Nexus Market FAQ
Help center for Nexus safety and accounts β onion endpoints stay on the homepage link page
Quick Navigation
General Questions
Nexus is a Tor-only darknet marketplace where buyers and vendors trade through cryptocurrency wallets inside the site. Think of it as an escrow-backed bazaar, not a clearnet shop β you need Tor, a registered account, and funded wallet balance to order.
This FAQ explains how to use the market safely. For editorial ratings see review; for .onion URLs see the link page only.
βSafeβ depends on your behavior. The market provides escrow, PGP messaging, and optional 2FA, but cannot stop phishing URLs, weak passwords, or law-enforcement risk.
Minimum safety checklist:
- Source URLs only from our verified link directory
- Complete registration security steps (mnemonic + PGP 2FA)
- Encrypt shipping details with PGP β never plaintext addresses
- Prefer Monero for sensitive orders (see payment section below)
- Read our legitimacy review before depositing large amounts
Clone sites are the main βscamβ risk β they copy Nexus branding to harvest logins. The marketplace itself has operated continuously with public vendor bonds, which we document in our review verdict.
Red flags you are on a phishing clone:
- URL shared via Telegram, Reddit, or βmirror finderβ bots
- Missing PGP 2FA challenge on login when you previously enabled it
- Deposit addresses that change every refresh without an order
- Spelling errors in the v3 onion hostname β compare against our link page character by character
Access Questions
We split access into two pages on purpose:
- Links: copy a verified .onion address from the Nexus Market link page (the only page that lists URLs)
- Account: after the login page loads, follow the registration guide to create credentials
Install Tor from torproject.org β we do not repeat full Tor setup here to avoid duplicating the link page walkthrough.
Connection problems are handled on the status & troubleshooting page β uptime charts, incident log, and Tor fixes live there exclusively.
Quick triage: (1) confirm status is not OUTAGE, (2) try the next mirror on the link page, (3) request a new Tor circuit. Do not hunt βfresh linksβ on forums.
Optional. A no-logs VPN hides Tor usage from your ISP; it does not replace Tor for .onion access. Connect VPN β launch Tor Browser β paste a URL from our link page. If circuits fail to build, disconnect the VPN and retry β full network diagnostics are on the status page.
Payment Questions
Internal wallet deposits: BTC and XMR only. BTC is easier to source but leaves a public trail to the market deposit address; XMR hides amounts and counterparties on-chain. After deposit, funds sit in your market balance until you pay for an order β the market does not auto-mix BTC for you.
We do not publish payment tutorials for other markets here. Rating impact of BTC vs XMR is discussed in the review.
Escrow timeline from a buyerβs view:
- Order placed: BTC/XMR moves from your market wallet into escrow
- Shipped: vendor marks sent; you wait within the stated window
- Finalize: you release escrow after inspecting the package
- Dispute: open a ticket before auto-finalize if the order is wrong or late
Finalize Early (FE) skips buyer protection β only use with vendors you already trust. FE policy details are in our review, not on the link page.
Account Questions
Registration is documented end-to-end on the registration guide (username rules, mnemonic storage, PGP upload, 2FA). This FAQ does not duplicate those steps.
You need a verified .onion session first β obtain it from the link page, then open Register on the market login screen.
Only if you still have the mnemonic from sign-up. Clear the login captcha, use the recovery option, enter the words in order, and set a new password. There is no email reset behind it.
Lose the mnemonic and the account β plus its wallet balance β is unrecoverable; Nexus stores no passwords and keeps no backdoor. Only ever type the phrase on an endpoint from the verified link page, since this screen is a favourite phishing target.
2FA is PGP-based: each login presents a ciphertext you decrypt with your private key. Without a uploaded public key, 2FA cannot work. Full enablement walkthrough with screenshots lives on the registration guide β not repeated here.