If a vendor withdraws from market --> intermediary wallet (over TOR), and then without tumbling deposits from intermediary wallet directly into separate, market buyer account to make a purchase, how much and what risks are there to vendor?
It seems to me that as long as shipping info is encrypted during purchase under buyer account, vendor should be pretty safe, right?
The main concern would be the buyer account getting linked to the vendor account, and therefore the vendor getting dox'd.
Theoretically, whoever has knowledge of the account identities linked to market addresses (i.e. market admin) could see the trail of vendor wallet withdrawal --> intermediary wallet --> buyer account. At that point, attacker could only dox vendor if shipping info was left unencrypted on an order, or if the vendor receiving the order from the original vendor's buyer account dox'd the identity of the buyer to market admin.
In a less likely scenario, market gets p0wned by LE in addition to the vendor who received the vendor-buyer account order. Knowing buyer's identity, LE is able to trace buyer BTC trail back to intermediary wallet and then back to original vendor acc't.
Is my logic correct here? Before anyone comments about it, YES, I KNOW that tumbling would solve this issue.
Thanks for the input.
Set the pipe down