nyancat, the whole point of encrypting your address is to hide it from the server and marketplace admins, in case they are compromised. When you post your plaintext address into their "PGP encryption" text box, you are passing that plaintext into some JavaScript variable and you are trusting that the encryption is done in browser, then passed to the server. However, they can modify the code at any time to transmit the plaintext back to their servers and store it. You'd have to check the JavaScript *every time* to be sure it isn't malicious, and even then it may be obfuscated. In other words, it's a system that works as long as they aren't compromised, and fails when they are compromised, making it totally useless. Do you understand now? If you trust them to do the encryption, then you are trusting them with your plaintext address, so you might as well just post the plaintext. A better solution is to encrypt your address on your computer and only post encrypted text blocks into the browser.