Site will be messed up for a bit as I work on things/break them.
DNL

Cryptonia Market

Cryptonia is a darkweb market with extensive documentation, Bitcoin multi-sig, and much more.

Address

  • bntee6mf5w2okbpxdxheq7bk36yfmwithltxubliyvum6wlrrxzn72id.onion

PGP Key Details

mirrors.txt
      -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

20190509

The following are verified Cryptonia Market links, we will try to keep at least
one of them up at all times during the DDOS:

bntee6mf5w2okbpxdxheq7bk36yfmwithltxubliyvum6wlrrxzn72id.onion
5mdo5rafeixeeokcvoiqeiup7z2cstqjjy5u6h5atwnjpnfuvlubycid.onion
pahy67rnsvilwmnw6tbuvwcgj3demsl6ylnegvfrenjcu7733c6igdid.onion
jsm5ecfs2xdjivvtizedkiuj4tgcnpewvys3qxxekvucgx2dvqxhy4qd.onion
vklgb5pmwpmr5xo5ehyqcbwvdte5eoyubrf5l2fd2peshiymvnlf73yd.onion
j4pdpj3rcnshnewnswopyw4xakwazk2ckampwowa6pmpdetvzasevjqd.onion
t5z2wsho6fo444qysa67k6a7yu6kykooyt5yraxjgqj7jyfnkiihqpyd.onion
fb33wt3klptnelmjqt4nb4mz465s7cawgpu7h5ojokjxjy6p6ah6dwyd.onion
smzcepj36goxvxrapx3fr6zj5ydacfw72fmgdmwwy5plgfdoj7z3v3yd.onion
zenxsqtjbocxhqwmr6eqn2c3rqra5eqrjgeqq67xpvp3dj6dvha444id.onion
3zfyfhmy55jnja367622b4ui5snc6zbn44zuiwmbf5w2ccj5mutslkqd.onion
uq6cwdtsbtajmjfewh5nnr7zwlh4pjjqwkcsvzdcal3pymfjs7jauyad.onion
2jamxmpr2565fkv6hvtnxccx2zgswvuge2kbigm37lwiosaib3ocmyqd.onion
aowrxxbkmzltss3akwnrppsg434lmgq5d2oqgboejl4depix7opkwzyd.onion
hjaxpofmwuq5cnkipcyypkszsfo2lhkd6uuucyyrujnuwoitg5l4h7qd.onion
axpcke6h2brbag3lcgxgyjustsw4kqlsrhh7azgkf34wcnpy6lcjmzqd.onion
ypnovzcw777v3xrxqyasbhyeixqhfibo6746ok7xvh5dovephjsaqtqd.onion
g6kbnwkks27isvmfzy5dcqsopxvrcs6jbvskkockai24wwnl5evbjsqd.onion
wzlgnnhq6af42us4c6vkobpu55wuro52umned3bizxj4csfqfrbp3yid.onion
rferd3ngu42vvtj7ggpi5yrey3kkj3tau2hbl7k2qrvwa4k2ms2byjyd.onion
5xjl65dvoxxhculxd47v33ll66343noid5qaws2rug53zdfjfmvpkzyd.onion

And the forums link:

iwetkv7jw4mxiw3lia3tnozhlmb2o643px3j7qp5cpyq4l4ey4udmfad.onion
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEKyWL426QQiIVK18llS9J1T/c2YUFAlzWuBIACgkQlS9J1T/c
2YUfOA/+K7monTdtnkBR8tub4CSmWPjk0Twfd80LBW4iPFFRpMDzzyl9KvlArHir
x2fBcoo91Aaf7a9mJO7LMNev/OF/Xvs0Y3fa2lQfZencIHIF8xbdbhorx4TPO/2+
xG7Rcf9cYwaLFw8H1tpu5mvnXZpQ7cTWGtKMHfdpjJSdikumRvRmix0Le3rX/cIn
T9JNTh2G4QvDH4WHdw32wq2Ex/9os0Dga4Uteo9j0KblkYJYuw1ydqaBpS7djH7d
3ehIt9WJOfbnKB8c9/ldaqZMARlQVdQooC5GfW+XzWfoiljeCpj78FoUCiJtlwSy
WMhgMe6gytD0+O4ix3UtEpddvtsyvqA/jnhQRhu9ZrraMVsXM79KkU5+t3fMWVjv
h2XPe16Dq4/OOrBIvtPbT+EroPxHwVeKR3H06IxSF+xbWyXbcoKk/HbGNvtJ01WQ
FEgh5Mg3U5+5Ak/ynVFOlHWCccytkGZRYD9zW7hu5AU2VmIRsnq7fSn9gm1lqDHl
J8WMPKtQjXmcP+/IKMNqRA7YON7cQwEbQpZGSbu/InsILQCLxO/9ozTr9eVtPL2w
8N/NrlLMmTvS6ESBh+9XssOkcVOJ8pW9Azz4QTflLyxWb6DYOncdYfTATkPyG6J0
heW9fbEsZyVXBRjk/n35TdkXp36MWubomu3gIeZIN6s+yarJH0U=
=LE65
-----END PGP SIGNATURE----
    

