Black Pyramid Market: Technical Analysis of a Next-Generation Tor Marketplace
Black Pyramid surfaced in late-2022 as a multi-vendor narcotics bazaar that quickly drew attention for its aggressive invite-only rollout and heavy emphasis on Monero-only payments. Operating at the “Black Pyramid Darknet Mirror – 1” address (the first of usually three rotating onion endpoints), the site positions itself as a high-assurance, no-javascript environment for buyers who remember the slow-motion exit scams of Empire, the seizures of AlphaBay, and the chronic downtime that plagued Versus. Whether the market actually delivers on those promises is what this report tries to untangle.
Background and Launch Timeline
Black Pyramid’s landing page first appeared on Dread in November 2022. Initial invites were issued to roughly 200 established vendors who could prove PGP-signed sales histories on other markets. That walled-garden approach generated scarcity hype, but it also meant the codebase had months of small-load testing before the public queue opened in March 2023. Version 1.0.4 (the build still running on Mirror-1) is a custom PHP/Tor stack that borrows design cues from the old ASAP market—minimal graphics, strict no-js mode, and server-side PGP encryption of every message. No flashy banners, no coin-mixing widgets baked into the UI; the developers claim they want “less attack surface, not more features.”
Features and Functionality
Buyers land on a sparse left-sidebar layout:
- Product search supports filter tags (region, shipping options, FE status) but not free-text; the idea is to reduce SQL-like injection probes.
- All prices default to XMR; BTC is accepted but converted at checkout using a live rate pulled from CoinGecko’s onion API.
- Two wallets are generated per account: a “market” wallet (2-of-3 escrow) and an optional “instant” wallet for auto-finalize deals with vetted vendors.
- Bulletin board posts are signed by the admin key every 72 h; if the signature fails, the mirror is considered hijacked.
Vendor profiles show four metrics: total sales, dispute rate, median shipping days, and “stealth rating” (a 1–5 score left by buyers). The lack of a cumulative star system is deliberate; admins say averages obscure recent performance.
Security Model and Escrow Flow
Account creation requires a username, password, and public PGP key. 2FA is mandatory for vendors; buyers can skip it, but withdrawal rights are disabled until a key is uploaded. Login tokens are tied to a rotating cookie that expires after 30 minutes of idle time; refreshing the page too quickly triggers a 90-second lockout, an effective, if sometimes annoying, guard against credential stuffing.
Escrow mechanics follow the tried-and-true 2-of-3 script: market holds one key, buyer one, vendor one. If a dispute is opened, staff signs with the market key after reviewing evidence. Multisig redemption is done offline; the site provides a signed transaction blob that can be broadcast via any Monero node, a hedge against sudden seizure. Finalize-early permission is granted manually to vendors after 90 days plus 200 successful orders with <1 % dispute rate.
User Experience and Opsec Requirements
Because JavaScript is blocked, the UI feels like 2008-era Amazon: links only, no dynamic carts. Some users love the speed; others complain they can’t bulk-order. Product photos are displayed as tiled, server-side thumbnails—EXIF data is stripped, but buyers should still fetch images via torsocks wget rather than clicking directly. Shipping info is encrypted client-side in the browser using OpenPGP.js, so plaintext never hits the server; if you disable that script, the “encrypt address” button simply refuses to render.
Mirror rotation works through a JSON file signed by the admin key. Most users grab that file from Dread or the market’s own emergency PGP-signed paste. Bookmarking one mirror long-term is bad OPSEC; the sig check should be repeated weekly to detect phishing clones.
Reputation and Community Perception
On Dread’s /d/BlackPyramid sub, the market holds a “B+” trust tier: not in the same league as the original AlphaBay, but above the flurry of one-year wonders like Dark0de. Vendor exit scams have been rare; the largest to date was a bulk adderall seller who vanished with ~14 k USD in escrow—small compared to Empire’s multi-million ghosting. Staff responded by lowering FE caps and requiring additional bond for stimulant listings. Overall uptime since March 2023 is roughly 96 %, with most outages coinciding with Tor consensus hiccups rather than obvious denial-of-service attacks.
Current Status and Reliability
As of June 2024, Mirror-1 remains the primary entry point, but two backup mirrors are linked in the signed index. Server response times hover around 2–3 s, acceptable for no-js pages. Deposit confirmations require 10 blocks for XMR (≈20 min) and 2 for BTC, after which balances credit automatically. Withdrawals are processed in nightly batches; same-day cash-outs are possible for a 1 % fee. No widespread phishing has been reported, yet copycat onions occasionally pop up with a swapped letter in the URL—users should verify the 16-character onion against the signed list, not just trust visual similarity.
Conclusion: Balanced Assessment
Black Pyramid’s Mirror-1 delivers a spartan but dependable trading floor for privacy-centric buyers. Mandatory PGP, Monero-first accounting, and nightly batch withdrawals reduce the attack vectors that sank earlier markets, while the conservative UI keeps page load—and legal exposure—light. Downsides include limited search granularity, a still-small vendor pool (≈1,400 active listings), and the inherent risk that any centralized escrow represents. For researchers or buyers who prioritize uptime and no-javascript simplicity over flashy storefronts, Black Pyramid is worth bookmarking—provided the signature is checked every single time.