ONYXAML
2026-06-13

How to verify a counterparty before a P2P deal and prove the funds are clean

The cheapest freeze is the one that never happened. If you accept USDT in P2P or OTC deals, 10 seconds of checking the counterparty's address saves weeks of unfreezing. Here is what to check before the deal, how to read the result, and how to document the check.

Why you check BEFORE, not after

Once "dirty" USDT is on your address, you have inherited its risk: on your first withdrawal to an exchange the AML engine pulls up the history, and the freeze lands on you, not the sender. Access can be restored, but it takes months and there are no guarantees. So the only truly cheap control is checking the counterparty's address before you release goods or accept a transfer.

What exactly to check — 4 points

1. Tether blacklist

Whether the address is on the USDT smart-contract blacklist (TRON/ETH) or frozen on Solana. A binary primary-source fact — tokens on such an address physically cannot move.

2. Sanctions

A match against OFAC / the Chainalysis oracle (we check 6 EVM chains + TRON/Solana via OFAC). A sanctioned address is a hard stop.

3. Scam databases and reports

Whether the address is in a public threat-intel database (ScamSniffer) and whether it has community reports — fresh local scammers not yet in the big paid databases.

4. Behavioural patterns

A fresh address (<30 days), a transit pattern (in ≈ out, near-zero balance), sender "fan-in" — not a verdict, but grounds to ask the counterparty extra questions.

How to do it in 2 seconds

Paste the counterparty's address into our free checker — it runs all four checks at once and shows a clear result in three zones:

  • 🟢 Clean — no risk markers found (but "clean" ≠ a guarantee, see below);
  • 🟡 Suspicious — pattern signals present, look closer before the deal;
  • 🔴 Dangerous — a direct link to sanctions / blacklist / scam, better cancel the deal.

The same check is in the Telegram bot @OnyxAML_bot — handy to check right in the deal chat.

How to document the check

For exchangers and regular P2P traders, what matters is not only the check but the proof that you did it. After a check you can issue a verification certificate — a clean one-page link with the address, risk zone, statuses (blacklist/sanctions/scam), an ID and a date. Forward it to the counterparty or client as proof of due diligence, print it or save it as PDF. Free, no registration.

The honest limit: what the check does NOT do

A contract check and an address passport are a first-pass screen, not a full forensic analysis. "Clean" means "no risk markers found at the time of the check", not "the funds are 100% clean": a keyless tool does not see the deep graph across many hops or proprietary cluster attribution. For large amounts or disputed cases there is the full forensic report with fund-flow tracing and categorized exposure. And no check gives a "guarantee of unfreezing" — anyone who promises that is a scam.

If the check shows risk

Red zone — do not release goods or accept the transfer; politely ask for a different address or cancel. If the funds were already received, do not try to "launder" them through an exchange — that worsens your position. Record everything (addresses, TxIDs, correspondence) and follow the first-24-hours plan.

Conclusion

Verifying a counterparty is the cheapest insurance in crypto: free, 2 seconds, saves weeks. Make it a habit before every deal, and for client-facing work, document it with a certificate. Start right now: check an address or issue a certificate.

Free preliminary case assessment

Describe your situation — we will return an honest assessment: what is realistically possible, how long it takes and what it costs. No "guaranteed unlocks" — they do not exist; compliance decides.

CASE INTAKE · FREE ASSESSMENTLIVE

Confidential. We run our own AML screening first: cases involving sanctioned or knowingly illicit flows are declined — including any sanctions-evasion scenarios.

Urgent situation?Direct Telegram contact