Full guide: How to access I2p sites & Use TheMarketplace.i2p


Note: TMP Does not exist anymore, but this tutorial was left as an I2P usage guide.
This Amazing Guide was posted on reddit by the username: moonsh00t All The Credit goes to him!As It was listed on the Guide that the License is BSD we believe it would be a great service to give this guide more publicity outside Themarketplace.i2p subreddit and that the hard to follow formatting should be fixed, so its our pleasure to reformat it (a bit) and post it here – The OP and updates can be found On This link

Contents


  1. Legal Disclaimer
  2. Versioning
  3. Terminology & Abbreviations
  4. Prerequisites
  5. Concepts
  6. Installation & Configuration
  7. Refunds
  8. Selling on The Marketplace
  9. Finalising transactions outside of The Marketplace
  10. Transaction String Formatting

Legal Disclaimer

This guide is intended to outline the functional aspects of The Marketplace site. It should only be used to assist in the acquisition or resale of goods and services which you are lawfully permitted to purchase or engage in. Basically; don’t do anything naughty and if you do and Santa finds out, it’s on you. License: BSD – do whatever you want with it.

Versioning

Version Comments
0.1 Basic guide. Needs expansion on what to do when things go wrong and finalization etc
0.2 Improved guide with end-to-end Seller tutorial. Needs expansion on what to do when things go wrong; disputes and refunds
0.3 Full tutorial on how to claim a Refund. Improved the buyers guide slightly.
0.4 End-to-end detail on how to claim a payment without TMP’s involvement. Other miscellaneous corrections.
0.5 Tutorial on installing and configuring TAILS with persistent storage, Electrum and TMP’s Electrum plugin. Other miscellaneous corrections.
0.6 New, more sane Tails setup

Terminology & Abbreviations

Term Meaning
TMP The Marketplace
BTC Bitcoin

Prerequisites

The following guide describes how to connect to and place your first order. Note: The Marketplace is on I2P which is slow compared to TOR, if you get timeouts, just refresh until it connects. The situation should improve as usage grows. This guide assumes you are configuring from scratch for a Windows system. The following software will be installed and used. You should download these pre-requisites to a folder on your hard-disk (E.g. C:\temp\tmpsetup\) before continuing.

Concepts

The Marketplace is conceptually pretty different from the other markets out there. Other darknet markets are basically giant online wallets into which buyers transfer Bitcoins before they go shopping. Once the buyer has received their goods, they permit the darknet market to release the funds to the seller who must then withdraw them. Once of the biggest disadvantages of this approach is that both the seller and buyer need to trust the darknet market to not:
  • collapse; or
  • walk away with all the money stored on the platform
for the duration of the transaction. When either of these eventualities occur, it can be very expensive and frustrating for both buyers and sellers. TMP goes some way to addressing these concerns using what’s called multi-signature transactions. Multi-signature transactions allow all the parties involved in handling the money (so that’s the buyer who is paying, the seller who is to be paid for the goods and the darknet market that wants their fee for providing a website to do all the business on), to always retain some control over the money for the duration of the order.

An Order Overview

To accomplish this, the buyer, the seller and the darknet market agree on a single use Bitcoin Address (the Bitcoin Deposit Address) into which the buyer will deposit the Bitcoins necessary to pay for their order. This agreement is reached by the repurposing of Bitcoin Addresses (the ones you are normally familiar with using to deposit your Bitcoins too), to act as keys to the agreed Bitcoin Deposit Address. Each participant (that’s the buyer, the seller and the darknet market) generate a Bitcoin Address which they use as a key to the Bitcoin Deposit Address. For anyone to move any of the Bitcoins out of the Bitcoin Deposit Address, it requires that at least two of the key holders authorise it. Once a buyer has received their order, they will mark it as Finalized on the TMP website. TMP then effectively inserts their key (creates a transaction signed with their key) into the Bitcoin Deposit Address used for the order and asks the seller to do the same. Once the seller inserts their key (signs the transaction), the Bitcoins held in the Bitcoin Deposit Address can be moved to the sellers nominated Bitcoin Address (E.g. a blockchain.info wallet, a BTC exchange etc) by broadcasting the signed transaction to the Bitcoin network. And that’s the magic. Unlike traditional darknet markets (Pandora, BlueSky etc), if TMP staff turned bad and wanted to steal the Bitcoins in a Bitcoin Deposit Address, they would also need either the buyer or the seller for every in-progress order to also sign off. If none of the parties agree, the Bitcoins will just sit in the Bitcoin Deposit Address for eternity but it also means that a buyer and a seller can get together completely outside of TMP and release any Bitcoins stored in Bitcoin Deposit Addresses to which they both hold the keys.