About

As geeks, we believe that with the right technology most of these problems can be solved. That’s why we have set out to build the perfect darknet trading platform. We have looked at the problems that are destroying our community and we have come up with unique and innovative ways to keep your funds secure and minimize the amount of trust required from both vendors and buyers.

Dead Market

Cryptonia Market Manifesto

Mirror Links Below

We are activists and individuals who enjoy the intellectual challenge of creatively overcoming the limitations of software systems to achieve novel and clever outcomes. We do not condone the use of drugs or any of the products sold by our vendors. But we believe in the cause of freedom. And we believe freedom of trade is the right of all human beings. Just like freedom of expression and religion. While we agree that drugs are a problem for our society, we believe that the current regulations around the world do not have the people’s best interest at heart and only serve as instruments of oppression. Most countries have accepted the fact that addiction is not a crime but a decease. Yet they continue to wage war against their own afflicted citizens. It is barbaric!

Over the past few decades freedom fighters from the free and open source software movements have given us the tools to fight this oppression. But it was the development of Bitcoin, the first cryptocurrency, that changed everything in 2009. It enabled near instant and anonymous/pseudonymous transfer of assets on a global scale without any centralized authority. Black markets where all sorts of regulated goods could be bought and sold soon emerged as hubs of free commerce and a thriving community developed around them.

Unfortunately, the community has been thrown into chaos recently. Trusted markets have fallen due to poor design and monumental OPSEC mistakes. New markets continue to appear only to exit-scam with their users’ funds after a few months. One has to be naive not to think that it’s the same scammers doing it over and over again. Unless we put an end to this it will destroy not only the DNM community but the cryptocurrency community as well since black markets are an essential part of the Bitcoin ecosystem.

As geeks, we believe that with the right technology most of these problems can be solved. That’s why we have set out to build the perfect darknet trading platform. We have looked at the problems that are destroying our community and we have come up with unique and innovative ways to keep your funds secure and minimize the amount of trust required from both vendors and buyers.

Signed Links:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

20190509

The following are verified Cryptonia Market links, we will try to keep at least
one of them up at all times during the DDOS:

bntee6mf5w2okbpxdxheq7bk36yfmwithltxubliyvum6wlrrxzn72id.onion
5mdo5rafeixeeokcvoiqeiup7z2cstqjjy5u6h5atwnjpnfuvlubycid.onion
pahy67rnsvilwmnw6tbuvwcgj3demsl6ylnegvfrenjcu7733c6igdid.onion
jsm5ecfs2xdjivvtizedkiuj4tgcnpewvys3qxxekvucgx2dvqxhy4qd.onion
vklgb5pmwpmr5xo5ehyqcbwvdte5eoyubrf5l2fd2peshiymvnlf73yd.onion
j4pdpj3rcnshnewnswopyw4xakwazk2ckampwowa6pmpdetvzasevjqd.onion
t5z2wsho6fo444qysa67k6a7yu6kykooyt5yraxjgqj7jyfnkiihqpyd.onion
fb33wt3klptnelmjqt4nb4mz465s7cawgpu7h5ojokjxjy6p6ah6dwyd.onion
smzcepj36goxvxrapx3fr6zj5ydacfw72fmgdmwwy5plgfdoj7z3v3yd.onion
zenxsqtjbocxhqwmr6eqn2c3rqra5eqrjgeqq67xpvp3dj6dvha444id.onion
3zfyfhmy55jnja367622b4ui5snc6zbn44zuiwmbf5w2ccj5mutslkqd.onion
uq6cwdtsbtajmjfewh5nnr7zwlh4pjjqwkcsvzdcal3pymfjs7jauyad.onion
2jamxmpr2565fkv6hvtnxccx2zgswvuge2kbigm37lwiosaib3ocmyqd.onion
aowrxxbkmzltss3akwnrppsg434lmgq5d2oqgboejl4depix7opkwzyd.onion
hjaxpofmwuq5cnkipcyypkszsfo2lhkd6uuucyyrujnuwoitg5l4h7qd.onion
axpcke6h2brbag3lcgxgyjustsw4kqlsrhh7azgkf34wcnpy6lcjmzqd.onion
ypnovzcw777v3xrxqyasbhyeixqhfibo6746ok7xvh5dovephjsaqtqd.onion
g6kbnwkks27isvmfzy5dcqsopxvrcs6jbvskkockai24wwnl5evbjsqd.onion
wzlgnnhq6af42us4c6vkobpu55wuro52umned3bizxj4csfqfrbp3yid.onion
rferd3ngu42vvtj7ggpi5yrey3kkj3tau2hbl7k2qrvwa4k2ms2byjyd.onion
5xjl65dvoxxhculxd47v33ll66343noid5qaws2rug53zdfjfmvpkzyd.onion

