Brewly - Worldwide Marketplace

Any crypto lending? Or and exchange for accepted currencies against usdt

No, that would be awesome though. Might be something we can do in the future. For now:

Code:
https://www.buybitcoinworldwide.com/

This shit is too weird for me. I'm out. All due respect.

Ask away!

No problem. If you have any questions or concerns, feel free to ask. I'm sure they've already been answered in this thread, but reading such a long thread is tiresome, so I have no problem reiterating.

Basic summary of Brewly

Basically it's like a darknet market without narcotics and murder for hire. Plus, it's on the clearnet! If that sounds weird to you, don't forget that the forums and email services we use are also on the clearnet. Hell, email services like ProtonMail even comply with Government requests. Fortunately for us, AAS attracts a lot less attention. That's how someone like Panda is able to do millions in business on a clearnet website. We're no different, we just host multiple vendors!

How we keep you even safer than ProtonMail all while being Clearnet.

Well we are a little different:
- Hosted on offshore servers in countries where AAS is legal
- Shipping info is encrypted & auto-deleted when order has shipped
- We're able to hold vendor funds and reimburse customers in cases of verified scam/fraud


Hope that clarifies things :)
 
Being hosted offshore has been the norm for 20+ years and very common, you provide nothing new here.

Anybody who enters shipping info into a website must understand that info is stored in a database on the server. I very highly recommend never using a website for illegal purchases that required you to enter your shipping information.

None of what you say about your servers is more than hearsay.

You are responsible for the laws of the country you are hosted in.
 
Being hosted offshore has been the norm for 20+ years and very common, you provide nothing new here.

Anybody who enters shipping info into a website must understand that info is stored in a database on the server. I very highly recommend never using a website for illegal purchases that required you to enter your shipping information.

None of what you say about your servers is more than hearsay.

You are responsible for the laws of the country you are hosted in.

We are hosted where AAS is legal

Responding to your point about offshore:


Of course, however most forums and sites that I have researched are hosted in countries where AAS is illegal. That is not the case for us. This is not hearsay. It's easy to verify this by pinging their server and getting the IP. If their server IP is not hidden, you can find out exactly where they're located.

Shipping info deleted

Shipping info is not only encrypted but gets auto-deleted from the database when orders are marked as shipped. Also, buyers can manually delete that data at any time with a press of a button. You can easily verify this for yourself by placing an order with a fake address, not paying it, and looking in your dashboard. You'll see that you're able to manually delete it. But, again, it gets auto-deleted when the order has been marked as "Shipped".

Do you use email to buy steroids?

Same rules still apply. Unless you set the email to expire, it still get stored in a database and is never deleted. Sure it's encrypted, but whoever has access to the server can decrypt it with the key.

Protonmail for example is in Switzerland, AAS is illegal, and PM complies with Government requests and investigations.
 
Your marketing data is incomplete and you are confused.

You are responsible for the laws of the country you are hosted in. Your example of PM is no good if the supplier is not selling steroids domestically in Switzerland they have not broken any laws.
 
Your marketing data is incomplete and you are confused.

You are responsible for the laws of the country you are hosted in. Your example of PM is no good if the supplier is not selling steroids domestically in Switzerland they have not broken any laws.

Sir, it is not my intention to argue with you. With all due respect, I told you we are hosted in a place where AAS is legal in big, bold letters.

We don't sell steroids. We are a website where vendors can sell steroids.

As far as PM, the fact of the matter is: if you're aiding the sale and solicitation of drugs, and said drugs are illegal in your country, the government can ask for data.

I'm not making this stuff up. They respond to foreign requests too.

"ProtonMail Complied With 336 Government Requests in 2018"

"Whether you are a Swiss or a foreign law enforcement agency, please make your request for assistance directly to legal@protonmail.com. We will generally respond to you within 1 business day, although our response time is usually much shorter than this during Swiss business hours. More critical cases will automatically be given higher priority by our team."



Code:
https://protonmail.com/law-enforcement

Code:
https://www.macobserver.com/news/2019-protonmail-transparency-report/
 
Sir, it is not my intention to argue with you. With all due respect, I told you we are hosted in a place where AAS is legal in big, bold letters.

We don't sell steroids. We are a website where vendors can sell steroids.

As far as PM, the fact of the matter is: if you're aiding the sale and solicitation of drugs, and said drugs are illegal in your country, the government can ask for data.

I'm not making this stuff up. They respond to foreign requests too.

Code:
https://www.macobserver.com/news/2019-protonmail-transparency-report/

And I'm simply pointing out while protonmail is hosted in Switzerland they are doing nothing illegal. You brought it up, I'm addressing it.

You are providing nothing of value by being hosted offshore where steroids are legal. The biggest issue you have is your servers are collecting personal information and you expect that person to "Trust" that your server is auto deleting it.
 
And I'm simply pointing out while protonmail is hosted in Switzerland they are doing nothing illegal. You brought it up, I'm addressing it.

I never claimed ProtonMail was breaking the law. I claimed, and verified, that they comply with Government requests concerning users using PM to break the law. In our example, through the sale and solicitation of drugs that happen to also be illegal in Switzerland. I wonder if the Swiss government would honor a law enforcement request concerning the sale of drugs that they also deem to be illegal?

You are providing nothing of value by being hosted offshore where steroids are legal.

We don't comply with, or even get, government requests. Because we don't have to.

you expect that person to "Trust" that your server is auto deleting it.

How to check if I'm lying:

No trust required. How does it help my bottom line to lie about this? Like I said:

- Place an order with a fake address
- Don't pay it, you don't have to
- Go to your dashboard and click "Delete shipping info" from the order

That's a free way to see I'm not making things up without exposing your real address.

