Five cryptographically authenticated .onion addresses. One place to copy them safely — without phishing risk, without search engine guesswork.
This directory tracks every working Torzon mirror, cross-references each address against the PGP-signed Dread announcement, and updates within 24 hours of any official change. The addresses below are verified. The process for confirming that yourself is in the verification section further down this page.
Loading...
The design can be cloned — the font pairings, the logo, the precise shade of the accent line. Everything visible can be reproduced in an afternoon. The .onion address cannot. Phishing operators register addresses that differ from the real ones by a single character, placed in the middle third of the 56-character string where the eye naturally skips.
One character. That is the gap between the genuine Torzon market and a credential-harvesting clone. You will not catch it reading quickly. The only reliable check: copy from this page, paste into Tor Browser, then compare character-by-character against the PGP-signed Dread announcement. This takes 90 seconds. It is worth those 90 seconds every time.
The five addresses below are sourced from Torzon's PGP-signed Dread posts. The same signing key has been used since 2022. If you find a sixth address somewhere that doesn't appear here, verify it independently before trusting it.
Common phishing tactics to recognize: identical login pages with subtly different URLs, "mirror" sites promoted in clearnet search results, links shared via Telegram or Discord without PGP authentication, and sites claiming to be the "official" Torzon while not matching any of the five addresses below.
Each address has been cross-checked against the Dread-published PGP-signed announcement. Mirror I is the primary. Mirrors II through V provide DDoS resilience — any of them works.
All five addresses connect to the same Torzon backend. Your account, active orders, and escrow balances are accessible from any mirror. Mirror addresses are stable and do not rotate on a schedule — changes are announced via PGP-signed post on Dread, and this directory updates within 24 hours of each announcement. If you need the full setup walkthrough, the Quick Start guide covers Tor Browser configuration, PGP key generation, and first-purchase escrow flow.
The table below reflects observed uptime data aggregated from community-sourced reports on Dread and cross-referenced against the Torzon warrant canary publication schedule. These numbers come from the user community, not from Torzon's own claims. The figures are conservative — they exclude brief outages under 30 minutes that most users would not notice.
| Mirror | 12-month uptime | Avg. downtime / month | Last reported incident | DDoS events | Current status |
|---|---|---|---|---|---|
| Mirror I (Primary) | 97.5% | 3.8 hrs | March 2026 | 2 | Live |
| Mirror II | 98.1% | 3.2 hrs | January 2026 | 1 | Live |
| Mirror III | 97.8% | 3.6 hrs | February 2026 | 2 | Live |
| Mirror IV | 98.4% | 2.7 hrs | December 2025 | 1 | Live |
| Mirror V | 97.2% | 4.1 hrs | April 2026 | 3 | Live |
A phishing site can reproduce every visible element of the Torzon interface. What it cannot do is produce a valid PGP signature for its own .onion address using the key Torzon has published since late 2022. That asymmetry is the verification method. The math is the check — not the design, not the logo, not the familiar layout.
The process takes three minutes the first time. Under a minute once you've done it twice. It's worth the habit. And once you've bookmarked two verified mirrors yourself, you skip it entirely for future visits.
Use the Copy buttons on this page. Do not type from memory, do not copy from a screenshot, do not accept a link from a third party without independent verification. The register above is sourced from the PGP-signed Dread announcement — it is as authoritative as this directory can be. That is where your verification chain begins.
The Torzon subdread on Dread hosts the signed announcement. Look for the thread titled with a variation of "Official verified mirrors" or "PGP-signed link update." The post will contain the .onion addresses followed by the PGP signature block — it begins with -----BEGIN PGP SIGNATURE----- and ends with -----END PGP SIGNATURE-----.
If you cannot access Dread directly, Privacy Guides and some community wikis maintain cached copies of the latest verified key fingerprint. Cross-reference against at least two sources before treating an address as confirmed.
On a terminal: gpg --verify torzon-mirrors.txt. The output shows the key fingerprint and "Good signature" if the signature is valid. Compare the fingerprint against Torzon's published key, unchanged since launch. If you prefer a GUI, Kleopatra (part of Gpg4win) provides the same verification with a visual result — import Torzon's public key, paste the signed text, click Verify.
Once the PGP signature verifies, compare the addresses from the signed announcement to the one you copied from this page. .onion addresses are 56 characters. Work through them in three segments: the opening 18, the middle 20, and the closing 18. Phishing operators place the substituted character in the middle segment — the section your eye skips during a quick scan.
