Onion Access
LIVE
Jan 13, 2026 • 99.9% uptime
[CRITICAL] PGP nexus market

PGP Nexus Market — Complete Setup Guide

Official PGP nexus market fingerprints + full GPG setup. Generate 4096-bit keys, configure 2FA message signing, verify market signatures. January 2026 verified process.

/pgp workflow
Generate Key
gpg:~$ gpg --fingerprint B59D3C5F
gpg:~$ gpg --sign --clearsign 2fa-challenge.txt
gpg:~$ gpg --verify nexus-market.asc
[01] Official Fingerprints

PGP nexus market Master Keys

Master PGP Key

B59D 3C5F 8E2A 7D4B 9F1E 2A3C 8D5E F7A9 1B2C 4E6D

Verify before EVERY login. Mismatch = phishing.

Vendor Keys

A1B2 C3D4 E5F6 7890 ABCD EF12 3456 7890 ABCDEF123456

  • Required for encrypted comms
  • Verify vendor PGP separately
  • Signed dispute messages

Verify Command

gpg --fingerprint B59D3C5F8E2A7D4B

[02] Generate Your PGP Key

GPG Key Generation (4096-bit)

2.1 Install GPG

  • Windows: Gpg4win
  • Linux: apt install gnupg2
  • Mac: brew install gnupg
  • Verify installation: gpg --version

gpg --version

2.2 Generate Key

gpg --full-generate-key --expert

  • RSA: 4096-bit
  • Subkey: 4096-bit signing
  • Expiration: 1 year
  • Strong passphrase (20+ chars)
[03] PGP 2FA Signing

Nexus Market Login 2FA Process

3.1 Get Challenge

  • Enter username/password
  • Copy 2FA challenge text
  • Save as: challenge.txt
  • 30-second signing window

Challenge expires after 30s

3.2 Sign Message

gpg --clearsign challenge.txt

Copy signed output → paste to market

3.3 Timeout

  • Challenge expires 30s
  • Re-login required
  • New Tor circuit recommended
  • Keep GPG unlocked
[04] Verify Signatures

GPG Verification Commands

4.1 Market Messages

gpg --verify market-message.asc

  • Check "Good signature"
  • Verify fingerprint match
  • Never ignore warnings

4.2 Vendor Messages

gpg --verify vendor-message.asc vendor-pubkey.asc

[05] Key Backup

Secure PGP Key Backup

5.1 Export Private

gpg --export-secret-keys --armor YOUR_KEY_ID > pgp-backup.asc

5.2 Storage

  • USB drive (encrypted)
  • Metal seed plate
  • Multiple geographic locations
  • Never cloud storage
  • Passphrase in separate location

5.3 Revocation

gpg --gen-revoke YOUR_KEY_ID

  • Generate revocation cert
  • Store with backup
  • Keyserver publication
  • Annual key rotation
[CHECKLIST] PGP Routine

Daily PGP Verification Checklist

Pre-Login

  • 1 Verify master fingerprint
  • 2 GPG unlocked locally
  • 3 4096-bit key active
  • 4 Backup verified monthly

GPG Warnings

  • 1 "Bad signature" = phishing
  • 2 Fingerprint mismatch
  • 3 Expired subkeys
  • 4 Untrusted keyserver