Incognito, custodianship and tainted BTCs

Hi there,
I have a question concerning shielding, custodianship and tainted BTC. The following hypothetical scenario:
Alice (A) as we know fishes in muddy waters and there she caught some tainted BTC which she shields into incognito pBTC, these pBTC she trades into any coins she likes and is happy. Now Bobby (B), she is a Incognito user too, and she puts some hard earned FIAT via a CEX into stableCoins, shields them and at one point she trades at the pDex for BTC that she then decides to unshield, but as her luck goes it happens to be some those tainted BTCs from Alice.
Here my question … is that plausible/possible? Put differently: The trace of BTC is not broken, once a BTC address is tainted all follow-up BTC-addresses which come in contact with that, will be deemed tainted as well!? So if Bobby unshields BTC bought on the pDEX is it possible that she gets BTC from a custodianWallet-address which might hold tainted funds? Or does either shielding or unshielding process include some sort of coin mixing, whirlwind, “white-washing” step where the receiver of the unshielding process can be sure, that only clean/untainted funds will be paid to her wallet?

Thx for reading, looking forward to any reply that might shed some light on this topic.

Skål Freyr

1 Like

There may be a misunderstanding as to what Incognito is/does and how a public blockchain like Bitcoin works.

Tainted coins
First it depends what you mean by “tainted BTC.” If you mean coins that are known by LEOs or other organizations to have been used in illegal activity, then there is no way to ever “white-wash” or “clean” those coins.

That is inherent to the design of Bitcoin: it is a publicly viewable distributed ledger whereby anyone can view the transaction history of any coin, all the way from its creation in a coinbase transaction, to every wallet address that it has been sent to.

If Charlie uses bitcoin to make an illegal purchase by sending it to a bitcoin wallet on the Bitcoin blockchain, and his purchase is identified and linked to him and his illegal activity, then you might say that bitcoin is “tainted”. No matter what happens going forward, that illegal transaction will always exist in the blockchain, and that bitcoin can always be followed to any address on the blockchain forever into the future. There is nothing anyone can do to prevent that.

Obviously the tainted bitcoin can be sent to a wallet with an unknown user, so it’s not as if Alice receives the tainted bitcoin and soon after has law enforcement on her doorstep (as long as her identity is not associated with the wallet address where she receives the bitcoin.)

But, any bitcoin user could simply “blacklist” any known “tainted” bitcoins and refuse to accept them. And anyone who does receive or attempt to spend the tainted bitcoin in a manner that reveals their identity could potentially face legal trouble, depending on the circumstances.

This is actually one of the major criticisms of Bitcoin. The fact that the nature of its public blockchain allows for coins to be differentiated, and there to be separate categories of “tainted” and “clean” coins, means bitcoins are technically by definition not actually fungible.

In the case of Incognito, all your activity that takes place in the Incognito network is private, so you could transact using bitcoin in a private way, inside Incognito with other Incognito users. That is the main function of Incognito. There would be no identifiable record of any bitcoin (or any other coin/token) activity that took place in Incognito because all that activity takes place outside of the blockchains where those coins come from.

However, once any coins are unshielded (i.e. sent outside of Incognito and back to a regular blockchain), they are once again visible (and traceable) on that blockchain. (Obviously this is a bit different with privacy coins like Monero (XMR) that by design obfuscate transaction info.)

How it would look
For your scenario, let’s say the tainted bitcoin is identified as BTC01234 (this isn’t how Bitcoin is identified, it’s just to illustrate what happens.)

Alice receives tainted bitcoin BTC01234, and shields it to receive pBTC.
Anything she does with that pBTC is private.

The tainted BTC is basically parked at an Incognito bitcoin address. If Bobby receives pBTC and unshields it, and some of that tainted BTC01234 ends up in Bobby’s bitcoin wallet, it is still identifiable as the tainted bitcoin, at Bobby’s bitcoin address.

On the Bitcoin blockchain, an observer could see:

Alice’s shielding:
Tainted BTC01234 from xzy bitcoin address --> Incognito bitcoin address

and then at a later time,
Bobby’s unshielding:
Tainted BTC01234 from Incognito bitcoin address --> abc bitcoin address

Granted, it may not be the same amount, but if any of the tainted bitcoin is involved in the unshielding, that fraction will be able to identified as going to the abc bitcoin address.

If Bobby tries to spend that bitcoin in a non-anonymous way, or is identified as the owner of that wallet address, that would mean being identified as interacting with tainted coins.

Further info
For more details on how Incognito works and how it can be used and how privacy is achieved, you can check these threads:


no misunderstanding on my side, it was meant the way as you described it, so short answer: Yes it is possible to receive “tainted” BTC when unshielding pBTC.

Skål Freyr

Having brought up this topic I found these very good reads as follow-up … a little bit older (by modern news-cycle standards) but very informative and entertaining … have fun, by Kai Sedgwick on Feb 6, 2020, by Paul Sibenik on Jan 6, 2021

Well yes, but that’s because once any bitcoin is deemed “tainted” there’s no way to “clean” it. Your comment here made it sounded like you thought maybe there was some way to do that:

I’m not entirely sure what you mean by “whirlwind” or “white-washing”, but no amount of coin mixing can erase the history of a coin and turn tainted BTC into clean BTC. A coin’s history can always be traced from its creation to every wallet it is sent to and from.

The only thing that a mixing service accomplishes is obfuscating the relationship between a sender and the intended recipient. So Alice can put a tainted coin into a mixer and make it nearly impossible to identify who she sent the payment to. But the tainted coin she put into the mixer can still be followed. There’s just no way to confirm a relationship between Alice and any address that receives any of that tainted coin.

