I know, this is a looong goddamn piece, so if you want the TLDR it's posted at the bottom.
The rule changes being implemented as part of the management shake-up on DarkNetMarkets has stirred up an absurd level of drama and turmoil throughout this subreddit, and part of that drama relates to rules that force posters claiming "I'VE BEEN SCAMMED!!! VENDOR XYZ STOLE MY MONEY!!!" to use a higher standard of proof (on a personal note, I strongly support this update to the subreddit rules.) Practically ANY evidence will help to backup the claim of the putative victim. Message logs, screenshots, tracking #'s, etc. Even if the quality of the evidence is suspect, it's better than a long angry rant directed at the vendor.
As many of you have pointed out in the comments, much of the evidence being asked for is easily falsified. Chat logs in particular are incredibly easy to fabricate. It takes about 3 minutes to generate a bunch of bullshit text, then submit it as "evidence." What I'm proposing is a hypothetical solution for this longstanding problem. In essence, it boils down to this: using cryptographic signatures to validate the text being submitted as evidence.
Though this is a relatively straightforward concept, the use of PGP signatures would have to be carefully structured, otherwise there will be no point in using them. Here are a few examples of how PGP signatures will fail:
- The supposed victim posts some logs on reddit, and signs it with his own key. This would be completely meaningless, since the "victim" can sign whatever the hell he wants to.
- The victim posts a PGP signed JPEG file depicting a screenshot of messages between vendor and customer. Equally meaningless, for the same reasons noted above.
The solution to this issue is twofold: First, get market admins to use the market's own key to cryptographically sign a chat log, then the victim uses their key to sign the logs that were previously signed by the market. This double-signature method would ensure the following:
- Since the market has direct access to the relevant message history, the market signature ensures that nothing has been altered by the victim. If the victim tries to change a single character in the text, then the market PGP signature validation will fail.
- Since the victim has also signed, and if the signing key for the logs is identical to the public key that they have posted on their Reddit user page, then we can be certain that the victim and the customer shown in the chat logs are the same person.
If the signatures of both the market and the victim are successfully validated, the end result is credible documentation of communication between vendor and customer. Each double-signed log would contain the following information:
- The item/service that was bought
- The vendor name
- Timestamps showing when the purchase was made and when it was marked shipped
- If the transaction used on-site escrow, FE, or multisig.
There are some significant hurdles that would need to be cleared in order for this to work. I'm sure there are more, but here are a few that have occured to me.
Systematically protecting customer anonymity. Many DNM customers do not want a direct link between their Reddit aliases and their DNM usernames. Therefore: the DNM username gets redacted. We can still be certain that the Reddit user and the DNM customer in the logs are the same person, because they have the same public key. For obvious reasons, everything concerning the exact destination of the package would also be redacted, even if it's encrypted.
Convincing darknet markets to get involved. Market admins could remove themselves from the process of signing message logs if they create a script to perform the task. To minimize frivolous requests for signed logs, they could charge customers $5 for a market-signed transcript. Personally, if I was out $1,000 because some shady vendor ripped me off, I'd happily pay $5 for a validated transcript of all comms.
Encouraging both markets and customers to create separate keys for signing and encryption. This one isn't required, but I still believe that it's a good opsec policy to have a dedicated key for each task.
Keeping all communication on the market. Less scrupulous vendors might be uncomfortable with their message history becoming public knowledge.
If anyone sees weak points or faulty logic in my proposal, feel free to comment. If you like this idea, comment away. I'd be especially interested if anyone with a background in software engineering or web design could provide insight into how this could be implemented.
TLDR: Using the DNM key and the victim's PGP key to create solid, verifiable chat logs.
EDIT 1 Thanks everyone for the comments and input. Just to clarify: the idea that I'm putting forward in this post would primarily apply to orders that are going through dispute resolution channels on the market. Sure, most transactions simply involve a PGP encrypted address being sent to the vendor, the vendor shipping the product, and a few days later the customer gets an ounce of Jack Herrer in the mail. HOWEVER.....if 13 days have passed, nothing has arrived, the customer has sent 5 messages to the vendor and received silence in return.....then the customer being able to prove that they have been proactively seeking a status update on their order goes a long way toward supporting their scam accusation.
Tons of people buy without messaging the vendor first what do you do then