3 Active Mirrors

Vortex Market — All Verified .Onion Addresses

Q: Why does Vortex have multiple mirrors?

Vortex runs 3 mirrors to ensure uninterrupted access. Darknet services face regular DDoS attempts. When the primary address is under attack or temporarily unreachable, mirrors absorb traffic and keep the platform available. All 3 addresses connect to identical infrastructure — same listings, same escrow, same account. Think of them as 3 doors into the same building. If one door is blocked, you use another.

Q: Can I save a Vortex onion link to bookmarks?

Yes, and it's recommended. Tor Browser supports bookmarks. Save the primary Vortex address (bar47oi7dym5soxvaehmd2lt7jjw3gdoxekynyflx3jc5qfarsfyz2id.onion) along with at least one mirror. When Vortex address changes due to a scheduled rotation, return to this page to get the updated version. Do not rely on search results for updated links — phishing operators buy SEO.

Q: What if Vortex links aren't working for me?

Try the next mirror in the list. If all three fail, the issue is likely on your end: check that Tor Browser is updated and connected (the onion icon should show a circuit), try adjusting your Tor security level, or restart your Tor circuit. If the problem persists for more than 2 hours across all mirrors, check Dread's Vortex subforum — the team posts maintenance announcements there.

Q: How is this site different from phishing portals?

This directory links to Vortex, it is not Vortex. We don't collect credentials, process payments, or ask for registration. The addresses on this page are cross-referenced against Vortex's PGP-signed announcements. Phishing portals host fake login pages designed to steal credentials. You can verify our listed addresses independently using the 3-step verification process on this page — we encourage you to do exactly that.

Q: How often do Vortex addresses change?

Vortex does not rotate addresses on a fixed schedule. Address changes happen when: an address is suspected compromised, following a sustained DDoS campaign, or as part of infrastructure upgrades. When a change occurs, Vortex publishes a PGP-signed announcement on Dread. This page is updated within 24 hours of any canonical announcement. Bookmark this page to always have the current verified addresses.

Three PGP-authenticated addresses, cross-referenced against Vortex's signed announcements. One character separates the real market from a phishing clone. Copy below — don't type manually.

Verified .onion addresses

All three addresses are live as of April 21, 2026. Primary is the fastest. Mirrors absorb traffic during peak load and DDoS events.

Primary gateway Online · Apr 21, 2026

Loading...

Mirror 01 Online · Apr 21, 2026

Loading...

Mirror 02 Online · Apr 21, 2026

Loading...

Phishing alert

Vortex's purple and cyan design is widely copied. Phishing sites replicate it exactly — the login form looks identical. The .onion address is the only thing you can verify. Each address above is 56 characters of base32. One wrong character routes you to a fake platform. Copy using the button above. Never type manually.

What makes a Vortex link legitimate?

Not every .onion address claiming to be Vortex is Vortex. Phishing clones — some active since late 2024 — reproduce the purple and cyan interface in full, right down to the login form and the built-in exchange UI. The site looks identical. The address doesn't.

Vortex's visual identity can be copied in a few hours by anyone with basic web skills. The cryptographic signature behind a canonical link announcement cannot. That's the dividing line between a real mirror and a credential-stealing clone.

The PGP announcement system

Vortex publishes new or updated .onion addresses exclusively through PGP-signed announcements. Each is signed with Vortex's master PGP key, which has been published and cross-referenced across multiple darknet community threads since the platform launched in October 2023.

When Vortex rotates or adds a mirror address, the operators create a plain-text file containing the new addresses, sign it with their private PGP key, and post the resulting .asc file to their official announcement thread on Dread. Anyone holding Vortex's public PGP key can verify the signature in under 30 seconds.

Phishing operations cannot replicate this. They don't hold the private key. Any .onion address not backed by a valid Vortex PGP signature should be treated as unverified — regardless of what the site looks like once you connect.

The addresses on this page match the current PGP-verified canonical announcement. See the three-step verification process below to confirm this yourself.

Checking against Dread forum

Dread hosts Vortex's official subforum. This is where the development team communicates with the community, posts maintenance notices, and responds to reports of phishing or downtime. It's the closest thing Vortex has to a public-facing support channel.

To find the official thread: access Dread via Tor Browser. Search for the Vortex subforum. Look for posts by the verified Vortex moderator account — Dread moderator badges cannot be impersonated. The pinned link in the subforum header should match the addresses on this page exactly.

What to look for in the Dread thread:

Verified moderator badge on the account posting links
A pinned post containing a signed link announcement (.asc attachment)
Post dates consistent with Vortex's operational history (October 2023 onwards)
No suspicious redirects when following linked addresses

If the Dread subforum links don't match what you're looking at, stop. Don't proceed. Report the discrepancy in the subforum thread.

The one-character phishing attack

Here's exactly how it works. A phishing operator registers a hidden service with an address that differs from a legitimate Vortex mirror by a single character. The v3 onion address format uses 56 characters of base32 encoding. One substitution creates a completely different hidden service, routing traffic to an entirely different server with an entirely fake interface.

