Journalists are often asked to protect people who can lose everything for speaking. A whistleblower can lose a job. A freelancer can lose immigration status. A dissident can lose freedom. A local source can lose safety long before a story is ever published. In that environment, “trust me, this website is secure” is not enough.
But this is not only a journalism problem.
The same pattern appears again and again. When Edward Snowden first reached out to journalists, he did not rely on ordinary communication channels. He used anonymity tools, including Tor, to make contact safely. In the Panama Papers investigation, the source “John Doe” used encrypted and anonymity-preserving communication to approach reporters. That single decision enabled one of the largest financial investigations ever published.
Platforms like WikiLeaks and the open-source SecureDrop exist for the same reason. News organizations such as The New York Times and The Guardian rely on Tor onion services so that sources can submit documents without exposing their identity or location. These systems are built on a simple reality. Traditional web infrastructure reveals too much, even before any message is read.
And it is not just whistleblowers.
During periods of censorship or heightened surveillance, people turn to Tor to access blocked information and to communicate more safely. Protesters share updates when mainstream platforms are monitored. Researchers access material that would otherwise be restricted. Ordinary users look for ways to avoid profiling, harassment, or retaliation tied to their online activity. The Tor Project itself documents how usage increases during moments when open access to information becomes fragile.
Even governments and law enforcement agencies understand the value of anonymity in the right context. Investigators do not always approach a target directly. In many cases, they operate quietly inside the same environments they are studying. That includes networks like Tor, where attribution is deliberately obscured.
Research into digital investigations describes how authorities conduct covert operations within these networks, using anonymous access to observe activity and interact without revealing who they are (ResearchGate). Official guidance also recognizes that systems like Tor provide secure communication channels that are useful in sensitive situations, not only for journalists and activists, but in government contexts as well (National Institute of Justice).
The logic is simple. In some situations, the risk lies not in what is said, but in the fact that a connection is made at all.
That is where Tor becomes important.
Tor does not solve every security problem. It does not remove the need for careful operational practices. What it does do is address a specific weakness in the modern internet. It makes network-level tracking far more difficult. It helps separate a person’s identity from the act of reaching out.
For journalists, that changes the starting point entirely. A source does not need to send a normal email or connect directly to a visible server that can be logged, profiled, or monitored. With onion services, even the contact point exists inside a network designed to reduce exposure.
And that matters most at the very beginning.
Before encryption workflows are established, before trust is built, there is a single decision. Do I make contact or not? If that step feels unsafe, many people simply will not take it. They stay silent. Evidence never leaves a device. Abuse remains local and undocumented. Corruption continues because the barrier to speaking is higher than the person’s ability to bear the risk.
This is why Tor is often praised in discussions about press freedom and civil liberties. But there is still a gap between understanding its importance and actually using it.
The ecosystem exists, but it is fragmented.
There are guides, examples, and powerful building blocks. There are container images and partial solutions. But there are far fewer systems that an ordinary operator can deploy quickly without deep technical knowledge.
And nowhere is that gap more obvious than with marketplaces.
Tor is full of marketplaces. Over the years, many have appeared, evolved, and disappeared. They clearly serve a demand. They show that people want ways to exchange value in environments where privacy matters.
Today, most of those marketplaces are associated with illicit trade. That is the visible outcome. But it is not the full explanation.
Those markets exist there largely because Tor provides something the regular internet does not. It offers a degree of anonymity and resistance to surveillance that is difficult to replicate elsewhere. When there is no widely accessible, privacy-preserving infrastructure for legitimate use cases, the first groups to adopt the technology tend to be the ones who need those properties the most.
At the same time, there is very little reusable software to run a marketplace at all.
Most marketplaces are built as closed systems. When they disappear, the code disappears with them. What remains are fragments, outdated repositories, or highly specific setups that are difficult to adapt. Instead of reusable tools, the ecosystem is full of one-off implementations.
So despite the number of marketplaces that have existed, the barrier to creating a new one remains surprisingly high.
That gap becomes hard to ignore.
If Tor is this important, why is it still so difficult to actually use in practice? Why does getting something online still feel like a specialist task?
At some point, that question stops being theoretical.
It turns into a decision.
So instead of waiting for better tools to exist, I decided to build something myself. Not a framework, not another half-finished component, but something concrete. Something you can run and use.
I chose to build a marketplace, Which you can download here
Not because markets are new, but because they are practical. They solve a real problem. They give people a way to exchange value, information, or services in an environment where privacy matters. And they force you to solve the hard parts: payments, availability, identity separation, and deployment.
So the goal became simple.
Make the first step easier.
This project is provided free of charge because accessibility matters. If privacy-preserving infrastructure is only available to well-funded organizations or specialists, then many of the people who need it most will never use it. Lowering the barrier is part of making these systems real.
The promise is straightforward. Running ./deploy.sh should be enough to get a functional Tor-based service online.
Instead of manually configuring hidden services, wiring together wallets, managing runtime secrets, and assembling containers piece by piece, the deployment process handles that work. It prepares the environment, generates configuration, launches the full stack, provisions the required services, and outputs the information needed to finish setup.
That simplicity is not just convenience. It is what makes adoption possible.
Secure systems are often abandoned when they require specialist knowledge from the start. A working baseline gives people something they can deploy, inspect, and improve. It allows small teams to move forward without building everything before they can even test an idea.
There is also a broader point here.
Press freedom and open communication are not only protected by laws or institutions. They are shaped by infrastructure. By whether secure systems are usable. By whether metadata exposure is reduced. By whether onboarding is understandable. By whether people can realistically deploy privacy-preserving tools without an enterprise budget.
Tor is part of that foundation. So are the tools built around it.
Journalists are one group among many who depend on these capabilities. Activists, researchers, independent operators, and ordinary users all face moments where communication carries risk. In those moments, the ability to reduce exposure is not theoretical. It is practical.
But Tor will remain underused if the software around it stays too complex and too difficult to deploy.
This project is one attempt to narrow that gap.
Because if we want more privacy-preserving communication online, it is not enough to explain why it matters.
People need tools they can actually use.