How to navigate darknet and join the webring
+Clearnet websites are like legit real businesses, which have a big sign on their shops, you can easily find them and visit them.
+For visiting a clearnet site you simply type in the domain name, and your browser query its ip address and access it. Sometimes there might be a layer of CDN in the middle
+
+For onion addresses on tor network this is a totally different story. TCP/IP is not designed to protect privacy at all, in order to allow client and server talk to each other while both of them remain anonymous, tor invent a very sophisticated mechanism to achieve
+Compare to the metaphor of clearnet, onion address access is more like dark market. Vendors cannot be found easily, and you need some sort middle man to arrange a meeting for trading to happen. The most important part of tor network is both parties never directly talk to each other.
+Setting up and access a hidden service is a quite complicated process technically speaking, here I summarize the most important part of it:
+Service Publish
+1.Like HTTPS which is used to establish a secure connection on clearnet, the first step for setup a hidden service to operate is to generate a public/private key pair. The public key then is encoded and is embedded in the onion address.
+
+That is why the onion address is so human unfriendly, because it contains a complete public key inside
+2.Next step is let the tor network to know the presence of hidden service, because you do not have a clearnet port opening, if you do not advocate yourself nobody will ever be able to find you.
+First you connect to a group of introduction points, these are the "middle man" that passes the information for you and clients to meet. Also you connect to these introduction points through tor relays, so you do not need to trust them. Pretty much like a spy agent where each node only knows absolute necessary information
+
+For stability of the service, you maintain a stable connection to introduction points
+3.Next you need to furthur advertise yourself, only set up some introduction points is not enough. Like in the spy movies people publish ads on the newspaper for contacting other spies, you also need to publish your presence on the tor network
+You will create a Hidden service descriptor which contains your onion address and your introduction points, and sign it with your private keys. Then publish it on the tor network DHT
+
+
+Client Access
+Next the client will need to find the onion address from other places, like from a forum on clearnet or onion search engine.
+This is the weak spot of tor network, since its addresses are very human unfriendly, it is impossible to memorize it and people need to trust some place for providing the correct onion address, for example taking notes locally or using some clear net directory website, which makes phishing very rampant on tor network.
+A popular directory site dark.fail was taken over by a malicious actor, and all the onion addresses on it were changed to phishing sites setup by him. This highlights the importance of keeping your own local notes or set up your own directory site.
+Let's assume a user obtained the correct onion address, and what happens next?
+1.The tor browser will send the onion address to tor DHT, and will try to retrieve the hidden service descriptor, which contains all the information for contacting the hidden service. The public key embedded in the address will also be used to verify the authenticity of the descriptor
+
+2.Next the browser(or client) will find a random relay, and make it a rendezvous point, basically it is a relay that both hidden service and client connects to, because tor network do not use IP protocol for transmitting data at all
+
+
+