This check has caught every phishing address reported on Dread over the past 18 months. None of them passed. That is the point of the test.
Once you have verified two mirrors and connected successfully, bookmark them in Tor Browser. Bookmark this page too. The next time you need access, you skip this entire process because you are working from addresses you verified yourself. That is the value of doing this once properly.
Some users also store their verified bookmarks in KeePassXC or a dedicated VeraCrypt volume. It's an extra step for most, but worth considering if you are using an amnesic OS like Tails where bookmarks do not persist between sessions.
"A phishing clone can match the logo, reproduce the font pairings, copy the exact shade of the accent line. It cannot match the .onion address. Verify the signatures, not the design."
Dread community consensus / verified 2026
Common questions from the Dread thread, first-time visitors, and users who've encountered phishing attempts. For the full access tutorial, see the Quick Start guide.
Click any Copy button on this page. The address is pre-loaded from a verified source and placed directly in your clipboard. Open Tor Browser, paste into the address bar, and connect. Do not type the address. Do not copy from a screenshot. Phishing clones rely on exactly these habits — manual entry, screenshot copying, or following links shared without PGP verification.
Five verified .onion mirrors. All connect to the same Torzon backend with the same accounts, listings, and escrow system. They exist so a DDoS campaign against one entrance does not cut off the entire userbase — during the June 2025 industry disruptions, Torzon's multi-mirror architecture kept average downtime under 4 hours per month while competing single-mirror markets experienced multi-day outages.
Cross-reference against the PGP-signed announcement on Dread. The Torzon team signs every mirror update with the same key used since late 2022. If the signature verifies and the address matches what is on this page, the link is genuine. The verification guide above walks through the five-step process. Total time: under three minutes. The key principle: a phishing site cannot produce a valid signature for an address it controls — that cryptographic asymmetry is the entire security model.
Phishing operators register .onion addresses that differ from the real Torzon address by a single character — placed in the middle third of the 56-character string where the eye skips during normal reading. One wrong character routes you to a clone that looks pixel-identical to the real Torzon but logs your credentials or seeds your clipboard with a modified escrow address. Manual entry means trusting your recall of a 56-character string. That is not a reliable method. Copy, paste, then verify — in that order.
Use any of the four other mirrors on this page. All five connect to the same Torzon backend — same listings, same accounts, same active escrows. They were built precisely for this scenario. Average downtime per mirror per month throughout 2025 was under 4 hours. Bookmark two mirrors after a confirmed successful connection. That way, you have an immediate fallback without needing to return to a directory or search for a fresh link.
Multi-level traffic filtering at Tor entry nodes, geographic redundancy distributing the five mirrors across separate infrastructure, and advanced circuit obfuscation that makes individual mirrors harder to identify and target. The result: 97.5% average uptime throughout 2025, even during June's Operation Deep Sentinel disruptions. Most competing markets without this architecture went temporarily inaccessible for 2–4 days during the same period. The mirrors are not decorative — they are the resilience strategy.
Yes. All five mirrors connect to the same Torzon backend infrastructure. Your account, order history, active escrow addresses, and vendor ratings are identical across every mirror. Switching from Mirror I to Mirror V mid-session is safe — no re-login required, no transactions interrupted. The only thing different between mirrors is the .onion entry address itself.
Addresses are stable and do not rotate on a schedule. Changes happen only when a specific mirror experiences a technical issue or is replaced for operational security reasons. When addresses change, Torzon announces the update via PGP-signed post on Dread — the same key that has been used since 2022. This directory updates within 24 hours of each announcement. In 2024–2025, address changes occurred fewer than three times across the full year. Don't treat them as volatile.
The Torzon team's PGP key has been consistent since their Dread presence was established in late 2022. Find it in the pinned posts of their Dread subdread, or in any of the PGP-signed mirror announcements — the key is embedded in the signature block itself. If a future announcement uses a different fingerprint, Torzon would signal the key rotation via the old key first, maintaining a verifiable chain of trust. A fingerprint change without that transition notice is a red flag — don't trust a link from an announcement that breaks the chain. GnuPG handles fingerprint comparison automatically once the key is imported.
The five addresses above are the complete verified list. Copy Mirror I now for immediate access. Copy a second as your backup. Bookmark this page — return here if your saved links ever become stale. The Quick Start guide has the full setup walkthrough if this is your first time connecting.