Skip to content
VORTEX/DNM Copy link
VERIFIED · APRIL 2026

Vortex Market access links — April 2026

Three verified .onion addresses for Vortexdnm. Copy once, paste into Tor Browser. The primary has been active since October 2023. Mirrors serve identical content — use whichever responds first.

Last verified: April 2026 Source: Dread PGP-signed announcement 3 addresses checked
02 · HOW TO USE

Four steps from this page to Vortex

No filler. These four steps cover 95% of failed first-access attempts. All of them come down to either using the wrong browser or typing the address instead of pasting it. See the full setup walkthrough on the guide page if you are starting from scratch.

  1. 01

    Install Tor Browser from the official source only

    Go to torproject.org and download the current stable build for your operating system. Verify the installer signature before running — Tor Project publishes a PGP signature alongside every release. This takes two minutes and rules out every known fake Tor installer distribution channel.

    Do not use Tor forks, "enhanced" versions, or builds distributed on file-sharing sites. The official build receives security patches on a defined schedule. Forks lag, or worse, add instrumentation. The distinction matters when the next Tor security patch closes an active zero-day.

    Set the Security Level slider to Safest immediately after launch. Click the shield icon in the Tor toolbar, drag to Safest. JavaScript is disabled globally under this setting. Vortex renders correctly without JavaScript. Any darknet site that demands JavaScript enabled is a warning sign, not a feature requirement.

  2. 02

    Copy the address using the button above

    Click the Copy button next to the primary gateway. The clipboard handler on this page works across HTTP, HTTPS, and older browser environments. It uses a hidden textarea fallback for environments where the Clipboard API is restricted. You will see a brief "Copied!" state on the button confirming the clipboard write succeeded.

    Never transcribe a v3 onion address character by character. They are 56 alphanumeric characters. Phishing generators produce addresses that match a real one on the first few and last few characters but diverge in the middle. Under most system fonts, 0 and o are indistinguishable at normal reading size. 1 and l are worse. One wrong character routes you to a credential-harvesting clone.

    Bookmark this page after copying. Address rotations happen after major DDoS events. When the Vortex team publishes a new PGP-signed address, this page reflects it. A bookmark here is more reliable than a bookmark to the onion address itself, because the page survives address changes.

  3. 03

    Paste into the Tor Browser address bar

    Paste — do not type — the address into the Tor Browser URL bar. The first circuit build takes 4 to 9 seconds. Three relays are being selected and established. If the page does not load in 15 seconds, press Enter again. A single retry resolves the vast majority of transient Tor circuit failures, which happen silently more often than clearnet DNS failures do.

    The Vortex landing screen is a deep purple background with a cyan accent stripe at the top. If the page is blank, white, or shows generic placeholder content, close the tab immediately. If the visual identity looks correct but the address bar shows anything other than what you pasted, close the tab. Same interface, wrong address — that is exactly what phishing clones look like.

    The New Identity function in Tor Browser (Ctrl+Shift+U or the top toolbar button) flushes your circuit and session state. Use it between distinct activities: before registering, before funding, before placing each order. It is not a complete operational security measure, but it adds a clean break between activities that adversaries would otherwise correlate.

  4. 04

    Register with a PGP key before your first login

    Generate a 4096-bit RSA key using GnuPG on Linux or Kleopatra on Windows. This takes under two minutes. Upload the public key during registration on Vortex. Every subsequent login will issue a PGP-encrypted challenge — decrypt it offline, enter the decrypted string. No SMS. No email. No recovery without the private key.

    Store the private key in encrypted storage — VeraCrypt volume on a dedicated USB drive works well. Back up the revocation certificate separately. Losing access to the private key means losing access to the account permanently. There is no support ticket path to recovery. That is by design.

    For passwords and account credentials (separate from the PGP key), use KeePassXC with a local encrypted database. Keep the KeePassXC database on encrypted storage, not in a cloud-synced folder. Simple setup, and it means you only need to remember one master password instead of generating something memorable and reused.

03 · VERIFICATION

How to confirm you are on the real Vortex

The Tor network is pseudonymous by design. That same property makes it easy to host convincing phishing sites. Verification takes 30 seconds and eliminates the most common attack vector used against darknet market users.

01

Check the address character count

A valid v3 onion address is exactly 56 alphanumeric characters followed by .onion. Total string length: 62 characters. If the address is shorter, longer, or contains characters outside the base32 alphabet (a-z, 2-7), it is not a valid v3 onion address at all.

You can verify length in the Tor Browser address bar by selecting the text and watching the character count. This takes under ten seconds and rules out the crude end of the phishing spectrum — domains that substitute hyphens or dots to exploit visual similarity.

02

Compare first and last six characters

After pasting the address, compare the first six characters and the last six characters against the address shown on this page. Phishing key-grinding tools generate addresses that match the real one at both ends but differ in the middle — because grinding an exact 56-character match is computationally infeasible.

This two-step check catches virtually every phishing address ever deployed against a major darknet market. It takes 20 seconds. You are checking 12 of the 56 characters, which represents the part of the string that attackers cannot cost-effectively replicate.

03

Cross-reference the PGP-signed announcement

The Vortex team publishes address changes on their Dread subdread with a PGP signature from the market's established public key. Any address change that does not appear in a PGP-signed post on Dread should be treated as unverified, regardless of where you found it. Reddit, Telegram, and anonymous pastebin sources are common phishing distribution channels.