But it will always be “tainted”.


I note that the CipherBlade article you linked disagrees, and states:

In our opinion, once it can no longer be ascertained that the BTC is controlled by the same entity that was engaged in the crime, the funds are no longer ‘tainted.’

But that’s just it…that’s their opinion. Even if you agree with their assessment, that doesn’t matter. I personally agree that once there is no way to prove a relationship between a holder of bitcoin and some illegal activity the bitcoin was associated with, it makes no sense to consider it tainted, much like their “your fiat cash probably has trace amounts of cocaine on it” analogy.

But it doesn’t matter what you or I think. “Tainted” is in the eye of the beholder. CipherBlade says it themselves: “Tainted According to Whom?They don’t think it should be considered tainted, but if the FBI comes knocking on your door, do you really think “But Paul Sibenik at CipherBlade says considering my bitcoin tainted is absurd,” will be a good defense? If some vendor employs a flagging service that refuses your payment because it identifies some of your bitcoin as tainted…you think you’ll be able to send them a link to Paul’s article and they’ll do a 180 and accept your payment?

Fungibility and Virgin Bitcoin

Ultimately I think the CipherBlade conclusion is accurate, the average user need not concern themself with whether they hold “tainted” coins. But that doesn’t mean that it’s a non-existent risk or that the concept of “virgin” bitcoin isn’t something that is actually valued in the market, particularly by bigger players.

The fact that institutions, investment firms, and other large participants have not only expressed interest in virgin bitcoin, but will even pay a premium for it, proves that CipherBlade’s opinion of what should be considered “tainted” isn’t shared across the market.

They smugly claim:

Our hope is that by shedding light on exactly how ‘tainting’ works, people will realize how ridiculous the concept of virgin Bitcoin is and why there’s absolutely no good reason why virgin Bitcoin should command a premium for the same reason that is doesn’t make any sense to pay a premium for banknotes that no one else has ever used before.

…as if people managing billions of dollars are overpaying because they simply don’t understand that it’s “absurd” to consider a bitcoin tainted after a certain point, and if only these whales would read CipherBlade, they’d finally understand that bitcoin really is fungible!

Despite what CipherBlade claims, that “intermediate/advanced cryptocurrency users and traders, individuals who work full-time in the cryptocurrency industry, Bitcoin privacy experts, lawyers, many anti-money laundering professionals, regulatory agencies, and even law enforcement” all don’t understand the concept of tainted bitcoin, and somehow only CipherBlade gets it, and it falls on them to explain it to the rest of us… Ironically it seems to be CipherBlade who don’t understand that Bitcoin is clearly not comparable to cash in terms of fungibility or anonymity.

I notice they also neglect the other reason “virgin” bitcoin is a thing, which is, a concern for how bitcoin is mined. More specifically, by whom, where, how, and under what circumstances. Large institutions and investors are willing to pay a premium for bitcoin that they can prove wasn’t mined in China, or through a mining operation that uses fossil fuel energy, for example…because there are legitimate market consequences that come from that.

That’s not entirely relevant for the discussion here, but it’s still a facet to the “tainted” discussion and a very real concern for important market participants, and it’s not something to just be shrugged off as “that’s just ridiculous, they’re so dumb.”

There is a legitimate argument to be made that bitcoin mined by a renewable energy source in an Occident country is “better” than bitcoin mined in a despotic region using energy sources with a significant carbon footprint. And it’s not “absurd” for a company or other large organization to be willing to pay a premium for it.

This is something that seems lost on CipherBlade.


That being said, there is technically no way any service could guarantee that only “clean/untainted” funds will be paid to someone’s wallet, unless they simply discarded any tainted coins and only paid out clean ones. But that would almost certainly be a money-losing operation.

And even if a service could somehow manage to maintain operation while constantly throwing away “tainted” coins and come up with untainted ones to pay out instead, there’s no way to really know what coins are actually considered “tainted”, and what organizations have given them that label, because again, “tainted according to whom?”

The FBI might know certain BTC was involved in a crime, but there’s no reason to think every mixing service would know whether or not any particular coin was used in illegal activity.

So it’s not just possible to receive “tainted” coins whether using a protocol like Incognito or any kind of tumbler/mixing service… it’s essentially impossible for any such operation to guarantee you wouldn’t potentially receive “tainted” coin at some point.


@drusin thanks for your lengthy, detailed and well written responses and yes I must admit, that my initial post was indeed simplified and therefor exaggerated and maybe misleading in my ideas and understandings, I wrote it the way I wrote to generate awareness and learn about and from the community’s understanding concerning this topic and thanks to your replies I think this threat has become highly informative. And certainly I did not want to proclaim the statements and conclusions of Sedgwick and Sibenik as my own but by sharing their articles I tried to give more perspective towards the subject.

I do believe everyone should measure and evaluate the information consumed by herself for herself. In that light your contributions are an invaluable asset in this process of information obtaining and evaluating.
Therefor again kudos and thx to you!

Skål Freyr

Taproot might fix this problem.


Just wanted to add another consideration to this “tainted” discussion. Long term, businesses that preferentially accept cleaner coins will have less available liquidity (trading partners) and lower profitability. They will have fewer interactions with customers than a business who accepts any coins and will also have to spend money on a service that determines the cleanliness of a customer’s coins.

This “tainted” issue could be a problem in the short term, while government printers still work to fund KYC/AML/BSA violence, but in the long term, Bitcoin makes that behavior unsustainable. Cheers.


Coinjoins would be an interesting thing to look at.