It is true though that a compromise of the server should not be too devastating. The worst that should come from the server being compromised: A. Customers who don't encrypt their addresses with GPG are fucked (they should have learned to use GPG themselves) B. Customers and vendors who use fed controlled entry guards are fucked (Tor is not magic, but apparently the feds cannot trace through it with traffic analysis to locate hidden services, so I guess I wouldn't worry a whole lot about this) C. The escrow may be stolen and or seized D. The site may be temporarily taken down, the .onion addresses may be compromised (but DPR has a private GPG key and can authenticate any new addresses as being legitimate) so it wouldn't be a good thing for sure, but it would not be game over man by any means, unless DPR is hosting the site out of his bedroom and all of the vendors happen to be using fed controlled entry guards and none of the customers are using GPG and there is no isolation of the web server at all.