Security Guide
7 Rules
Critical
Complete operational security checklist for Torzon access. Device separation → PGP verification → wallet hygiene → phishing defense.
OpSec Levels
L1
Basic
- Separate browser profile
- Tor Browser only
- Manual onion typing
L2
Medium
- Dedicated device/VM
- PGP verification
- Single-use wallets
L3
High
- Live OS (Tails)
- Airgapped cold storage
- Full traffic analysis
Rule 1: Device Separation
Why Separate?
Essential
- Never use daily device
- No personal accounts/emails
- Browser fingerprint separation
Recommended Setup
Tails OS or Qubes VM
Rule 2: PGP Verification
Torzon Master FP
Verify This
ABCD 1234 EF56 7890 ABCD 1234 EF56 7890 ABCD 1234
Verification Steps
- Import key to GPG/Kleopatra
- Verify announcement signatures
- Reject unsigned torzon urls
Rule 3: Wallet Hygiene
Single-Use Wallets
New wallet per vendor/order. Never reuse addresses.
Small Amounts
Only deposit what you spend. No market wallet storage.
Monero Preferred
XMR > BTC for privacy. Use non-KYC exchange.
Rule 4: Phishing Defense
Login page different
ABORT. CLOSE TAB. NEW CIRCUIT.
Verify PGP fingerprint match.
Verify PGP fingerprint match.
Clicking onion links
Always type manually. Screenshot links = malware.
Mobile Torzon
NOT RECOMMENDED. Fingerprint leakage risk.
Network Threats
VPN + Tor (WRONG)
VPN leaks real IP to VPN provider. Use Tor only.
ISP DPI Blocking
Use obfs4/Snowflake bridges if Tor blocked.
Exit Node Snooping
Torzon uses onion services. No exit node needed.