And the forums link:

iwetkv7jw4mxiw3lia3tnozhlmb2o643px3j7qp5cpyq4l4ey4udmfad.onion
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEKyWL426QQiIVK18llS9J1T/c2YUFAlzWuBIACgkQlS9J1T/c
2YUfOA/+K7monTdtnkBR8tub4CSmWPjk0Twfd80LBW4iPFFRpMDzzyl9KvlArHir
x2fBcoo91Aaf7a9mJO7LMNev/OF/Xvs0Y3fa2lQfZencIHIF8xbdbhorx4TPO/2+
xG7Rcf9cYwaLFw8H1tpu5mvnXZpQ7cTWGtKMHfdpjJSdikumRvRmix0Le3rX/cIn
T9JNTh2G4QvDH4WHdw32wq2Ex/9os0Dga4Uteo9j0KblkYJYuw1ydqaBpS7djH7d
3ehIt9WJOfbnKB8c9/ldaqZMARlQVdQooC5GfW+XzWfoiljeCpj78FoUCiJtlwSy
WMhgMe6gytD0+O4ix3UtEpddvtsyvqA/jnhQRhu9ZrraMVsXM79KkU5+t3fMWVjv
h2XPe16Dq4/OOrBIvtPbT+EroPxHwVeKR3H06IxSF+xbWyXbcoKk/HbGNvtJ01WQ
FEgh5Mg3U5+5Ak/ynVFOlHWCccytkGZRYD9zW7hu5AU2VmIRsnq7fSn9gm1lqDHl
J8WMPKtQjXmcP+/IKMNqRA7YON7cQwEbQpZGSbu/InsILQCLxO/9ozTr9eVtPL2w
8N/NrlLMmTvS6ESBh+9XssOkcVOJ8pW9Azz4QTflLyxWb6DYOncdYfTATkPyG6J0
heW9fbEsZyVXBRjk/n35TdkXp36MWubomu3gIeZIN6s+yarJH0U=
=LE65
-----END PGP SIGNATURE----

Cryptonia Market Storefront

Cryptonia Market Storefront


Cryptonia Market Manifesto (Continued)

We believe that the next step for our movement is to educate the community. That’s why our market is loaded with useful content. We written extensive guides about Bitcoin Multisig, Direct Deposits (Wallet-less Escrow), and the many innovative features that we have developed to keep your funds safe and your transactions private. We will continue to educate the community but we need your help. Please join the movement by supporting our market and helping us spread the word about Cryptonia.

Finally, we promise that as our market and our movement continues to grow we will not be corrupted by greed. We will continue to live by the same ideals that motivated us to start this project and we will continue to treat you with the respect that you deserve. Never forgetting that our success is due entirely to your support.


Frequently Asked Questions

These are the most frequently asked questions. If you have any questions not covered in this guide, or if you find any errors, inaccuracies, spelling mistakes, or simply have a suggestion for improvement please do not hesitate to contact us by clicking the support link on the navigation bar at the top (login required).

What are Direct Deposits (Wallet-less Market)?

