Today I was meditating about online OPSEC and I figured out some of the reasons with you should NOT use Alphabay's, or any other market's, auto-encrypt feature when submitting your address to your vendor.
The purpose of using PGP yourself is because it is secure as an END to END encryption that doesn't depend on any third party. The message is encrypted before you even transmit any data via your internet connection, and anything that goes over the network is PGP encrypted all the way to the vendor's computer when he decrypts your message using his private key. However, if you use a market's auto-encrypt feature, this doesn't apply anymore. Two reasons why this is not secure.
First, your computer is going to send your message over your internet connection in clear text, all the way to Alphabay's hidden server. Granted, it will still be encrypted as part of TOR's default encryption, but it won't be PGP encrypted as an extra layer of protection. This is the first not-so-secure thing.
Second, who knows if the markets don't keep some log or backup copy of your cleartext message before encrypting it with the pgp key and submitting it to your vendor. As such, this entire auto-encryption process may be completely useless if there is any trace of your cleartext message left on the market server.
I kept it nice and sweet. Stay safe out there.
The way I explained it to someone is that you and the vendor are kids in school writing personal notes to each other. You have different schedules so you use a courier to pass the notes. If you don't seal the note in an envelope, you dont know what the courrier might do with it. they can xerox it, show it to other people, or just be plain stupid and read it before getting it to the other person.
same with you, ab, and vendor. You can write whatever you want, if you don't encrypt (seal the letter), ab and their server might do what you dont want it to do.