That really doesn’t matter as coins for everyone are sent from the same address. In theory a bad actor could get incognito’s address flagged (it’s probably multiple issues that slowly, and over time, assign a higher risk score). And depending on the transaction you are doing, and who you are, and how the exchanges want to set the thresholds of what triggers risks—will determine if you get flagged.
I don’t know what exchanges do if they recieve coins, request KYC, but the user does not comply. I don’t have experience with binance specifically but I know that HitBTC held my funds for turning on 2FA–my account had a small balance so I didn’t bother but I was planning to use it so I enabled security and bam—account locked, kyc requested. I actually sent them KYC but they said my ID is from a different country than it was from and it’s been ongoing for 8 months I think for them to review it. However, when they determined I was from an ineligible country, they let me withdraw. I think it took 4-5 months to get them to make even their first determination on KYC and I’ve been waiting 3-4 months for the escalation.
That’s very different than attempting a transaction that gets flagged, rather than my apparent user behavior.
My strategy for centralized exchanges is logging in through a residential IP address (not work or VPN) regularly, doing more and more transactions, refrain from changing my security settings once everything is set up including 2FA, and don’t try to change your email address. I figure that keeps their systems knowing I am a frequent customer and doing normal things. (It’s akin to the credit card companies freezing your credit card if they suspect unusual behavior. Just do lots of stuff and it all becomes usual behavior). My theory (unproven) is that if a questionable deposit comes in and my other risk factors on my account is good, that it’s more likely to go through.
My next step is to use DEXes when I can, if it’s all on ethereum. You will pay gas but there is zero chance of funds getting locked. There are very few players that do cross chain swaps in a trustless way.
There is no prescription for you or even myself because:
- There are other factors that assign your account risk besides your incoming deposit transaction and the history of those coins
- We don’t know what blockchain analytics firms actually know about us and furthermore we don’t know what risk is acceptable to each exchange. The analytics firms are probably not telling an exchange not to process it unless the address is specifically on a blacklist. They are probably providing a scoring model similar to a credit score perhaps.
Oh—and although I have sent transactions from incognito directly to a 3rd party exchange, I think it’s a best practice to always send to an intermediary wallet first. That way if the coins get returned to the wallet that sent them, it will be your wallet. That begs the question, @Peter if the OP happens to get the coins sent back to the smart contract wallet address because he can’t pass their kyc trigger, is the team able and/or willing to manually retrieve them? I know this isn’t something you want to always do but at least for now this is likely an isolated incident.