onion: moominkrkrfhy2zwd2wslpfybbi6o3aosrhgxisjw7ga2nni4qxb46id.onion
clearnet: moomintor.com
moomin market. what you need to know.
another market. another set of promises. you’ve heard it before.
but moomin has been around long enough now that it’s worth actually looking at what’s under the hood. not because anyone asked. because most of you won’t bother and then wonder why your coins are gone.
so here it is. the short version that’s still longer than i’d like.
security model
pgp is mandatory. not suggested. not “recommended.” mandatory.
2fa requires an active pgp key. withdrawals require 2fa. password changes require 2fa or a near-empty account with no active deposit addresses. account recovery without your pgp private key? doesn’t exist. support can’t help you. won’t help you. by design.
this is the correct approach. most markets treat pgp like a formality. moomin treats it like load-bearing infrastructure. lose your key, lose your account. that’s on you.
for anyone who’s watched admins “help recover” accounts and then wallets mysteriously drain — you understand why this matters.
payments
btc and xmr. vendor decides which they accept. can’t mix balances across currencies for a single order. annoying but makes sense operationally.
fees: 4% deposit. 4% withdrawal. 8% round trip if you deposit and pull out without buying anything. not cheap. not unusual either. standard market tax.
deposit address lives for 24 hours. new one available 6 hours before expiry. transaction must hit the mempool before the address expires. miss the window, funds may be gone. no replacements after expiration.
keep your pgp-signed deposit receipt. you have 7 days to report issues. after that, deposit address is deleted. no receipt, no case. simple.
they’re blunt about all of this. refreshingly so. the info page reads like documentation, not marketing. which is how you know someone technical wrote it.
escrow
multi-stage. here’s the flow:
- customer cancellation grace period: 15 minutes to back out.
- lock time: order can’t be disputed or approved.
- escrow time: window for disputes or approval. auto-finalizes after.
- vendor cancellation policy: vendor confirms/delivers or order gets auto-cancelled.
fe options exist. because of course they do. but moomin gates fe-visible listings and delivery options with lock times under 72 hours behind 2fa. pgp required to even see them. doesn’t eliminate the risk. narrows the exposure.
disputes escalate to support after 48 hours if parties can’t sort it themselves. completed orders deleted after 7 days. messages deleted after 14 days.
aggressive data minimization. good for opsec. also means evidence disappears on a schedule. interpret that however you want.
the session thing
february 2026 moomin rolled out one-way notifications to session messenger. ship updates. dead drop alerts. pickup confirmations. images.
one-way only. market pushes to session via anonymous sender id. can’t reply through session — have to log back into moomin for that.
this is actually smart. notifications without creating an exploitable external channel. moomin explicitly bans off-platform communication and will suspend for it. the one-way constraint keeps this consistent with that policy.
no other major market does this currently. novel. whether it survives six months is another question. but the design shows someone thinking about threat models, not just feature lists.
vendor management
vendors inactive for 3+ days get auto holiday mode. listings hidden until they log back in.
small thing. matters a lot. nothing worse than ordering from a vendor who’s been gone for two weeks. moomin removes that failure mode at the platform level.
search filtering exists but the ui buries it. filter button next to search icon, opens a dialog. their words: “somewhat hidden.” optimized for mobile at the expense of anyone actually finding it. you can set defaults in account & security so you don’t filter every time. vendor and listing favorites supported.
categories and cities can be requested through support tickets. they’ll review.
bug bounty
€200 floor. €10,000 ceiling for serious vulns. first reporter gets paid. cosmetic bugs don’t count.
€10k is real money. signals they either have it to spend or want you to think they do. either way, the incentive structure is pointed in the right direction. report bugs, get paid. better than the alternative where bugs get sold elsewhere.
forum
topics: market stuff, crypto, cybersecurity, drugs. that’s it. posts must follow the author’s selected language. no off-topic chaos.
restrictive. also functional. forums that allow everything become useful for nothing. this one stays on track.
affiliate and growth
commission based on deposit fees. paid on confirmation. straightforward.
late 2025 they ran a €50 promo for forum posts recommending moomin. post from an established account on a reputable forum, send them the link, get credited.
paying for word of mouth. growth-stage move. trust is the bottleneck in this space and you can’t scale it organically past a certain point. they know this.
referrals off-platform are explicitly banned otherwise. outside communication gets you suspended. the promo was a controlled exception. noted.
delivery
dead drop and shipped options available. delivery messages for dead drops are optional but must be e2ee with vendor’s pgp key. standard protocol.
customers can cancel within 15 minutes. after that, you’re in the order flow. act accordingly.
what matters
moomin isn’t reinventing anything. escrow, pgp, monero, dispute resolution — table stakes for 2026. every market claims this. most implement it badly.
what separates moomin: the execution is clean. pgp isn’t optional, it’s structural. data minimization is aggressive. documentation is honest. the session integration shows actual technical ambition. vendor controls prevent common buyer frustrations at the platform level.
the 4% fees sting. the ui has rough edges. the search filtering needs work. none of this is disqualifying.
the real question — same as always — is longevity. every market is a future seizure banner or exit page. that’s not cynicism. that’s pattern recognition.
moomin is doing the fundamentals correctly. for now.
act accordingly.
