No freeze instead, refund. That’s the main policy. There is no AML score checking for privacy coins, as it’s impossible. We introduced the refund address because we want to return funds immediately to the user. We do not ask for KYC or verification, so there’s no point in freezing users’ funds when there is no system for KYC.
So there's no clear definition of high-risk transactions?
I understand that you don't want to process stolen transactions or avoid regulatory issues, but if the funds were stolen, returning them could pose additional legal issues.
The best solution would be to provide an option to check the transaction before depositing
Every user gets a deposit address that is different from our hot wallet. So when a high risk transaction is detected, we return it from the deposit address to your refund address. As long as it doesn’t get mixed up in the hot wallet, we practically have nothing to do with the risky transaction. I will try to implement a method that can validate transactions upfront before deposit.