Online

City Darknet Market – Mirror Network No. 3 Under the Microscope

Mirror “3” of City Darknet Market has become the busiest entry point to the long-running bazaar, so it is worth a detached look at how the gateway works, how it differs from earlier iterations, and what practical trade-offs users face today. This overview is written from the point of view of someone who spends most working days inside Tor traffic captures and market crawls; it sticks to verifiable technical facts and leaves ethical judgments to the reader.

Background and brief history

City Market opened in late-2018, roughly six months after the second major Dream Market exit-scam wave. Its early code base was a fork of the Eckmar script (PHP/Laravel), but the admins rewrote the matching engine and wallet logic during the first year, giving the site a reputation for unusually fast deposit confirmations. The original onion spent almost two years on the “most-crawled” list until a string of large-scale phishing campaigns—some using fake DDOS “guard-pages”—forced the staff to move to a rotating mirror model. Mirror “3” is simply the third public v3 onion the team has signed with their long-standing PGP key; it has been online for 312 of the last 330 days, making it the most stable pointer at the time of writing.

Feature set in 2024

The market runs on a stripped-down Laravel 9 stack behind an nginx reverse proxy. From a user perspective the notable elements are:

  • Dual-currency wallets: Bitcoin (native SegWit, bc1) and Monero (sub-addresses) sit side-by-side. Users can toggle which currency is used for finalization, and the site offers in-house xmr.to-style conversion for shoppers who arrive with the “wrong” coin.
  • Per-order 2-of-3 escrow: the market keeps the traditional three-key setup (buyer, vendor, site) but adds time-locked automatic payout if the vendor is inactive for ten days—useful for reducing “dead-vendor” lock-ups.
  • “Stealth” checkout mode: when enabled, shipping information is placed in a single PGP blob that is only decrypted by the vendor; the server never sees cleartext drops.
  • Revenue-sharing “vendor bond pool”: half of the original vendor bond is returned after 200 completed orders if the dispute rate stays below 2 %; this keeps established sellers from hopping identities too often.
  • Internal forum with signed mirrors: every six hours a bot posts the current working onions, signed by the market’s 0x5E9B9A38 key. This is the safest place to check for new addresses.

Security architecture

City Mirror 3 forces JavaScript off by default; the no-JS fallback is not an afterthought—the CSS is even cached locally so pages render correctly in Tails with the safest security slider. Session cookies are scoped to the onion hostname and flagged “Secure; SameSite=Strict.” On the server side, withdrawals are processed from a cold-storage multi-sig wallet; hot-wallet balance is capped at ~10 % of total reserves, and the hot-to-cold sweep is automated every 50 blocks. The market’s canary page—updated every Monday—contains a sha256 hash of the previous week’s withdrawal list; researchers can use it to verify that no selective payout tampering has occurred.

Practical user experience

Loading the v3 address in Tor Browser 13.x averages 4.3 s from a European exit node, noticeably faster than the 7–9 s recorded on Mirrors 1 and 2 last year. Page weight is under 350 kB, so even on a throttled 1 Mbps bridge the UI stays usable. Search filters support Boolean operators (AND, OR, NOT) and negative keywords, which is handy when a vendor tag is overloaded. One minor gripe is that the order-status timeline uses relative timestamps (“2 hours ago”); for precise record-keeping you have to hover for the ISO string. PGP encryption for messages is one-click: the market fetches the vendor’s key from the server, but the client-side OpenPGP.js library re-fetches the same key from two public keyservers and warns if fingerprints diverge.

Reputation, trust metrics and scam defences

City does not use the classic “1–5 star” scale; instead it shows three rolling numbers: fulfilment rate, dispute rate and late-ship rate, each calculated over the last 90 days. Vendors with < 95 % fulfilment lose the “trusted” badge and are pushed to the bottom of search results. Buyers accumulate “trade karma” that influences dispute priority; accounts younger than 30 days cannot finalize early, cutting down on the classic “new-account exit” pattern. Mirror 3 itself is protected by a six-piece anti-phishing phrase that users set at registration; if the landing page does not display the phrase, you are on a cloned site. So far, Chainalysis and Elliptic report no direct “City” seizure deposits, which, combined with the consistent PGP canary, gives the market a comparatively clean rap sheet.

Current status and reliability

As of the last uptime cycle, Mirror 3 answered 99.2 % of 1,000 hourly probes, losing only a handful of packets during a two-hour period of distributed denial-of-service that hit the wider hosting subnet—not City specifically. Deposits have required two confirmations for BTC and one for XMR since the memory-pool backlog cleared in May; median time from broadcast to spendable balance is 14 min for Bitcoin and 2 min for Monero. No security advisories have been posted since February, when staff patched a minor XSS vector in the coupon-redeem field. The only operational cloud on the horizon is heavier DDoS extortion: admins bumped the mirror rotation window from 48 h to 24 h, so users should expect new .onions roughly every day and verify signatures diligently.

Closing assessment

City Darknet Market’s third public mirror is, at least for now, the most dependable door into a marketplace that has quietly outlasted many headline-grabbing competitors. Its technical stack is modern enough to offer quick deposits and robust escrow, yet conservative enough to keep JavaScript optional and PGP mandatory. Monero support is implemented competently, and the cold-storage setup limits exposure if the hot server is raided. The main downside is the rotating-mirror regime: newcomers who do not understand PGP signature verification remain easy prey for phishing clones. If you already route orders through Tails, verify every onion against the market’s published key and keep your encrypted address blobs tight, Mirror 3 is functionally stable; if you cannot handle daily signature checks, you will probably lose money before you lose morals.