Direct Deposit means that you don’t have to send your coins to an insecure market wallet in order to purchase at our market. When you place an order at Cryptonia we generate a unique Bitcoin address for your order. You send the exact purchase amount and the order is sent to the vendor for shipping. Once the order is finalized the funds are transfered from that address to the vendor’s payout address or the buyer’s refund address without ever touching a market wallet. Direct Deposits are superior to wallet-based escrow in many ways. It prevents hacks that target the market and greatly minimizes the damage that such an attack could cause if a vulnerability is ever discovered. It also helps mitigate the potential damage caused by market exit-scams because you can keep track of your funds by querying the payment address on any block explorer.

What is Bitcoin Multisig?

Bitcoin Multisignature (multisig) refers to requiring more than one signature to authorize a bitcoin transaction. Cryptonia features the most secure multisig implementation around. If used currectly it protects your escrow funds from market exit-scams, hacks, and even LE takeover. To learn more about multisig please check our Complete Multisig Guide.

Why should I trust you?

You should not trust anyone around the markets. That is why Cryptonia has been designed to require a minimal amount of trust from both buyers and vendors. Our multisig implementation is completely trustless. For users that can’t be bothered with multisig our wallet-less escrow system is safer and requires less trust than any wallet-based market. No other market offers this level of security or requires so little trust from it’s users. So if you’re ever going to trust another market it might as well be us.

What is escrow and how does it works?

An escrow is a contractual arrangement in which a third party receives and disburses money for the primary transacting parties, with the disbursement dependent on conditions agreed to by the transacting parties. In other words, when you place an order you are entering a contract with the vendor. The terms of this contract are defined by the vendor’s Terms and Conditions and the Product Description. If you feel that the vendor has not met his/her contractual obligations you must dispute your order before the auto-finalize date. If after disputing the vendor does not rectify the situation you can click PING SUPPORT. At that point support staff will intervene and if we’re able to determine that the vendor indeed did not met his obligations a refund may be issued.

What are Cryptographic Proofs?

A Cryptographic Proof is a PGP signed messages that we create for each order after we generate a payment address for it. You should do a PGP verification of this message before sending the payment to ensure that you are not on a phishing platform. The public key used for signing the proof can be found here. You should import it to your PGP keychain now. You should also import our main key found here and verify that the signing key is signed by the main key.

What is a verified vendor?

A verified vendor is one that has been verified from another market. The markets that the vendor has been verified from and their ratings on those markets are displayed on the product page, on the vendor profile, and on the product listings page by hovering over the VERIFIED tag next to their username. Vendors that have good ratings on other markets qualify for a waiver of the one-time vendor fee.

What is a promoted vendor?

A promoted vendor is one that has paid to have his store advertised on the home page. Vendors can purchase a spot by logging in as a buyer and purchasing a Promote Vendor Store from our store. Please include the vendor account that you wish to promote on the shipping address box. Your vendor store will be promoted within 24 hours after your order is received. There will soon be listings for promoted listing codes as well. There will never be more than 16 promoted vendors.

What is the vendor level?

It is the vendor trust level. A LEVEL 0 vendor is one that received a fee waiver and we did not verify from other markets. Vendors can raise their trust level by getting verified from other markets, by paying the vendor one-time vendor fee, or by making sales and getting good feedback.

What are the top vendors?

Top vendors are the 8 vendors with the most sales with positive feedback. The formula used to calculate the vendor ranking is simply the number of good rated transactions minus the number of bad rated transactions.

Which cryptocurrencies are supported?

Currently only Bitcoin is supported. We chose Bitcoin because it is the safest, strongest, most proven of all cryptocurrencies. We have plans to support Monero as a more private choice in the near future. In the meantime users can pay with Monero though the free service offered by xmr.to. However, we warn vendors not to trust the privacy promises in Monero. We believe is over-advertised around the markets and may not be able to deliver the privacy that users expect. Especially against an opponent with the capabilities that LE agencies have.

What are the market fees?

There are no fees for buyers. The fee for vendors is randomized between 2-4% of the order total. Our fee is randomized in order to prevent blockchain analysis attacks.

How do I get paid as a vendor?

Once your order finalizes the payment will be sent to your payout address within minutes. The payout address must be configured on the vendor settings page. Vendors can use a Bitcoin public key or a BIP32 Extended Public Keyas the payout address. We recommend the latter as it affords greater privacy to you and your customers. You can also have your payments go directly to your Electrum wallet.

Are there any banned items?

Yes. Child pornography, explosives, human traffiking, terrorism-related items, fentanyl, poison, or any items that are intended to cause injury to, or kill a human being are prohibited. Additionally any listings for services that compete with ours are not permitted.

