Other link directories are typically independently operated by an unidentified person with no track record, which isn't always a bad thing. We have an excellent working relationship with the majority of them and have promoted them from the beginning. But occasionally, it raises doubts about their objectives, which aren't always obvious—at least not until it's too late. We have witnessed the emergence and demise of such businesses in the past, many of which were phishers who gained popularity on their platform before eventually substituting phishing clones for the links they displayed. The purpose of these phishing websites is to steal users' login information and cryptocurrency payments.
There is assumed trust because Daunt was created as a direct attempt to address accessibility issues by the Dread team, who have repeatedly shown themselves to be impartial when making decisions regarding all services and community members while also making a concerted effort to provide what is best for their own users.
We have the data of any person with a Dread account in addition to the reputation we already have. That information is very helpful in identifying authentic users and weeding out unknown people. When it comes to distributing mirror links within the community in a discreet manner without exposing them to malevolent actors, this is highly advantageous.
These are mirror links, and in order to access the link, the user must authenticate themselves. To validate your reputation, you might have to finish a captcha task or sign in using your Dread account.
In many situations, authentication involves more than just signing into your user account; you might also need to fulfill additional arbitrary requirements set by the service provider. Different tiers of access to the service's mirrors can be defined, each with unique requirements from you. This will fluctuate depending on the provider; some may offer more mirrors with more "entry level" criteria, while others may apply more complicated standards for various sets of mirrors.
As the rules are set by the service themselves as to what requirements are needed per mirror address they provide, there is never going to be anything set in stone and it is unlikely we will ever display the true requirements, in order to avoid manipulation. Some examples of variables a service can set are: User is logged in with a Dread account, their Dread account has a premium membership, the age of the user account.
Always confirm that the address is signed using the service's official PGP key when you receive links from sources other than the service itself. All links that we publish on Daunt must include a signed message so that you can check them whenever you'd like.
Click here to log in to Daunt. Then enter the trustless authentication key that you can create in Dread's account settings. The fact that you should keep or backup your authentication key is essential. In the event that Dread is rendered inoperable, this guarantees access to links at Daunt.
Make sure to save all of the Daunt mirrors listed in the directory because we do anticipate downtime on the Daunt onion address. Our goal is to minimize the impact on other targeted services by scaling out the service as much as possible. The fallback clearnet address is Daunt.link. Although using this is not advised, the clearnet service will always be available and will permit authenticated mirror access even if you are unable to reach any of our onion addresses.
Because the information provided by the API was in its current state when it was used on Recon, my first idea was to stop the login API access on the Clearnet gateway. It was necessary to transmit information like your account username and PGP key in the API response, which is entirely prohibited when sending the data via a server that is accessible over a clearnet. We created new trustless authentication keys for Dread accounts as a workaround to this problem. These make use of an encrypted dataset that contains only rounded values and no other identifiable information about your account. Additionally, Dread doesn't need to be online to log in, which is why it's crucial that you SAVE YOUR KEY.
Due to the potential for human intervention—an attacker could get to obtain specific connections or a user could share them with the attacker—this is not a foolproof solution, but it will happen. This also relies on how far the business can expand in order to offer multiple tiers for viewing distinct mirrors. Always exercise patience if you are having trouble accessing a website that is listed on Daunt. Our API allows for repeated querying to update mirror links and switch to new ones as soon as the service makes them available.