DrugHub User Manual

A technical walkthrough for establishing a secure connection, verifying server integrity, and managing cryptographic identity on the DrugHub network.

Est. Time: 15m Level: Intermediate

Security Prerequisites

Operating within the DrugHub network requires strict adherence to operational security (OpSec) protocols. The architecture relies on V3 Onion Services and PGP (Pretty Good Privacy) encryption. Before attempting access, ensure you are utilizing the official Tor Browser and have a functional Monero (XMR) wallet for settlement.

01 Environment Configuration

The Tor network provides the baseline anonymity layer. Standard web browsers (Chrome, Firefox, Safari) cannot resolve .onion addresses and leak significant fingerprinting data.

  • Download the latest Tor Browser bundle from the official project site.
  • Navigate to Settings > Privacy & Security.
  • Set the Security Level to Safer or Safest.
  • (Recommended) Disable JavaScript globally via about:config if advanced.
OpSec Note

Never resize the Tor Browser window manually. Leave it at default size to prevent window-size fingerprinting.

02 Access & Verification

Access the market using a cryptographically signed V3 onion address. Verification of the PGP signature on the landing page is the only way to ensure you are not on an impersonation site.

drughub33kngovqzkhf6gqjyudzak44gcnfrrh4ukllicsuduraw3did.onion

Verification Process

  1. Copy the signed message from the login page.
  2. Import the DrugHub Public Key to your PGP client.
  3. Run a "Verify Signature" command.
  4. Ensure the output reads "Good Signature".

Why Verify?

Verification mathematically proves that the server controls the private key associated with the DrugHub identity. Impersonation sites cannot generate a valid signature.

03 Identity & Recovery

Upon registration, DrugHub generates a unique Mnemonic Recovery String. This is a sequence of words that acts as the master key to your account.

Critical Security Warning

DrugHub does not store email addresses or personal data. If you lose your password and your Mnemonic, your account and funds are permanently lost. There is no "Reset Password" button.

  • Generate a strong, random password (min 12 chars).
  • Copy the Mnemonic immediately upon account creation.
  • Store the Mnemonic in an offline, encrypted text file (e.g., KeePassXC).

04 PGP Configuration

PGP (Pretty Good Privacy) is mandatory for 2-Factor Authentication (2FA) and encrypting shipping data. You must have a local PGP client (Kleopatra, GPG4Win, or GPG Keychain).

Import Key

Add your public key to your DrugHub profile settings.

Enable 2FA

Once a key is linked, enable 2FA. The market will challenge you to decrypt a random string at every login.

Auto-Encrypt

Check the "Encrypt Messages" box in settings to ensure all communication is encrypted by default.

05 Wallet & Settlement

DrugHub utilizes a Monero-only (XMR) architecture to prevent blockchain analysis. Bitcoin (BTC) is not supported due to its transparent ledger.

Deposit Protocol

Navigate to Wallet > Deposit. The system will generate a unique integrated subaddress for your account. Deposits require 10 network confirmations before appearing in your balance.

Escrow System

All transactions are held in escrow. Funds are locked in the market wallet until the order is finalized by the user or the auto-finalize timer expires. Never Finalize Early (FE) unless dealing with a highly trusted source.

Have technical questions about the infrastructure?

Visit the FAQ