# xmr.club — onion fingerprint quick-reference

## Canonical onion address

xmrclubummbi7y3numnwvdxvh6rrpuvidsilmj2ntd5wbygqyixskaad.onion

## How to verify

1. **Operator-published header**: this URL emits an `Onion-Location` HTTP response header on every HTML response from the clearnet hosts (xmr.club / www.xmr.club / list.luc.wtf). Header value = the onion above. Tor Browser uses this for the ".onion available" auto-suggest.

2. **HTTPS-served twin file**: this file (https://www.xmr.club/llm/onion-fingerprint.txt) is served from xmr.club's TLS cert. If you reached the clearnet domain via DNS + TLS, the fingerprint here is canonical.

3. **/.well-known/security.txt**: https://www.xmr.club/.well-known/security.txt — RFC 9116 contact + canonical pointer. Cross-references this file.

4. **Transparency page**: https://www.xmr.club/transparency#our-onion-mirror — full operator statement + phishing warning. Same fingerprint.

5. **External peer cross-check**: see https://www.xmr.club/peers — independent peer directories that may also list our onion once we're announced (post 2026-05-17).

## Vanity prefix

`xmrclu` (six characters). Vanity-mined with mkp224o. The remaining 50 characters are cryptographically determined by the public key — if any character after the prefix mismatches, the address is not xmr.club.

## What to do if the address looks different anywhere

Treat it as phishing. Capture the source (URL, screenshot, when you found it) and report via https://www.xmr.club/.well-known/security.txt — `mailto:abuse@xmr.club` or DM https://t.me/xmrclub_bot.

## Format notes

- Length: 56 + ".onion" = 62 characters total.
- All-lowercase alphanumeric (Tor v3 hostnames are base32 lowercase).
- No mixed-case, no punctuation other than the trailing ".onion".

## License

CC-BY-4.0. Attribute "xmr.club".