Great project! What I am missing is a guide of how to integrate Incognito into general OPSEC.
For example, which actions in the app expose the user’s IP address? This would be important to know when deciding which network to use before performing such actions.
Also, if the plan is to anonymize a transaction to someone who does not use Incognito, it seems that such a transaction would need to be shielded and then sent back out of Incognito to the destination address (/unshielded).
It is understandable in such a scenario that the amount of the second transaction should be delayed and use a lower amount than the shielding transaction to avoid easy matching on the public blockchain, but is it also necessary to transfer to another Incognito wallet before unshielding and/or converting through the pDEX before unshielding, in order to achieve both untraceability and unlinkability?
Finally, it seems that in any case the recipient would be able to tell that the monies received came out of Incognito. In the case where the recipient is a CEX or other off-ramp doing chain analysis as part of their AML, they certainly would know and might take issue with that. What are peoples’ experiences with unshielding (larger amounts) to CEXes?
Is there a risk of coins of clean origin becoming tainted as a result of sending them through Incognito?