Kerberos Technical Wiki

Darknet technology encyclopedia: onion routing, PGP cryptography, Monero RingCT, OpSec terminology, Tor consensus weights.

Network & Infrastructure

🟢 Onion Service v3

Second-generation .onion addresses (56 chars). Ed25519 host keys. Introduction 2021. Backward compatible with v2 clients via gateway.

🔒 Tor Consensus

Daily cryptographic agreement between 100+ directory authorities. Determines relay weights, flags bad nodes, computes circuit paths.

🌐 Hidden Service Descriptor

RSA-encrypted blob published to HSDir relays. Contains Intro Points + auth data. Rotates every 24h. v3 uses 2-of-3 multisig.

Cryptography

🔑 PGP / GnuPG

RSA-4096 asymmetric encryption. SHA512 hashing. Detachable signatures. Keyservers deprecated → direct .asc exchange recommended.

💰 Monero RingCT

Confidential transactions + Ring Signatures. Hides amount + sender via decoy outputs. Mandatory since 2017 RingCT v7.

🛡️ Ed25519

Edwards Curve 25519. 128-bit security. Used in Onion v3 + modern TLS. Constant-time implementation prevents timing attacks.

OpSec & Threat Models

📊 Correlation Attack

Traffic confirmation via timing/volume analysis. Global adversary (NSA) capability. Mitigated by traffic padding + circuit isolation.

🧬 Compartmentalization

Complete persona separation. Different VMs/bare-metal for clearnet/darknet. No shared wallets/identities/personas across ecosystems.

⚠️ Clipboard Hijacker

Monitors/replaces copied crypto addresses. Monero wallets include anti-clipboard protection. Verify ALL addresses visually.

┌─ Darknet Threat Matrix ──────────────────────┐
│ Global Passive  │ NSA/GCHQ  │ Full chain    │
│                 │            │ correlation   │
├─ Exit Node ─────┼────────────┼───────────────┤
│ Malicious       │ ISP/MITM   │ Session       │
│                 │            │ hijacking     │
├─ Phishing ──────┼── 67% ─────┼── Fake PGP ───┤
│ Mirrors         │ incidents  │ fingerprints  │
└───────────────────────────────────────────────┘

XMR Technical Details

# Monero Transaction Lifecycle
1. Primary → Stealth Address (one-time use)
2. RingCT: 11 mixins → Pedersen commitment
3. Dandelion++ stem phase (privacy)
4. Ring signature verification (2^n proof)
5. Bulletproofs range proof (amount hidden)

$ monero-wallet-cli status
Height: 3123456/3123456 (100.0%)
Wallet: 4AdkXq...z3nB7uP (~0.42 XMR)

Market Architecture

14-Day Escrow

Funds locked until PGP-confirmed delivery. Buyer/vendor mutual release. Arbitration via PGP-signed evidence.

PIN2FA

8-digit challenge-response. Server-side only. No TOTP apps (seed compromise risk). Reset via PGP-signed request.

Rate Limiting

IP/Tor circuit rate limits prevent DDoS/spam. Legit users unaffected. Clearnet mirrors have higher limits.