The addresses on this page are cross-checked against the current Dread announcement. If you want to verify independently, visit the Vortex subdread on Tor, find the most recent PGP-signed address post, and compare.

04

Verify the visual identity after loading

The real Vortex interface loads with a deep purple background (approximately #0a0a0f with purple gradients), a cyan-accented top bar, and a sidebar navigation on the left of the dashboard. The login screen shows a PGP challenge field — a text area asking you to decrypt a PGP-encrypted string and enter the result.

If any of these visual elements look different, especially if the site requests your password before showing a PGP challenge, close the tab. The PGP challenge is the meaningful security gate. A site that skips it and goes directly to a password form is not Vortex.

05

What to do if you suspect a phishing site

Close the tab immediately. Do not enter any credentials. Do not navigate to other pages on the suspected phishing site. Use Tor Browser's New Identity function to flush the circuit. Return to this page, copy the primary address again, and retry. If you already entered credentials on a suspected phishing site, change the account password on the real Vortex immediately and rotate your PGP key.

Report phishing addresses on the Vortex subdread on Dread. The community moderators track and document known phishing domains. Reporting takes two minutes and helps other users. The EFF also maintains resources on avoiding phishing in the context of privacy-sensitive browsing.

06

Bookmarking and address rotation

Vortex rotates onion addresses occasionally, typically following sustained DDoS attacks on the primary mirror. The rotation is announced via PGP-signed post on Dread before implementation. If a bookmarked address stops responding, check this page before concluding the market is in cold storage. Most unreachable mirrors are under temporary load, not permanently gone.

Bookmarking this directory page is more durable than bookmarking the raw onion address. The directory survives address rotations. The raw address does not. This is a practical difference for users who access the market infrequently — the bookmark remains useful even after a rotation you did not notice.

Vortex Market access guide and FAQ illustration showing Tor Browser verification steps
Vortex Market access verification process — April 2026
04 · FAQ

Questions about Vortex links and access

Answers drawn from the Vortex subdread, the Tor Project documentation, and recurring questions from new users. If something conflicts with a random forum post, use the canonical sources.

What is the current Vortex Market onion link?

Three verified v3 onion addresses are listed in the gateway section above with copy buttons. The primary has been in use since late 2023. The two mirrors provide identical functionality. All three are authenticated against the current PGP-signed announcement on Dread. Copying from this page is the safest way to get the address.

How do I know a Vortex link is real?

Compare it against the PGP-signed announcement in the Vortex subdread on Dread. For a quick check: compare the first six and last six characters of the address against the one displayed on this page. That pattern catches virtually every known phishing address deployed against major darknet markets, because grinding a matching 56-character v3 address is computationally out of reach for most attackers.

Why does Vortex have multiple onion addresses?

DDoS resilience. Darknet markets are frequent DDoS targets, and a single onion address is a single point of failure. Three mirrors running the same platform mean that a sustained DDoS on one address does not take the market down entirely. The mirrors share account data and order state — switching between them mid-session does not affect your account.

Can I bookmark a Vortex onion address?

Yes, and you should. But bookmark this directory page as your primary reference rather than the raw onion address. Address rotations happen after major infrastructure events. This page tracks the current set and reflects changes when they occur. A bookmark to the raw address breaks after a rotation. A bookmark here does not.

What happens if I visit a phishing Vortex link?

Phishing clones are pixel-accurate reproductions of the Vortex interface. They harvest credentials at the login or registration screen. Any deposit you send to a phishing site's wallet address goes to the attacker. Close the tab immediately if you suspect you are on a phishing site. Change your Vortex password and rotate your PGP key if you entered credentials. Interface appearance cannot distinguish the real Vortex from a clone — only the address can.

How often does Vortex update its onion addresses?

Address changes are infrequent and announced via PGP-signed posts on Dread before they take effect. The primary address has been stable for over a year as of April 2026. Mirror addresses change more often, typically as part of infrastructure refresh cycles. Check this page or the Vortex subdread on Dread for current addresses after any period of market inaccessibility.

Do I need an account to access Vortex?

You can browse listings without logging in. Registration requires a username, password, and PGP public key. The PGP key is mandatory — all login challenges are encrypted to it. There is no email-based recovery path. Losing the private key means permanent account loss. Generate the key before you register, and back it up to encrypted offline storage.

Is Tor Browser the only way to access Vortex?

Yes. The .onion protocol is only routable through the Tor network. Tor Browser from torproject.org is the standard client. For stronger session isolation, Tails OS (tails.net) boots from a USB and leaves no trace on the host machine. Whonix (whonix.org) routes all traffic through a Tor gateway VM, which blocks application-layer leaks even if the workstation is compromised.

What does the Vortex interface look like?

Deep purple background with a cyan accent bar at the top. The login screen displays a PGP challenge — a text area containing a PGP-encrypted message that you decrypt offline and enter the result. The dashboard shows a left sidebar with category navigation. The built-in exchange module is visible on the main dashboard panel. If any of these elements are absent or different, you are not on the real Vortex.

Ready to connect? Copy the link above.

The verified Vortexdnm access address is in the gateway section at the top of this page. Three addresses, three copy buttons. Pick whichever mirror responds first for you.

Back to gateway block