Between 2020 and 2021, the landscape of Dark Web .onion domains underwent a significant transformation with updates to Tor’s anonymity software. The Tor Project introduced changes to improve privacy, security, and resistance to deanonymization attacks, phasing out the older 16-character .onion addresses (known as v2) in favor of the newer, more secure 56-character v3 domains. Despite the upgrade, only about a third of dark web onion domains had transitioned to v3 at the time.

The rollout of the v3 onion services was carefully planned and spanned over a year to ensure a smooth transition while maintaining network stability. Key milestones included:

• September 2020 – The Tor Project released v0.4.4 of the Tor anonymity software and issued warnings to server operators that v2 domains would no longer be generated.
• July 2020 – Tor v0.4.6 was released, preventing server operators from registering new v2 onion domains.
• October 2021 – Stable versions of Tor were released that completely removed support for v2 domains.
• November 2021 – Tor Browser 11 was launched, eliminating support for v2 domains.

This upgrade marked a major step forward in enhancing the Tor network’s security and resilience, making v3 domains the standard for accessing the deep web.

Adoption of V3 Onion Domains on the Dark Web

Onion sites are a core part of the Tor network, an anonymous system designed to allow users to access the internet while maintaining privacy. These sites use URLs ending with the “.onion” top-level domain, such as example.onion.

Traffic on the Tor network is routed through multiple encrypted layers, with data being encrypted and re-encrypted at each step. This layered encryption makes it extremely difficult to trace the origin of the traffic, ensuring a high level of anonymity for users. Anyone interested in visiting onion sites can do so safely using the Tor Browser, which is specifically designed to protect user privacy and identity.

The adoption of v3 onion domains on the dark web represents a significant advancement in network privacy and security. Compared to the older v2 domains, v3 domains provide enhanced encryption, stronger protection against deanonymization attacks, and greater overall resilience. This upgrade ensures that users and service operators on the Tor network benefit from a more secure and reliable anonymous environment.

About V3 Domains

V3 Onion Services, also referred to as Tor V3 onion services or Tor hidden services V3, represent the latest upgrade in the Tor network’s anonymous and decentralized service architecture.

These services offer enhanced security, stronger cryptographic protocols, and improved privacy compared to earlier versions, such as V2 and prior onion services. The upgrade is designed to better protect both service operators and users from deanonymization attacks and other security vulnerabilities.

It’s important to note that the transition from V2 to V3 onion services is still ongoing. The Tor network continues to support both V2 and V3 domains, but there is a coordinated push encouraging dark web users to migrate to V3. While some onion services still operate on V2, the recommendation is clear: adopting V3 provides the highest level of security, privacy, and anonymity currently available on the Tor network.

Improvements in V3 Dark Web Onion Services

Improved Security:

V3 onion services use stronger cryptographic algorithms, including the Ed25519 elliptic curve for key generation and the SHA3-256 hash function. These enhancements strengthen the security of hidden services and provide better protection against potential attacks.

Longer Onion Addresses:

Unlike V2 addresses, which are 16 characters long, V3 onion addresses are 56 characters in length. They represent a base32 encoding of a 56-byte public key. The increased length and complexity significantly boost cryptographic strength and reduce the risk of address collisions.

Enhanced Anonymity:

V3 services offer greater resistance to attacks such as guard discovery and correlation attacks. They also improve protection against enumeration attacks, making it much harder for adversaries to identify or track hidden services.

Offline Keys:

V3 onion services allow operators to generate keys offline, uploading only the public key to the Tor network. This separation between offline and online keys reduces the risk of key exposure, further enhancing security.

Client Authorization:

V3 onion services provide more granular client authorization. Operators can issue client-specific authorization keys, granting access only to approved users. This feature enables tighter control over who can access the hidden service, improving both privacy and operational security.

Why Have Only a Third of Dark Web Onion Domains Switched to V3?

The adoption of V3 onion services on the dark web has been slower than expected, and several factors contribute to this gradual transition.

Technical Challenges:

Migrating from V2 to V3 requires significant technical knowledge. V3 introduces new cryptographic algorithms and a redesigned addressing system, making the migration process complex and time-consuming. Operators with limited technical expertise or resources may find the transition daunting.

Compatibility Issues:

V3 onion services are not backward compatible with V2 domains, meaning V3 addresses cannot communicate directly with V2 services. This creates a coordination challenge, as both service operators and users need to adopt the new system simultaneously. The widespread use of V2 domains can discourage switching due to potential connectivity loss or decreased user access.

Perceived Lack of Benefits:

Some operators may see little incentive to move to V3. V2 services remain functional, and without clear disadvantages or external pressure, many operators prefer to maintain the status quo.

User Resistance:

Users themselves can slow adoption. If the sites they regularly visit have not transitioned to V3, users are less motivated to update software or adjust browsing habits. This creates a chicken-and-egg scenario where low user demand discourages operators from switching.

Awareness and Security Perception:

Although V3 offers enhanced security, not all operators fully understand or appreciate these advantages. Some may believe that their existing V2 services provide adequate protection, reducing motivation to migrate.

Measurement Challenges:

Due to the secretive nature of the dark web, obtaining precise statistics on V3 adoption is difficult. Current estimates suggest that only about a third of onion domains have transitioned to V3, though the actual number may vary and continues to evolve as adoption progresses.

The slow adoption of V3 onion services reflects a combination of technical, social, and awareness-related factors. Overcoming these challenges will require both education and coordinated effort from operators and users alike.

Final Thoughts

Data from multiple Tor relays indicates that only about a third of dark web onion domains have migrated to V3. While this estimate covers only a small portion of hidden services, it shows that adoption is gradually increasing.

Upgrading from V2 to V3 brings stronger security, better anonymity, and enhanced resistance to attacks. Operators still using V2 are encouraged to transition to V3 to take full advantage of Tor’s latest privacy and safety features.