Glossary — Tor & Hidden-Service Terms
Definitions used across DrugHub Wiki articles. Terms are described for connectivity research, not marketplace operations. Cross-reference the Tor Access and Pluggable Transports articles for procedural context.
v3 onion service
A hidden service using Tor protocol version 3, identified by a 56-character hostname derived from an ed25519 public key. Replaces legacy v2 addresses deprecated in 2021. The hostname itself embeds authentication material, so TLS certificate mismatches common on clearnet do not apply in the same way.
Bridge relay
An unlisted Tor entry node whose IP is omitted from public consensus documents. Bridges help clients bootstrap when guard nodes are blocked. Bridge lines include transport parameters (obfs4, snowflake) consumed by Tor Browser's bridge configuration UI.
Guard node
The first hop in a Tor circuit, selected from a public list. Blocking guard IPs is a common censorship technique. Persistent guard selection improves performance but can aid traffic correlation in adversarial models — a trade-off documented in Tor design literature.
Middle relay
An intermediate relay between guard and exit (or rendezvous for hidden services). Middle nodes never observe source IP or destination content simultaneously in a properly constructed circuit.
Rendezvous point
A relay where client and hidden service meet without learning each other's network addresses. Introduction points and rendezvous mechanics are unique to onion services compared with clearnet reverse proxies.
Pluggable transport (PT)
A modular layer altering how Tor traffic appears on the wire. See the Pluggable Transports article for obfs4, snowflake, and meek-azure comparison tables.
Bootstrap
The process of downloading consensus material and establishing the first Tor circuit. Progress percentages in Tor Browser map to distinct failure modes: directory fetch, handshake, or circuit build.
PGP verification
Cryptographic proof that a published hostname list was signed by a known key. Analysts import the fingerprint from the Security article and verify detached signatures before citing endpoints in research notes.