Re: Layers of security
Most of the known Tor busts involved a combination of Firefox bug and social engineering
In the Alphabay bust, it was a massive OpSec fail that lead to the arrest of the owner - in the welcome emails (and password reset emails) he used a real (Gmail or Yahoo I think) address that he'd used elsewhere.
So all the investigators had to do was follow that chain back to the owner. You would have thought that someone savvy enough to spin up a major darknet market would be clever enough to use one of the many mailinator-like services around to hide the origins and details of the emails..