To settle this of why never to use auto-PGP is because there is a false sense of security about it. Now let us totally assume you are good guys and you write it so that the PGP is made and that the plaintext is never stored on the servers. It has already been demonstrated how easy it would be for LE to change the code if they had server access to then record addresses and it would be nearly impossible to spot, so it offers almost no security over the SilkRoad protocol of leaving it down to the buyer, in addition if you didn't want to trust the server you would have to run the script client side - a big NO.Really guys, some of the plans sound exactly like how Atlantis operated and you know astor and kmf lambasted that place for delivering a false sense of security with its features whilst actually weakening how much buyers are protected. I am not a programmer no, but I have been here since the beginning and I've heard every security concept and idea put forward in that time and what you are proposing is not living in the real world, you are attempting to effectively displace the responsibility of buyers to protect themselves to additional features centralised on the server which people will have to trust. Sure they can add their own PGP too, but then what is the point in the original encryption?Look gents. Go back to the drawing board, build from the ground up. If you're looking to protect users, adding features like auto-PGP is NOT the way forward, and neither is making the marketplace a democracy as democracy is always the worst form of governing since little decisive action is taken and to pass the details of the server from person to person so freely in a democracy is a massive security risk. If this marketplace was set up, you will find me and many others of the security type criticising the marketplace just like we did about Atlantis.Sorry, but I don't want to see another SilkRoad and you are seriously overestimating your own abilities and knowledge to a dangerous level because whilst it technically works, fundamentally the server is always compromised and thus you can never rely on it to protect users.