What is ToRReZ Market?
ToRReZ Market is a group of the “free internet” enthusiast, which decided to make a difference. ToRReZ is the first “Community Driven Market.” What does that mean?
They are open to our users for any suggestions, improvements, the feedback they might have while using ToRReZ. They are the first market with transparent RoadMap, where you can see what enhancements planned on the site. What is more, we have planned to implement the voting system, so it will be our community who decides in which direction ToRReZ development goes.
Unlike many other markets, ToRReZ decided to provide a truly safe environment for vendors and buyers. Their primary focus is to eliminate any possibility of causing any harm to users or vendors in case the market will get closed. That is why it encourages all users to use Multisignature payments if possible. ToRReZ also does not have any wallet system, which you can still find in some other markets. Instead, we have introduced the Simple Escrow System.
Because ToRReZ claims that they are Community Driven Market, a lot of resources and energy was put into a properly working support system and the market overall. ToRReZ are doing our best to serve every user in a timely fashion. They believe that none of the market users should be left with no response to their questions, concerns. Our main goal is to answer every query for up to 24 hours.
Nowadays, markets are mostly based on the same software, making it more recognizable and more vulnerable. ToRReZ takes a different approach and designed the whole market from scratch by themselved. What is more, ToRReZ puts a primary focus on the market’s usability – something that is forgotten recently.
ToRRez supports four cryptocurrencies for the moment:
For the moment, Monero is implemented in Simple Escrow Mode only.
To receive payments in Monero, the Vendor has to provide Monero address on settings page. The Buyer gets a new address with every item purchased. Then after ordering finalizes, we release funds from the address generated for Buyer to Vendor’s address, which we keep in Vendor’s settings.
For Monero, we use all addresses except integrated ones.
Bitcoin and Litecoin
We strongly recommend all Vendors and Buyers to get familiar with the Multisignatures system. It means that more than one key is required to authorize a BTC/LTC transaction. Because we use 2-of-3 Multisignature Application, Vendor and Buyer are always protected.
To receive payments in BTC/LTC, the Vendor has to provide BTC/LTC xPub, yPub, or zPub key. This is Extended Public Key we use to generate BTC/LTC address for every order.
After the Vendor provides us the Public Key, we can generate a new BTC/LTC address from Vendor’s wallet for every order. We strongly recommend creating a separate BTC/LTC wallet to use with the Market. It is much more safe for users to keep their private BTC/LTC separated from the one they use on the Market.
Buyer, while purchasing, needs to provide either BTC/LTC address for Simple Escrow order. While using Multisignature Escrow, we require the address and the corresponding public key. If the Buyer receives a refund from Simple Escrow order, we send the funds to the given address. In Multisignature Escrow, buyer or vendor has to sign and broadcast the transaction, which market will provide.
We support Zcash purchases with T-Addresses and Z-Addresses in Simple Escrow mode only.
To receive payments in Zcash, the Vendor has to provide the Zcash xPub key, which we use to generate unique Zcash address for each order.
For Z-Address support, Vendor has to enter Z-Address on settings page.
Buyer while purchasing, needs to provide either z-address or t-address. If the Buyer receives refund for any order, we send the funds to the given address.
How we manage security on the site
Security over the Tor network and on our market is our priority. We have spent an enormous amount of time to make sure that our environment is safe to use.
First of all, we encourage all Buyers and Vendors to use Monero. While Bitcoin is still the most popular cryptocurrency, it is not an anonymous one. We had seen so many cases when Vendors, Buyers, and markets got busted just because they were not careful enough when it comes to Bitcoin usage. That is why we actively promote Monero, which is the best solution to keep the transactions anonymous.
We are aware that most users still use Bitcoin. That is why we have decided to make it as secure and straightforward as possible.
We encourage Buyers and Vendors to use Multisignature transactions. This is the most secure method which lets Buyer and Vendor get protection in case of the market’s closure.
We strip all exif data from the photos. Also, we decide to remove as much information from the transactions on the site as possible. We do not provide any detailed time of operations and actions taken by Buyers or Vendors. All timestamps are removed from the site to avoid any attempts of profiling our users.
Because we respect every right for data removal, we implemented the “soft deleting” of accounts on request. If a Buyer or Vendor decides to leave the market, all we need is a request for account closure via the support system. All data associated with account will be safely deleted. The only one thing which will be left is the username – this will prevent opening new accounts under the same name.
After a particular time, we delete all the completed orders from history. That includes all the conversation attached to the order (like dispute, auto-delivery, digital items), so please make sure to save any needed data from your purchase.
We try to push all users to use PGP encryption. All Vendors are required to use PGP Key attached to their account before they can sell. We do not force Buyers to set PGP on their accounts, but we strongly recommend to do so.
Even that the market provides Google Authenticator integration, we strongly recommend switching to PGP Authentication. There are several reasons why every user should do that. First of all, PGP confirms the user’s identity. Also, the user can keep the keys to decode/sign the messages on a fully offline computer, which makes it much safer than using Google Authentication on mobile phoness.