TMP Service Fees

Those who have been paying attention may be wondering where TMP receives its fee in all this? Well, when TMP creates the transaction that both it and the seller will sign to release the Bitcoins held in the Bitcoin Deposit Address, the transaction contains two output Bitcoin Addresses. One is the sellers nominated Bitcoin Address and a second is a Bitcoin Address owned by TMP which is where their fee goes. The transaction that TMP creates and asks the seller to sign can be decoded and inspected to check the proportion of Bitcoins they’ve allocated to themselves from the Bitcoins held in the Bitcoin Deposit Address before sign-off. Once the seller is happy, signs off and broadcasts the transaction to the Bitcoin network, everything is final and each party gets their share of the Bitcoins stored in the Bitcoin Deposit Address.

Declined Orders & Order Cancellations

When a buyer cancels an order that’s in progress or an order is declined by a seller (E.g. no stock etc), the process is the same as that of a seller signing off except that in this instance it is the buyer who signs-off to release the Bitcoins stored in the Bitcoin Deposit Address. TMP will ask the buyer to provide a Bitcoin Address they want their refund sent too, and then automatically create and sign the transaction (insert their key). The transaction is then passed to the buyer, who then signs off (inserts their key) and broadcasts the transaction to the Bitcoin network.

Order Disputes

Finally, in the unfortunate scenario where a buyer and a seller enter into a dispute (all toys out of the pram), TMP will propose a solution (For example; 50% of the Bitcoins held in the Bitcoin Deposit Address to the buyer, and 50% to the seller). Provided at least the buyer *or* the seller agree to this, TMP will then sign the transaction and submit it to either the buyer or the seller for sign-off and broadcasting to the Bitcoin network. The Bitcoins will then be distributed as agreed.

What if The Marketplace disappears?

The beauty of TMP is that they are not required to release Bitcoins stored in Bitcoin Deposit Addresses provided the buyer and the seller can get in contact with each other and agree on a transaction. It may therefore be a good idea for buyers and sellers participating in regular or large transactions to provide alternative contact details for each other so that in the event of a service outage, any outstanding orders can be finalized and the Bitcoins released. Note: In this instance either the buyer or the seller would need to create and sign a transaction which the opposite party (buyer or seller) would also need to sign-off on. Either party could then broadcast the signed transaction to the Bitcoin network. Creating a raw transaction to finalize without TMP is covered in this section of the guide: Finalising transactions outside of The Marketplace. You may also (if you are technically minded) want to read up on raw transactions and that information can be found here: Raw Transactions.

