key swings the dispute via the arbitration panel, which reads the order log and the messages and rules. The platform never holds the coins on its own, which closes the door on the most common kind of marketplace failure.

Messages between you and a vendor

Messages within the storefront are stored encrypted, and the wider recommendation is to layer a personal PGP key over the storefront message system for anything that contains an address, a name or a tracking number. Each vendor page has a published PGP key. Pasting that key into your own client and encrypting the shipping detail before you send it means the storefront sees only ciphertext for the part that matters most.