What is the dispute process?

If a package is delayed for any reason the buyer may click RESET AUTO-FINALIZE to reset the auto-finalize clock. Buyers may do this up to three (3) times per order at intervals of 48 hours. If after the three extensions you still haven’t received your package or you feel that the vendor did not met his Terms & Conditions you must click DISPUTE before the auto-finalize date. After this you will be able to communicate with the vendor on-the-record. It is important that after this both parties log-in at least every 48 hours (excluding weekends) and respond to any inquiries. If either party stops responding for longer than 48 hours, the other party may request that the order be finalized or refunded. After a dispute is initiated the vendor can offer a full or partial refund and the buyer will still be able to finalize the order or accept the refund. In most cases vendor and buyer will be able to solve any issues on their own. But if this is not possible, then either party may request assistance from support. Support will only be able to help if the vendor did not meet his/her Terms & Conditions. For example, if the T&C states that a refund or reship will be issued if a package is lost or seized then we can help enforce those terms. If the T&C states that no refund are offered then we will not be able to help in that case. The only exception is if we can determine that the vendor is a scammer. For this reason, it is very important that buyers always read the T&C before placing an order.

How does the rating system works?

Simple. After an order finalizes buyers will be able to rate the transaction either positive or negative. Buyers may also include a short feedback message. If buyers do not rate, the vendor will receive a neutral rating. Buyers will be able to update their rating for about 30 days after the order is finalized. Vendors can not rate buyers, but we show the count of finalized and auto-finalized orders next to their usernames. Additionally the buyer’s profile also shows the number of disputes won/lost and the total amount spent on the market. There are also plans to allow vendors to reply to buyer feedback.

How much is the vendor bond?

There is no bond. There is a one-time, non-refundable vendor fee. Currently it is 40 EUR or about 50 USD. Other markets call this a bond but refunds are rare. We believe in doing business the right way so we call it what it is.

What happens if I send more BTC than the order total?

If you send over 0.00005 BTC it will be refunded to your refund address. Otherwise we’ll take it to prevent the payout transaction from being rejected for containing dust.

Are my messages encrypted?

If you setup a public PGP key on your account settings then all messages sent to you as well as any sensitive order details will be encrypted using that key before it is written to disk. Vendors are required to keep a PGP key at most times so all communication should be encrypted. If you attempt to send a message to a user that does not have a PGP key you will be notified and required to confirm.

Do I need to tumble my BTC payments?

Yes. Tumbling or anonymizing your Bitcoin payments is mandatory for all vendors on any dark net market. It is especially important on wallet-less markets with Direct Deposits since your coins come directly from buyers.


What are Direct Deposits (Wallet-less Escrow)?

Direct Deposits are a superior alternative to the flawed wallet-based design used by most markets. With Direct Deposits you don’t need to deposit your coins into an insecure market wallet. Instead you just send the exact amount for your order to a disposable wallet that we create just for your order and you can track it on any block explorer. Before we can understand the advantages of wallet-less escrow we must first look at wallet-based markets and their problems. Then we’ll look at our wallet-less design and how it can eliminate or mitigate most of these problems.

How wallet-based markets work

A wallet-based market has a very basic design. It works as follows:

  • Your create an account and get a Bitcoin address from the market’s wallet.
  • You send Bitcoins to the market wallet, they update your balance, and you are allowed to trade with it.
  • You can request a withdraw and if everything goes well they will send you BTC.

Problems with wallet-based markets

There are many problems with wallet-based markets:

  • Once you deposit BTC into a market wallet you no longer own it. Now you own market tokens which depends solely on the market’s willingness and ability to pay.
  • The security model is minimal and there are many vectors through which funds can be stolen by attackers. We have seen this happen many times.
  • There is no way to tell that there is substance behind your market wallet balance. This means that if funds are stolen, either by market staff or hackers, the market will most certainly lie and continue to operate as a ponzi scheme. This has also happened many times, most recently with Rapture Market.
  • Market owners mitigate this risk by running multiple markets. Most of which will be destined for exit-scams in order to propel one of them to success.

How Direct Deposit (Wallet-less Escrow) Works

Our wallet-less escrow system has been designed specifically to address these problems. In a nutshell, it works as follows:

  • When you create an order we’ll generate a unique Bitcoin address for your order. The private key for this address are not stored on our servers. Instead it will be generated when the order is finalized. This means we never really take posession of your funds.
  • You send the payment and after 3 confirmations the vendor receives your order.
  • When the order is finalized the funds are transfered directly from the order address to the vendor’s payout address or to the buyer’s refund address in the event of a refund.