Installation and Configuration

For Windows



  1. Double click the I2P software installer (i2pinstall_0.9.9_windows.exe)
  2. Press [Next] until you reach the pack installation choice window
  3. The default option Base will be checked, but you also have the option of installing I2P as a Windows Service. This means it will automatically run in the background whenever you start your computer and you will always be participating in the I2P network. If you intend to be a frequent user, you may wish to consider this option for two reasons:
    • A) Everyone who uses I2P provides routing services and bandwidth for everyone else – e.g. in the same was as you upload a torrent when you’re not downloading to help others, if you are always connected to I2P you help make the network faster for everyone else.
    • B) Plausible deniability. If you are always connected to I2P, regardless of whether you are using it, your traffic cannot be so easily categorised as unique by malicious entities. For example, in the recent Harvard Bombscare the perpetrator was caught because Law Enforcement worked out how many unique users were on the TOR network at the time, and paid each one of them a visit. The perpetrator had only logged on to TOR briefly during the period identified by LE, and therefore stuck a huge red flag on himself. If you are always connected to I2P, it would be significantly more difficult to accuse you of using it for less than legal purposes…assuming you did, which of course you wouldn’t.
  4. Press [Next] through all the remaining steps and [Done] once the software has installed 
  5. If you have opted to install I2P as a Windows Service you will stop the service for the purposes of this tutorial. This ensures you can check for errors. If you have not opted to install as a Windows Service, skip to the next step.
    • A) Start->Run->type: services.msc and press [Enter]
    • B) Scroll down until you find I2P Service
    • C) Right click and select Stop
    • D) Close the Services window
  6. Click Start and navigate to I2P shortcuts menu and click Start I2P (restartable). The I2P software will now start.
  7. You will be presented with the I2P command box:
  • followed shortly by your default browser opening with the I2P web interface:
7-At this point it takes I2P several minutes to initialise and find the necessary connections to other participants in the network. Click the I2P logo in the top left hand corner (market in red in the screenshot below) to change the management bar to reflect the details of your I2P connection. You may need to click twice before the full management view is visible.

Once the management bar is visible look down and once you see Network: OK (in the green box in the above screenshot), you are connected to the I2P network. The lower box that says “Rejecting tunnels: starting up” will eventually change to “Accepting tunnels”. You can optionally wait for this stage if you want to ensure you are a full participant in the I2P network. It can take about 30 minutes. 8. Now that I2P has loaded, you need to configure your browser in order to access the marketplace. As indicated in the pre-requisites, we’ll be using Mozilla Firefox. The next stage is therefore to install Mozilla Firefox and the QuickJS and FoxyProxy extensions. 9. Once you have installed Mozilla Firefox and the extensions, you should see two new icons in the browser:
10. Click the FoxyProxy icon to bring up the configuration window:
Ensure the window looks like the screenshot above and select Add New Proxy from the menu on the left side. When the Proxy Settings window is displayed, choose the Proxy Details tab and enter 127.0.0.1 in the Host or IP Address box and 4444 in the Port box:

Click the URL Patterns tab and click Add New Pattern. Choose a Pattern Name of I2P and in the URL pattern box enter *.i2p*. Click OK
Click [OK] to return to the configuration window. It should now look like this:
 Click [Close].
  1. You are now configured to connect your Mozilla Firefox browser to I2P. The penultimate stage is to check that JavaScript is disabled. The QuickJS icon should be clicked until it represents a broken wheel (hovering over will show that this is JavaScript disabled mode):
  2. In the address bar of Mozilla Firefox enter http://themarketplace.i2p – The I2P network will then wander off to try and route your connection. It is likely that you will receive a window saying Warning Eepsite Not Found in Addressbook. When this appears, click the stats.i2p jump service link. 
 When this returns, you should receive a Success window like the one below.

You will be automatically directed to save the address to your router configuration (see screenshot below), when this window displays choose Save themarketplace.i2p to router address book and continue to eepsite. It may take several attempts to get this process to happen. You only need to do this once though, when you navigate to http://themarketplace.i2p in future, it should route you directly. 

