How to Vet a Peptide Source

There is no way to make an unregulated gray market truly safe. (“Gray market” just means buying and selling that isn’t clearly legal or clearly illegal, with no official body watching over it.) But you don’t have to go in blind. Checking out a seller is something you can do step by step — it isn’t a gut feeling. And because the steps are the same for every seller, this guide names none of them and won’t point you anywhere to buy. It’s about how to judge a source, not where to shop.

Start from the right assumption

Assume nothing is trustworthy until it’s proven. In a market where no one is checking the seller’s work, it’s the seller’s job to prove what’s in a batch — not your job to assume it’s fine because the website looks polished. (A “batch” is one specific run of product, all made at the same time.) Slick marketing, “GMP” badges, and five-star reviews are not proof. A test result tied to your specific batch is. (“GMP” stands for Good Manufacturing Practice, a quality standard a seller can simply claim without anyone confirming it.)

The one thing that matters most

A batch-matched Certificate of Analysis from an independent lab — one that you can check yourself. A Certificate of Analysis (often called a COA) is a lab’s written report on what a sample contains. Three parts of that sentence are doing the real work:

• Batch-matched — the lot number on the COA matches the lot number printed on your vial. (A “lot number” is a code that identifies one specific batch.) A COA for some batch tells you nothing about your batch. (See How to Read a COA for what the numbers mean.)
• Independent — done by a lab that has nothing to gain from the sale, not a report the seller made themselves “in-house.” An in-house report is easy to fake, and the seller is grading their own work.
• Check it yourself — this is the step almost everyone skips, and it matters most of all.

Check it yourself — don’t trust the PDF

A PDF that a seller emails you or shows in a screenshot can be edited in minutes. The fix is simple: confirm the result on the lab’s own system, not on anything the seller hands you. The most widely used independent lab, Janoshik, posts its results to a public database you can search by batch ID — so you can look up the original report (the purity number, the identity check, and the chromatogram — a graph the test produces) straight from the lab, with the seller out of the picture. If a seller’s COA can’t be confirmed at the lab that supposedly made it, treat the numbers as made up. See the independent testing labs page for who actually does this.

What testing can — and can’t — tell you

Testing is the best signal you have, but it has real limits. Know them so a clean report doesn’t lull you into trusting too much:

• It describes the sample that was sent in, not your vial. Labs test a sample they’re given; they can’t test the exact unit in your hand.
• It only covers one batch. A seller can test one good batch and then ship a different one. That’s exactly why batch-matching matters — and why a single old COA stamped on “all products” means nothing.
• Pure is not the same as safe. A high purity number (measured by a method called HPLC) just means the main ingredient is the biggest part of the sample. It says nothing about whether the product is sterile (free of germs), free of endotoxins (toxins from bacteria that can cause a bad reaction), or even appropriate or legal to use. Most research-grade COAs leave out sterility and endotoxin testing completely — and leaving it out tells you something too.
• Knowing what it is doesn’t mean the dose is right. An identity test (done with a method called mass spec) confirms which molecule is in there. It does not confirm the milligrams claimed on the label.

The only way to know about your material

If you actually plan to use something, remember that a report on a website — even a genuine one — describes a different sample than the one you’re holding. The only way to learn what’s in your material is to send a portion of it to an independent lab yourself. The testing labs page lists labs that accept samples by mail. This is information to reduce harm, not a nudge to use anything.

Red flags that should end the conversation

Alongside the deeper scam-vendor guide, these are the dealbreakers on the testing side specifically:

• In-house COAs only, or a refusal to say which lab tested the batch.
• A COA that won’t check out on the named lab’s own database or when you contact the lab.
• No lot number, or a lot number that doesn’t match the vial.
• One reused COA stretched across every product and every batch, or a COA with no date.
• Pressure and secrecy — “DM for the source,” a rush to buy, or pushback and hostility when you ask for batch-matched testing.

A simple go / no-go checklist

Before you trust any source, you should be able to answer yes to all of these:

1. Is there a COA for this batch (lot number matches the vial)?
2. Is it from a named, independent lab — not the seller’s own in-house report?
3. Can I confirm that report at the lab itself (a public database or a direct contact)?
4. Does it show both HPLC purity (with a chromatogram) and mass-spec identity?
5. For anything injectable, is there sterility and endotoxin data — and if not, do I understand what’s missing?

Any “no” is a reason to stop, not a detail to talk yourself out of.

Bottom line

Vetting a source lowers your odds of being lied to about what’s inside — it does not make a product safe, sterile, or legal. As of 2026, peptides sold as “research chemicals” are not FDA-approved for human use, and a verified COA does not change that. Use this to size up claims with clear eyes. It’s reference information, not medical advice.

Sources

• Janoshik Analytical — independent peptide/PED testing and public COA verification
• ISO/IEC 17025:2017 — competence of testing and calibration laboratories — ISO
• How to Read a Certificate of Analysis — Compound Codex