Darknet drug dealers learned a hard lesson today after the administrators of Evolution, a popular market, made off with all their Bitcoin in an apparent heist that will likely net millions of dollars: you can't trust a website run by criminals, as it turns out.
Evolution went offline last night and former site moderators immediately took to Reddit to spread the word that the site's owners had pulled off an "exit scam." The scheme required vendors to trust the site's owners to hold their funds in escrow, where Bitcoin is kept before the site's admins sign off on a transaction. In theory, escrow minimizes vendor fraud, because a third party is mediating the exchange of Bitcoin.
In Evolution's case, after trust was established and the site's escrow funds fattened, it looks like the site's administrators simply emptied the market's coffers and vanished.
While some vendors reacted in anger, others have turned the situation into a teachable moment on how trust works on the darknet.
"If you were surprised by an exit scam then you were not being smart," wrote a coke vendor called TrapHouse on the forum of Evolution's expected successor, Agora. "If you are not prepared for a site to go down, then you need to re-evaluate vending."
"I don't trust ANY site after the dark history of the [darknet], and I've been around since [Silk Road] so I've seen the downfall of all the major markets," wrote InfiniteCom, another vendor. "I don't even trust Agora, because you can't trust ANY of these markets due to their very nature. They are composed of criminals. Some are more honest than others, but that doesn't change that fact."
The smart vendors, one commenter wrote, realized this in the first place and either offered incentives for their buyers to trade Bitcoin directly with them—the incentive is needed because this is the classic setup for an exit scam between buyers and sellers, and the impetus for escrow in the first place—or otherwise accepted the risk that the Evolution administrators could make off with their escrow at any time.
"A truly decentralized solution is our only option at this point"
With these precautions in mind, TrapHouse wrote that they "could care less if the admins open a new site to build another scam, as long as its as fast [sic], I have no problem."
So, what could make a darknet market safe to buy and sell without the looming risk of an exit scam? One solution recommended by vendors is to decentralize the trust system of darknet markets with multi-signature escrow. What's that, you may ask?
First, the problem: the administrators of Evolution and all the other sites that have fallen victim to similar schemes, the argument goes, had too much power over the escrow funds. They were able to access them without the buyer or seller's consent.
A multi-signature system would spread this out a little bit: each of the three parties involved—buyer, vendor, and site administration—would hold separate "keys." For a transaction to go through, two of the three would need to sign off on it. In this set-up, either the vendor and the market would have to conspire to steal funds, or the seller and market would. Either way, the idea is that no one person has enough control to sneak off with a ton of Bitcoin.
"I think a truly decentralized solution is our only option at this point," one Agora vendor, EvilGrin, wrote me in a message. "And once we have that we'll be a million times better off."
But, like any online security measure, multi-signature escrow would only work if people actually use it.
"Keep in mind that the people wanting multisig and decentralization are a small portion of the community," wrote EvilGrin. "Ones that use the forum. The great majority of the people who actually buy on the markets don't even use the forum, and about 80 percent don't even use [Pretty Good Privacy encryption]. If they can't figure out PGP, good luck teaching them how multisig works."
The future of darknet marketplaces is more uncertain than ever after Evolution's supposed downfall—there is the faint chance it may come back—and it looks like safeguards to ensure trust are the only way to secure it. But it would be a tense, decentralized kind of trust that boils down to not really trusting anybody at all.