Hypothetical example:

bar47oi7dym5soxvaehmd2lt7jjw3gdoxekynyflx3jc5qfarsfyz2id.onion  ← verified
bar47oi7dym5soxvaehmd2lt7jjw3gdoxekynyflx3jc5qfarsfyz3id.onion  ← hypothetical clone

Spot the difference? Character 54: 2 versus 3. The sites look identical. Lose concentration for a second while typing manually, and you've handed credentials to a fake. This is why the copy button exists. Use it.

How to verify in 3 steps

You don't need to take this directory's word for anything. Vortex's PGP infrastructure makes independent verification possible in under five minutes. Here's the process.

Get Vortex's public PGP key.
Download the public key from Vortex's pinned Dread thread. Import it into your GnuPG keychain using gpg --import vortex-public.asc. Note the key fingerprint shown in the import output. Cross-reference this fingerprint against multiple references in the Dread thread. If fingerprints match across multiple independent sources, the key is legitimate.
Download and verify the signed announcement.
From Vortex's Dread subforum, download the most recent PGP-signed link announcement — it's an .asc file attached to the pinned post. Run verification:
```
gpg --verify vortex-links-announcement.asc
```
A valid result shows Good signature from "Vortex Market". If you see BAD signature, the file has been tampered with. Do not use any addresses from that file.
Compare addresses character by character.
Take each address from the verified announcement and compare it against what's shown in the code boxes above. They should match exactly — all 56 characters, including the .onion suffix. This check takes about 90 seconds per address. Do it once, save the result in your KeePassXC vault, and you won't need to repeat it until Vortex announces a rotation.

Cross-reference cadence: The addresses on this page are checked against Vortex's PGP-signed announcements weekly. The last check was April 21, 2026. If you find a discrepancy between what's shown here and a verified announcement, report it — it helps the community stay safe.

Mirror status

Uptime figures are tracked over a rolling 90-day window. Response times measured from a Tor exit node in Western Europe. All three addresses currently active.

Address	Status	90-day uptime	Avg response	Last checked
`Primary`	Online	99.3%	1.2s	Apr 21, 2026
`Mirror 01`	Online	98.7%	1.8s	Apr 21, 2026
`Mirror 02`	Online	97.8%	2.3s	Apr 21, 2026

Response times vary by Tor circuit quality. If a mirror shows significantly higher latency on your end, try requesting a new Tor circuit before switching addresses.

Vortex market network infrastructure diagram 2026

Common questions

Link-specific FAQ

Why does Vortex have multiple mirrors?

Vortex runs three mirrors to ensure uninterrupted access. Darknet services face regular DDoS attempts — coordinated traffic floods designed to knock a hidden service offline. When the primary address is under attack or temporarily unreachable, mirrors absorb traffic and keep the platform available. All three addresses connect to identical infrastructure: same listings, same escrow, same account data. Think of them as three doors into the same building. If one door is blocked, you use another. Rotate through the mirrors in order — primary first, then Mirror 01, then Mirror 02. If all three are down simultaneously, check privacy community sources for status updates.

Can I save a Vortex onion link to bookmarks?

Yes, and it's recommended. Tor Browser supports bookmarks in the same way regular browsers do. Save the primary address plus at least one mirror. When Vortex publishes a new canonical announcement — for example, after an infrastructure upgrade or following a prolonged DDoS campaign — return to this page to get the updated addresses. The bookmark to this directory page is more durable than bookmarks to individual .onion addresses, since addresses may rotate while this page stays current. Don't rely on search engine results for updated links. Phishing operators invest in SEO. Bookmark the directory, not just the .onion.

What if Vortex links aren't working for me?

Work through this checklist in order. First, try the next mirror. If Mirror 01 doesn't load, try Mirror 02. If all three fail, the problem is probably on your end. Check that Tor Browser is updated to the latest version — old Tor versions sometimes fail to resolve v3 onion addresses. Confirm you're connected (the onion icon in the toolbar should show a circuit). If connected, try requesting a new Tor circuit via the toolbar menu. If issues persist after a new circuit, try setting Tor to use bridges — some ISPs throttle Tor traffic. Visit Tor Project for bridge configuration instructions. If all three mirrors are unreachable for more than two hours despite a working Tor setup, check Vortex's Dread subforum for maintenance announcements.

How is this site different from phishing portals?

This site is a link directory. It links to Vortex. It is not Vortex. We collect no credentials, process no payments, and ask for no registration. The only thing this page does is display verified .onion addresses and copy them to your clipboard. Phishing portals host fake login pages — they look like Vortex but route your credentials to a third party. The distinction is structural: a directory points elsewhere, a phishing clone pretends to be the destination. You can verify the addresses on this page independently using the 3-step verification process above. We actively encourage independent verification. A site asking you to trust it is making a request. A site showing you how to verify it is making a different kind of statement.

How often do Vortex addresses change?

Vortex doesn't rotate addresses on a fixed schedule. Changes happen in three scenarios: when an address is suspected compromised, after a sustained and successful DDoS campaign, or as part of infrastructure upgrades. When a change occurs, Vortex publishes a PGP-signed announcement on their Dread subforum. This page is updated within 24 hours of any canonical announcement. Since launch in October 2023, there have been two documented address rotations. Bookmark this page and check it whenever you can't reach Vortex on a previously working address — that's usually the fastest way to get current links without any need to search.

New to Vortex? The access guide walks you through Tor Browser setup, wallet configuration, and your first connection.

Read the First Steps guide →