Taking the trust completely out of Brewly

Still don't trust us? No problem. We added PGP functionality to the site. If a vendor and buyer both have a PGP key, they can do peer-to-peer encryption. In that way, only the vendor can decrypt your data.


Thank you for your questions, and I hope I have answered everything to your satisfaction.
 
How to check if I'm lying:

No trust required. How does it help my bottom line to lie about this? Like I said:

- Place an order with a fake address
- Don't pay it, you don't have to
- Go to your dashboard and click "Delete shipping info" from the order

That's a free way to see I'm not making things up without exposing your real address.


[emoji849] Come on Brewly. That doesn’t prove anything. Just because we can’t see it doesn’t mean it’s not saved to your database somewhere. No matter what you say, it’s a trust thing. So don’t pretend we’re a bunch of dumb dumbs. Just admit we “need to trust you” and then work your ass off to build that trust!

Taking the trust completely out of Brewly

Still don't trust us? No problem. We added PGP functionality to the site. If a vendor and buyer both have a PGP key, they can do peer-to-peer encryption. In that way, only the vendor can decrypt your data.

Do you still get your 5% cut if we bypass you like this?
 
[emoji849] Come on Brewly. That doesn’t prove anything. Just because we can’t see it doesn’t mean it’s not saved to your database somewhere. No matter what you say, it’s a trust thing. So don’t pretend we’re a bunch of dumb dumbs. Just admit we “need to trust you” and then work your ass off to build that trust!

Of course, but if what you're mistrusting is our competence to code a delete function, you can easily check that out.

Trusting whether or not we're secretly saving things (for no good reason), is another matter. You're absolutely correct that we need to earn that trust.

Do you still get your 5% cut if we bypass you like this?

For those unaware, that 5% fee comes off the vendor. This is the only monetization we do on Brewly.

How ordering with PGP works

Yeah, the order still goes through the site. It's just that instead of inputting your address, you input your PGP encrypted block of text (encrypted address).

The only person that has the key to decrypt that block is you and whoever you include in the encrypted message (by using a vendor's public key, for example).

But aren't we still trusting Brewly?

No. The encryption/decryption of those messages happens off site, through your own PGP application. In this manner, you're not trusting Brewly at all.

This is very typical on darknet marketplaces. In fact, it's required. People don't use it much in the AAS world, and it's something we can potentially push harder in the future.

I'd love for more people to use PGP. By all means, do everything you can to protect your personal information. We are in full support of that, and that's why we launched with PGP support even though essentially no one uses PGP right now.

On Brewly, you can set your PGP public key and then it appears conveniently in both the checkout page and the messenger so you can quickly copy a vendor's public key to your clipboard.

pgp.PNG
 
Last edited:
I’m going to give it a try for a couple of small thing, this is actually very convenient for me in terms of ordering oddities like dhb, ment, and even stuff that our domestic vendors markup over 100% like HCG. For my self I order my anabolics in bulk usually and through one person but I can see this being very useful for the people who only grab a bottle here and a bottle there of some things.
 
I’m going to give it a try for a couple of small thing, this is actually very convenient for me in terms of ordering oddities like dhb, ment, and even stuff that our domestic vendors markup over 100% like HCG. For my self I order my anabolics in bulk usually and through one person but I can see this being very useful for the people who only grab a bottle here and a bottle there of some things.

Now imagine knowing your funds were safe when making big, bulk orders like that. Our planned order dispute system would function very much like Paypal, debiting vendor balances after the fact in the case of a dispute.

However, we are still thinking about how to incorporate a full-on escrow for large orders. Say you make an order of $1000+ (perhaps), your funds would not be cleared to the vendor until you mark your shipment as "Delivered".
 
dude, you're fucking super dumb if you think this is a competence thing with regards to deleting info. At the end of the day we can't see your code or db, so we don't know and have to trust you. You remind me of arguing with a teenager.

But it's built on laravel, so no other explanation needed. and I just downloaded kali so im the l33t3st hax0r
 
dude, you're fucking super dumb if you think this is a competence thing with regards to deleting info. At the end of the day we can't see your code or db, so we don't know and have to trust you. You remind me of arguing with a teenager.

But it's built on laravel, so no other explanation needed. and I just downloaded kali so im the l33t3st hax0r

I agree

Sir, I never claimed this. I, infact, agree with BBBG's point. It's for this very reason we built in support for PGP.

Don't trust us? Use PGP.


I am just covering all bases. Mistrust our competence? Try deleting shipping info yourself. Mistrust our honesty? Use PGP.

Laravel

A customer had previously asked me how things are handled with regard to sessions, cookies, authentication. You'll find a lot of those answers in a breadth of detail that I cannot replicate, in a timely manner, by reading into the framework the backend was built on: Laravel. Laravel is a strict, opionated framework. Those core functions are already built our for us, and they follow best practices in all regards. That is why I mention Laravel with regards to some basic security qualms/questions like: SQL injections, sessions, cookies, authentication & authorization, gating.

Thank you for your questions.

I am sorry if you're interpreting my tone as hostile or argumentative. I am simply doing my best to answer all questions, and cover all points.
 
The objective is to reduce middlemen not increase middlemen hence increasing security risk and risk of being scammed. I think your fiverr script may have better use for quilts or Christmas decorations....
 
haha you didn't mention sessions until post #746. Prior to that is was just "our website is built on laravel platform...", starting with your original post.

I just used the search function to verify that since you weren't able to in a timely manner. Took me probably 60 seconds.

your arrogance and immaturity are gonna cost you deals here. and don't bother replying with "im just responding to the questions that are being asked..", that's what a teenager would say.
 
Back
Top