Nexus Market Bureau est. 2026
Report

PGP verification workflow, from key to signature

The full verification workflow a reader should run once per operator key and once per rotation.

By Editor · 16 July 2026 · 9 min

PGP verification is the mechanism that turns a random-looking onion address into a trustworthy one. The workflow is boring and takes about a minute per rotation. It is worth reading in full once, then referring back to only when something goes wrong.

What verification proves

A PGP signature over a message proves two things simultaneously. First, that the message was signed by the private key corresponding to the public key you have. Second, that the message has not been altered since signing. If a signed rotation announcement from the Nexus operator verifies against the operator public key you already have on your keyring, the address inside is genuinely from the operator and has not been tampered with.

Getting the operator key, first time

The operator public key is published on the pinned Dread profile and on the /pgp path of every current Nexus mirror. Fetch it once, from at least two independent sources, and cross-check the fingerprint. If the two fingerprints agree, import the key and never re-fetch. The whole point of the model is that trust rests on the first key you got, not on repeated fetches.

Import

gpg --import nexus.asc

One command. The output confirms the import and shows the key ID. Save the fingerprint somewhere durable (a paper note, an encrypted local file), in case you switch machines and need to re-verify that the operator key on the new machine is the same one.

Verify a rotation

Save the whole signed message, including the envelope headers, into a text file. Do not strip the blank line between the hash header and the message body. Do not add anything at the end. The signature covers every byte and a single extra space breaks the check.

gpg --verify rotation.txt

Success looks like a line beginning with gpg: Good signature from followed by the operator's user ID. A second line usually reads WARNING: This key is not certified with a trusted signature. That warning is normal and expected. It means you have not personally signed the operator key with your own key, which is fine. What matters is the Good signature line above.

Common error messages

BAD signature. The file has been altered after signing. Do not trust the address inside the message. Report the bad post to the pinned Dread thread so other readers see the warning.

Can't check signature: No public key. The operator key is not on your keyring yet. Import it first.

Signature made ... using RSA key ID ... followed by a key ID you do not recognise. The message was signed by a different key. Do not import that key. Do not use the address inside.

Signature made ... (expired). The signing key has expired. This is worth investigating: the operator either has to publish a new key under the outgoing one, or has been compromised. Do not use the address inside until the situation clarifies.

Kleopatra path (Windows)

Kleopatra ships with Gpg4win. The same operator public key file can be imported through File → Import. The same signed rotation can be saved to rotation.txt and verified through right-click → More GpgEX options → Verify. A window pops up with the result. Same principle as gpg on the command line, different button. If you prefer graphical interfaces, this is the path.

Handling a key rotation

If the operator rotates the signing key itself (as opposed to rotating a mirror address), the change is announced in a signed message under the outgoing key, with a copy of the new public key attached and cross-signed by the outgoing one. The reader verifies the announcement against the outgoing key, checks the new key fingerprint against multiple sources, imports the new key, and updates the trust anchor.

Key rotations are supposed to be rare. Nexus has not rotated the operator signing key since the storefront opened. If you see a key-rotation post that does not carry a valid signature from the outgoing key, do not import the new key.

Why bother with all this

Because phishing clones cannot fake a valid signature. Every other check on a mirror address is defeatable by a determined attacker with time and infrastructure. The PGP check is the only anchor that a phishing clone cannot spoof without the operator's private key. That is why we run it.