Advantages of Direct Deposits

Our Direct Deposit implementation have many advantages over wallet-based escrow:

  • Since the market never takes possesion of the funds, you can always see where your funds by querying the payment address on any block explorer.
  • Since transactions are transparent and can be verified on any block explorer, the signs of an exit-scam or compromised market can be detected early. If funds are ever moved from the payment address before the order is finalized it will be a clear sign that the market has been compromised or is pulling an exit-scam and users should sound the alarm.
  • Since the funds are never stored on a market wallet, there is very little risk that a hacker may be able to steal funds. Even an attacker with access to our servers will not be able to spend the coins.
  • Since the funds go directly from buyer to vendor and the funds are never stored in a market wallet along with other user’s coins, even if an attacker finds a security vulnerability the potential damage will be limited to one order.
  • Since transactions a private between buyer and vendor and the fee is randomized, you transactions cannot be flagged through blockchain analysis as with wallet-based markets.
  • Since funds are transfered to the vendor within minutes after the order is finalized the risk of loosing money during a market-exit scam or LE take-over is minimized.
  • Since there is no wallet our market and users will not be much of a target for phishing attacks.

Disadvantages

The only disadvantage is that vendors are more vulnerable to the type of attack where an opponent, such as LE agencies, will pose as buyers and attempt to trace a payment to the exchange. This should not be a problem since vendors should ALWAYS anonymize their BTC payments.


What is Bitcoin Multisig?

The Cryptonia Market Team has created a multisig plugin for the Electrum Bitcoin wallet. It automates all the tasks described on this guide with just a few clicks! To learn more about please click here.

Multisignature (multisig) refers to requiring more than one key to authorize a Bitcoin transaction. It is generally used to divide up responsibility for possesion of the bitcoins. Cryptonia implements real 2/3 multig. This means that the buyer, vendor, and market all share equal control of the funds at all times but only 2 of them need to agree in order to spend the funds. If the market exit scams or is seized by LE the buyer and vendor can still finalize the transaction on their own. If the vendor exit scams then the market can issue a refund which the buyer would have to approve by signing-off the transaction.

Advantages of Multisig

When implemented and used correctly Bitcoin Multisig transactions are protected against theft by market admins (exit scams), by hackers, and even by LE in the event that market servers are seized and the keys compromised.

Secure Multisig Implementation

Not all multisig implementations are created equal. In fact, most markets have implemented multisig for marketing purposes only without giving much thought to security. This has been true even for popular multisig markets like Hansa. To be considered secure a multisig implementation must meet the following requirements:

  • Symmetric Cotrol. All parties must share equal control of the funds. For this reason 2/2 multisig is useless for escrow. If the vendor exit-scams the market would be unable to issue refunds.
  • Direct Deposit. Payments must be deposited directly to the multisig address. If a market requires you to send the funds to a wallet or forward address first then it is not true multisig because you must surrender control of the funds. This vulnerability would most definitely be exploited by LE in the event of a take-over.
  • Unique Keys. The market must not re-use the keys used for multisig transactions. Doing so would allow LE to flag all market transactions even easier than on a wallet-based market. Additionally re-using keys weakens the security in Bitcoin. Public keys should not be stored on the blockchain until the transaction is spent and they should never be re-used afterwards. This protects your funds in the event that the cryptography used by Bitcoin is ever broken.
  • Transparency. The market must provide everything needed to verify the multisig address before sending funds and for spending the funds even in the even of an exit-scam or LE take-over. This means that the market must at a minimum provide the Redeem Script before the payment is made.

Proper Multisig Usage

Simply choosing a secure multisig implementation is not enough. For multisig to work properly there are a few steps that both vendor and buyer must follow. Failure to follow steps can result in loss of funds during an LE take-over or market exit-scam. The rest of this guide will guide you through the process using the Electrum wallet. When Electrum is not sufficient we use coinb.in.

  • Multisig Setup. Providing the market with a public key for the transaction.
  • Multisig Verification. Verify that the market generated the multisig address correctly.
  • Multisig Payment. Deposit the funds directly to the multisig address.
  • Multisig Sign-off. Spending the funds. Even after an exit-scam or LE takeover.