Finally, you will reach your goal – The Market Place


  • Select the [Register] button to begin the registration process. As part of this process you will need to supply a PGP encryption key. This ensures that all correspondence between you and any other vendors of the site is encrypted. If you have already got a PGP public key, you can paste it in here and skip past the following steps, if not – you need to install the GPG4Win 2.2.1 package listed in the prerequisites and follow the instructions below to create your key.
  • Install the GPG4Win 2.2.1 package – as part of this process ensure you check the box to install GPA, and once installed select Start->GPA icon from the start menu. This will launch the GNU Privacy Assistant which you will use to encrypt and decrypt any communications and generate your initial PGP public key.
  • When GPA starts for the first time it will ask you if you wish to Generate a Key or Do it Later. Choose Do it Later and navigate to Keys menu and choose New key….
  • When the Generate key wizard displays, enter your username that you intend to use on The Marketplace
  • Click [Forward] and enter a fake email address of {THE-MARKETPLACE-USERNAME}@themarketplace.i2p, E.g. tmptestaccount@themarketplace.i2p. Click [Forward].
  • At this stage you can optionally create a backup of your key. This is recommended and you should store the backup on a secure USB stick that only you have access to. This means if you encounter a hardware failure or other problem, you can always decrypt communications for your The Marketplace account, especially important if you’re a vendor. Click [Forward]
  • Finally, you will be prompted for a passphrase. Ensure its a memorable, strong password – you will need to use it every-time you want to decrypt a communication.
  • You’ve now created the keys you need for your The Marketplace registration, now to export the keys. Right click your new key and select Export Keys… from the menu
  • You will be prompted to save the public portion of your key (this is the bit you can circulate to anyone so they can encrypt communications for you) to a file. Choose a location on your hard disk E.g. c:\temp\tmp\mypubkey.txt
  • Start Notepad (or your favourite text editor) and open the newly saved public key file. Copy the text content from the file into the The Marketplace registration form and complete the registration process.
  • You will now be logged in. Click the Products link from the menu bar and shop for some legal, medicinal remedies. Once you’ve chosen, lets cover how you actually pay for your item… Navigate to your cart and click the [Checkout] button


  • Your order will now be created and require payment. The Marketplace is unique in that it requires multi-signature transactions, which basically means that you, the vendor and TMP Staff all have keys to your transaction, but in order for any one person to claim it, two of you have to agree. This ensures that the TMP staff can’t walk away with your (or the vendors) money. It would require either collusion between the TMP staff and the vendor, or yourself – either way, the potential damage is limited. On the screen under Order requires payment choose Please click here to create the escrow address 

    You will now be requested to enter the Public Key that will be used to create the new wallet to which you will send funds. The terminology says “wallet”, but what it actually means is: “create a new Bitcoin Deposit Address that is unique to this order and to which you will pay your Bitcoins”. Each order will involve creating a different Bitcoin Address, unique to that order into which you will deposit your cash to pay for your order.

    When you are presented with the Create escrow address window, you need to create a Public Key which is used – along with the vendor and TMP Staff’s public keys – to create a unique Bitcoin Address into which you will deposit your money to pay for your goods. This sounds confusing, but what you are basically doing is providing your part of the key in this multi-signature transaction. So, to do this you need to generate a public key. Navigate to https://www.bitaddress.org/ to generate a new Bitcoin Address (NOTE: This Bitcoin Address is nothing to do with your order, it’s just an easy way to generate a public and private key. So don’t accidentally deposit funds to it). Once you generated your Bitcoin Address, it should look something like this: 

    1. The only bit you are interested in is the Private Key. Copy the Private key value into a text file somewhere and keep it safe DONT LOSE IT. You will need it to authorise or finalise the order or in the case of a dispute.
    2. Now you need to get the Public Key. On https://www.bitaddress.org/ copy the Private Key to your clipboard and click the Wallet Details tab. Here, enter the Private Key and click the [View Details] button.
    3. Highlight the Public Key (130 characters [0-9A-F]): value and copy it to your clipboard.
    Return to The Marketplace and paste this into the Public key (SEC) box and click [Create escrow address]

    Your single use Bitcoin Deposit Address will now be created:

    Send the exact amount required to this address using the Bitcoin QT client (or Electrum if you are using it) and record the transaction ID. To do this, open Bitcoin-QT and click the [Send] button. Copy the details carefully from The Marketplace order window and send the required funds. You can use the Label: field if you are using Bicoin-QT to record the Private Key you generated in Step 24 for your order (it’s only visible to you). This makes it easier to find the key you need in the event of a refund you need to claim. The format {FRIENDLY-LABEL} – PRIV KEY: {REPURPOSED-BTC-ADDRESS-PRIVATE-KEY} ADDRESS: {REPURPOSED-BTC-ADDRESS} works well.

