Late last week, the Deep Web black market known as Silk Road 2.0 was hacked for millions of dollars worth of bitcoins. Almost half of all Silk Road users lost every bitcoin they had deposited onto the site.
Today, the owner of the website is promising that the administration of Silk Road “will not earn any commissions until everyone is completely paid back.” The total value of bitcoins stolen is likely around $2.6 million, Nicholas Weaver, a researcher at the International Computer Science Institute, told Forbes.
Defcon, the man currently in charge of the market, faces a growing tide of skepticism as Silk Road 2.0 has experienced profound turbulence since it launched late last year. On top of the multimillion-dollar theft, Silk Road 2.0 staff have been arrested, deposits have gone missing or been delayed, and confidence has eroded quickly.
“You have no reason to trust my words,” Defcon wrote in an open letter to the community. “My actions will prove you wrong.”
In addition to pledging to pay back defrauded customers in the wake of the heist, a handful of other changes are coming to the infamous black market. It will introduce a new 5 percent flat fee per transaction, replacing a more expensive and complex fee structure.
Once upon a time, the entire purpose of Silk Road was to offer a secure escrow so that two anonymous parties could do business with each other while a trusted third party kept an eye on the cash. Last week, the millions of dollars stolen came directly from the website’s escrow fund. Now, Silk Road will launch without escrow.
Since the fall of Silk Road 1.0, dozens of Deep Web black markets have stolen from their own escrow funds. Most incredibly, owners of the Sheep Marketplace stole almost $100 million from dumbfounded users before shutting down.
“Never buy from a market which uses centralized escrow again,” Defcon wrote. “You will only get hurt no matter how honest the team is.”
But things aren’t that simple.
With escrow, buyers place funds into an account run by the market and then release them to the vendor upon receiving the illegal drugs. A black market without an escrow system is primed for abuse by drug vendors who will receive funds instantly. The most common scam in Deep Web history is to trick a buyer into working outside of escrow and then never sending the product. There’s no reason to believe this scam won’t become much more popular without buyer protection in place.
On I2P’s security-focused The Marketplace, the escrow fund requires multiple signatures from the buyer, seller, and market to be released. The approach is more complicated but far safer than Silk Road’s single signature. The owner of The Marketplace cannot steal escrow funds because, unlike other black markets, they don’t have sole ownership: Multiple signatures are required to do anything with the money.
Rumors and accusations have spread that Silk Road 2.0’s operators are behind the heist. If the money does end up getting paid back, some confidence may be restored to the site. But a market with no escrow brings as many new problems as it solves. More than ever before, Silk Road customers are open to scammers and thieves.
The future of Deep Web black markets is as uncertain as it ever has been.
Photo via Antana/Flickr (CC-BY-SA 2.0)