We Are Amsterdam Darknet Market – Mirror Network & Version 3 Operational Review

We Are Amsterdam (WAA) has quietly become a fixture in the post-Hydra landscape by sticking to a simple formula: Dutch-language roots, Monero-only payments, and a rotating mirror system that keeps the site reachable even when the main .onion is stressed. Version 3 of the mirror bundle appeared in late-2023 after the v2 address stopped resolving reliably. For researchers who track continental European markets, WAA is interesting precisely because it never tried to scale globally; instead it doubled-down on regional OPSEC and tight-knit vendor circles. The result is a mid-sized bazaar that feels closer to the original Silk Road forums than to the megamarkets that dominate English-language chatter.

Background and short history

WAA first surfaced in spring 2021 as a tiny invite-only forum advertising “coffeeshop style” service. The initial codebase was a fork of the open-source “Daeva” engine, but the admins ripped out Bitcoin support early on, arguing that address-reuse was killing vendor OPSEC. By autumn 2021 the market opened public registration and quickly gained traction among German- and Dutch-speaking buyers who wanted domestic postboxes and no customs risk. The site weathered the April-2022 DDoS wave that knocked out several larger competitors by switching to a three-layer mirror rotation: one long-term v3 onion for bookmarks, two shorter-lived “bounce” addresses for day-to-day traffic, and a PGP-signed JSON file that lists the currently active pair. Version 3 of the mirror bundle (internally called “WAA-m3”) is simply the latest iteration of that scheme, hardened with stricter rate-limiting and a captcha that no longer leaks the backend IP through image tags—an embarrassing bug that researchers spotted in v2.

Core features and functionality

The market sells the usual continental palette: domestically shipped products, digital goods, and a small “services” section (mainly drop-shipping addresses and cash-out tutorials). Listings are priced in EUR for readability but settled in XMR. The engine supports:

• Multisig escrow (2-of-3) or traditional market escrow
• Per-order “stealth profile” field where buyers paste PGP-encrypted delivery info that only the vendor can decrypt
• Internal PGP-encrypted messaging with forward secrecy keys rotated every 30 days
• Vendor bond fixed at 0.35 XMR, non-waivable, refunded automatically after 180 days of clean activity
• “Instant dispatch” flag for vendors who pre-ship; funds are released after the first tracking event to reduce receiver risk

Search filters are granular: country of origin, shipping method (PostNL, DPD, DHL), and product weight brackets. A “last online” timestamp visible only to buyers who have an active order with that vendor helps reduce ghost-order frustration.

Security model and escrow mechanics

WAA runs on a nginx-hidden service stack behind two reverse proxies that terminate Tor circuits in separate VPS jurisdictions. The market wallet is view-only; all withdrawals are processed manually once every two hours, which contains hot-wallet exposure but creates a bottleneck during high-volume evenings. Multisig is implemented using the standard Bitcoin-core derived Monero multisig workflow—buyers paste their public key at checkout, the market provides the second key, and the vendor holds the third. In practice only about 18 % of orders use multisig; most users still prefer the convenience of market escrow. Disputes are handled by a three-person referee group: two long-term vendors with >600 completed sales each and one anonymous staff member. Median dispute resolution time last quarter was 38 hours, according to the public stats page. A nice touch: all dispute transcripts are signed with the staff PGP key and mirrored to a public Matrix room, so any party can later prove tampering.

User experience and interface notes

The UI is intentionally spartan—no JavaScript beyond a toggle for dark mode. Pages load fast even over 2-hop circuits, and the market’s own Tor2Web gateway (clearnet proxy, no TLS) is available for quick price checks, though logging in through it triggers a red banner that cannot be dismissed. Registration asks for username, password, and a mandatory six-digit PIN; 2FA is TOTP only, no FIDO support yet. One usability bug that persists in v3: if you refresh the deposit page before the first confirmation, the integrated address disappears and you have to open a ticket—minor but annoying. Mobile users report that the order-update notifications via XMRRadio (an XMR mempool watcher bot) are more reliable than the internal notification bell.

Reputation and community perception

Dutch-language forums like Dread’s /d/Netherlands board rate WAA as “low-drama, high-delivery” with an overall trust score of 4.1/5. The market has never lost user funds, but it did suffer a brief phishing wave in Q1-2023 when a fake mirror reused the old v2 onion’s PGP key. Admins now publish a fresh 4096-bit key every Monday together with a Tor paste-service link; users who verify signatures have avoided every subsequent phishing clone. Vendor turnover is low: the top 25 sellers account for ~62 % of volume, and most have been active since 2022. That stability cuts both ways—new buyers sometimes complain that “everyone looks established” and hesitate to place first orders with rookie vendors who might actually ship faster.

Current status and reliability

As of May 2024 the WAA-m3 bundle is online roughly 97 % of the time, measured over 60 days via automated onion probes. The longest outage was 11 hours on 3 May, coinciding with a wider Tor consensus overload rather than a specific market attack. Deposit confirmations average 4 minutes when mempool depth is below 50 k transactions; during spikes the market increases required confirmations from 10 to 15 to avoid re-org double-spends. One emerging concern is staff opaqueness: no public signing key for the head admin (“MrJohn”) exists older than six months, leading to speculation about a leadership change. Yet operational continuity—same PGP dispute logs, same multisig workflow—suggests either the original crew or a carefully planned handover.

Conclusion – sober assessment

We Are Amsterdam will never rival the multi-language giants in raw listing count, but that was never the goal. For buyers who value domestic post, Monero privacy, and a dispute process that actually publishes evidence, WAA remains one of the most consistent European markets. Version 3 mirrors improve uptime without introducing flashy attack surface, and the switch to longer 4096-bit keys shows the admins react to real threats rather than PR noise. Downsides are the small vendor pool, manual withdrawal schedule, and the lingering question of who really runs the show. If you already use Tails, verify PGP signatures religiously, and can read Dutch or German product descriptions, WAA is a workable option—just don’t expect the endless variety or lightning-fast support of larger international venues.