Multisig Setup

Before you can create a multisig transaction you must provide the market with a Bitcoin public key. Every Bitcoin address has a corresponding public/private key pair. The address is actually a hash of the public key. Assuming that you’re using Electrum, you can find the public key for any address on your wallet by going to the Addresses tab and right-click on any address. Then select Details from the dropdown menu. When selecting an address for your multisig order make sure to pick one that has 0 transactions. You should also right-click on the address and select Freezefrom dropdown menu to ensure that the address is not re-used by your wallet. If the funds go to this address after sign-off (all cases except vendors using xpub you will have to unfreeze it before you can spend them.

Buyer Setup

At Cryptonia your multisig public key is also your refund address. This means that there is no special setup before creating a multisig order. The only difference in the checkout process between standard escrow and multisig is that for multisig the refund address must be a public key whereas for standard escrow you can also use a standard Bitcoin address.

Vendor Setup

Before accepting Bitcoin Multisig payments all vendors must setup a BIP32 Extended Public Key (xpub) or a Bitcoin public key as the Bitcoin Payout Address on their vendor settings page. Then enable Bitcoin Multisig payments. Public keys are only supported for simplicity and to allow vendors a quick start. But we recommend that all vendors use an xpub as their payout address as it offers greater privacy for you and your customers. You can use xpub to receive payments directly to your Electrum wallet. See our BIP32 Guide for more details.

Multisig Verification

After creating an order and selecting the multisig payment you should receive a payment address along with a Redeem Script. Before sending a payment you MUST verify that the market has generated the multisig address correctly. It is extremely important that you do not skip this step. If the market is taken over by LE they will try to cheat you here.

To do this simply go to coinb.in and click on the Verify link on the navigation bar. Then copy the Redeem Scriptprovided by the market and paste it on the textbox. Then click Submit. Then on the results check the following in the results:

  • Multi Signature Address must be the payment address provided by the market.
  • Required Signatures must be exactly 2.
  • Signatures Required from must have 3 rows and one of them must have your public key and address.

If everything checks out save your Redeem Script. You may need them to sign-off if the market exit scams or is taken over by LE. If the market provided you with a ScriptPubKey you may save that too as it may simplify sign-off with some wallets (Bitcoin Core).

Multisig Payment

After the multisig address has been verified you can now deposit the funds into the multisig with confidence. To do that simply send the BTC payment like any other. You will also be able to monitor the multisig address on any block explorer to keep track of your funds.

Multisig Signoff

After a multisig order is finalized the market must provide a payout transaction signed with it’s own key. This transaction may contain several outputs including the vendor payout or a refund (or possibly both in the case of a partial refund) and market fees. It must be approved and signed by either the buyer or the vendor before it can be broadcasted to the Bitcoin network.

Normal Sign-off

Before signing and broadcasting you must make sure that the Bitcoin transaction includes your expected output. To do this go to coinb.in, click on the Verify link on the navigation bar and paste the transaction hex that was provided by the market. Then click Submit. On the results check that one of the outputs is to your payout or refund address and that it is for the amount that you are expecting to receive. If everything checks then it’s time to sign off and broadcast the transaction.

Before signing off we need to get the private key of the address used for the multisig setup. Assuming that you used Electrum just right-click on the address and click Private Key. Copy ONLY the part after the p2pkh:. Now go to coinb.in and click on the Sign link on the navigation bar. Paste your private key on the first textbox and the transaction hex obtained from the market on the second one. Now click Submit. This may take a few seconds but you will eventually receive a new signed transaction hex. To broadcast it simply copy it and click on the Broadcastlink on the navigation bar. Paste the new signed hex on the textbox and click submit. After it succeeds you should see an unconfirmed transaction on your payout address within seconds.

Sign-off after exit-scam or LE takeover

If the market exit scams or is taken over by LE both vendor and buyer must get in contact to decide how the funds are going to be spent. This should only be done after you are absolutely sure that the market has exit-scammed or been taken over. Once a decision is made either party can go to coinb.in, click New on the navigation bar and selectTransaction from the dropdown. Now paste the Redeem Script obtained from the market on the textbox labeled Address, WIF key or Redeem Script and click Load. Then add the outputs for the new spend transaction. It is very important that the total of the outputs should be less than the input. The remainder will be the miner’s fee. When finished click Submit. You will receive a transaction hex. Copy it and follow the same steps as the previous section to sign it. But instead of broadcasting the signed hex you must instead send it to the other party who can then follow the same steps to sign and broadcast the transaction.