All links on this page are verified against WeTheNorth's official PGP public key. Always verify signatures before accessing any mirror. Use Tor Browser exclusively — never clearnet browsers.
Use this PGP public key to verify the authenticity of signed messages from WeTheNorth Market. Any announcement, mirror link list, or canary update from the market should be verifiable against this key. If verification fails, the message is fraudulent.
gpg --verify signature.txt against any signed announcement.
A valid signature confirms the message originated from WeTheNorth admins.
XMR dominance is increasing year over year as privacy awareness grows among market participants.
Follow these steps precisely. Skipping any step compromises your anonymity. This guide is for informational and educational purposes only.
Visit torproject.org and download the latest Tor Browser for your operating system. Verify the cryptographic signature of the installer against the Tor Project's signing key before installing. Never download Tor from third-party sites.
Open Tor Browser → Click the Shield icon → Select "Safest". This disables JavaScript, which is both unnecessary for WeTheNorth and a significant fingerprinting risk. The market's interface works without JS by design.
Connect to a no-log VPN before opening Tor Browser. This prevents your ISP from seeing that you're using Tor, which can draw attention. Use a VPN that does not require personal information and is paid with cryptocurrency. VPN + Tor adds a layer; Tor alone is also acceptable.
Before typing or pasting any .onion URL, check it against the PGP-signed link list on the PGP tab above. Import WeTheNorth's public key and verify the signature file. If verification fails — stop immediately, the link may be fraudulent.
Copy one of the verified links from the Mirror Links tab, paste it directly into the Tor Browser address bar, and press Enter. Do not type the address manually — v3 onion addresses are 56 characters and a single typo leads to a phishing site or dead link.
Register with a username that is completely new and unique — not used on any other service. Use a strong, randomly generated passphrase (not a dictionary word or personal reference). Enable 2FA if the platform offers it. Do not use an email address for registration.
Generate a new PGP keypair using GPG, Kleopatra, or Tails OS. Upload your public key to your WeTheNorth profile. When placing orders, always encrypt your delivery address to the vendor's PGP key. Never send personal information in plaintext.
Purchase XMR through a privacy-respecting exchange (ideally one that doesn't require KYC). Send XMR to your WeTheNorth wallet address. XMR transactions are cryptographically private — unlike Bitcoin, they cannot be traced through blockchain analysis. See our full XMR guide.
After first successful access, bookmark the .onion URL in Tor Browser. For future sessions, use only this bookmark — never search for WeTheNorth on clearnet engines or click links from forums, chat apps, or emails. These are the primary phishing vectors.
The link above is the current official WeTheNorth Onion address, verified against the market's PGP public key. Only this address should be used to access the platform — any other URL claiming to be WeTheNorth should be treated as a phishing attempt until independently verified with PGP.
V3 onion addresses (introduced in Tor 0.3.2) provide significantly stronger cryptographic guarantees than the older v2 format. They use 56-character addresses derived from Ed25519 public keys, making brute-force guessing computationally infeasible and raising the bar substantially against man-in-the-middle attacks.
The WeTheNorth Darknet platform's PGP-signed canary system means that even if this page were compromised, an attacker could not silently substitute a fraudulent link — because any legitimate WeTheNorth link announcement must be verifiable against the market's published PGP key. This is the gold standard for anti-phishing in the darknet ecosystem.
For further reading on safe market access, visit our OPSEC guide and anti-phishing page.