    1. Once the funds have been sent, you need to retrieve the transaction id so that The Marketplace knows that you’ve paid. In Bitcoin-QT, click the [Transactions] button, simply highlight the recent transaction you’ve just made, right click and select Copy transaction id. The transaction will be copied to your clipboard.
    2. Return to The Marketplace and paste the transaction ID into the box and click [Record transaction]. Note: Ensure you strip off the “-000″ that Bitcoin-QT appends so for example: 8512e2728ca2153be0809d1252ecd8dfc6833a53fbfe1f8ba6f64ae19eaed663-000 you remove the -000 so it’s just 8512e2728ca2153be0809d1252ecd8dfc6833a53fbfe1f8ba6f64ae19eaed663 before clicking [Record transaction].

    The Marketplace will now take over and monitor the transaction. Once it reaches the required number of confirmations, it will be forwarded to the vendor for processing. Note: You can cancel the transaction even after it has been paid but before it has been passed to the vendor. For more information on refunds and how to claim one, see the Refunds section. But we’re not done quite yet! Finally, you need to set your address so the vendor knows when to send your order. Click the [Set Address] button.

    You now need to encrypt your delivery address, and send it to the vendor. In the top right hand of the screen, click the [View vendors PGP Key]

    A new window will open and inside will be the vendors PGP public key, which you use if you want to send them any correspondence. Copy the text contents of this window to your clipboard, open Notepad (or your favourite text editor), paste it in and save the file to somewhere on your hard-disk, E.g. C:\temp\tmp\myvendorpubkey.txt

    1. You can close the browser tab once you’ve saved the key. Just keep the tab that requires your delivery address open.
    2. Now to import the vendors key into GPA. Click Start->GPA icon from your start-menu to start GNU Privacy Assistant.
    3. Click the [Import] button on the toolbar, and navigate to where you saved the vendors public key you just copied from your browser. The key will be imported and you should see it listed:
     Each vendor will have their own key. This ensures that if The Marketplace is ever breached, any communications intercepted between vendors and buyers are effectively unreadable. Click the Clipboard button. The GNU Privacy Assistant – Clipboard is where you encrypt any communications to vendors and decrypt any communications in messages sent to you. Enter your delivery address in the window
    Once you have entered it, click the [Encrypt] button and choose the vendors key. The text will be replaced by the encrypted version which can only be decrypted by the intended recipient (your vendor in this case).

    Copy this encrypted text to your clipboard and paste it into The Marketplace Update address window and click [Submit].

    That’s it, your order is now with the vendor. In due course you should receive your order. When you do, you need to login to the site to finalize

    You will now be prompted to leave a review (which you should do for the benefit of other potential customers) and the order life-cycle is complete. If you were unfortunate enough not to receive your order, or have another issue with the buyer, you can open a Dispute. This is covered elsewhere in this guide.

    Order Refunds (Order Cancelled, Order Rejected)

    Refunds are the mechanism used by TMP to return Bitcoins to a buyer who has:
    • paid for an order but decided to cancel it; or
    • had a paid order cancelled by a seller
    For any order that has been paid but that has not been Approved by the seller, the buyer will be able to claim a refund. Lets cover the process step-by-step from the buyers perspective. NOTE: If you are experimenting to understand the refund process, you will need to use some Bitcoins (the process isn’t risk free). If you are a seller, you can create and purchase one of your own products (See Selling for more information). If you are just an average, curious buyer – find a suitable cheap product from a listed vendor and just [Cancel] the transaction as soon as you have paid for it. Create an order on TMP by following Steps 21 to 35 inclusive of the buyers guide. Immediately after making payment and recording the transaction ID, your order screen should look something like this: You will now be prompted to leave a review (which you should do for the benefit of other potential customers) and the order life-cycle is complete. If you were unfortunate enough not to receive your order, or have another issue with the buyer, you can open a Dispute. This is covered elsewhere in this guide. 
    Share on Google Plus

    About Admin

    This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.
      Blogger Comment

    0 comments:

    Post a Comment