Crypto Payment Safety Checklist for Freelancers

By Alexandr Kerya · · 6 min read

TL;DR - Screen a client's wallet address for sanctions, mixer, and stolen-funds exposure before you invoice, so a tainted payment does not freeze your next exchange deposit.

This checklist applies any time you accept crypto as a freelancer or contractor: a new client's first payment, a recurring retainer, or a large milestone invoice. Running it before you invoice catches the failure modes that only surface later - a client's wallet carrying sanctions or mixer exposure that gets inherited by your own address, funds tracing back to a hack or scam, and a look-alike address swapped in by an address-poisoning scam.

Before you start

You do not need the client's identity or any special access to run this check. Wallet screening reads public blockchain data: what an address has sent, received, and touched. You need one thing before you start - the exact wallet address the client plans to pay you from, confirmed before you send the invoice, not after the payment lands.

A manual look is possible. You can open the address on Etherscan and scroll through its recent transactions, checking whether anything looks obviously wrong. That shows you what moved, not what it means - recognizing a mixer contract or a sanctioned address by eye takes practice most freelancers do not have time for. Rather than reading a raw transaction list, screen the address with Plastron and get a single risk score covering sanctions, mixer, and stolen-funds exposure before you send anything.

Diagram showing a wallet address flowing through checks for sanctions list, mixer exposure, and stolen-funds clusters before producing a single risk score.AddressWallet addressSanctions listMixer exposureStolen-funds clusterRisk score
Screening a client's wallet checks four risk signals before you accept a single payment or send an invoice.

What can go wrong if you skip this?

The risk is not that the client is necessarily doing something wrong. It is that blockchains record every hop permanently, and compliance systems downstream treat that history as yours the moment the funds land in your wallet.

  • Frozen exchange deposit. If the payment carries exposure to a mixer or a stolen-funds cluster, the exchange you cash out through may hold the deposit for a source-of-funds review, sometimes for weeks.
  • Sanctions exposure. A direct or near-direct link to an OFAC-listed address is a compliance and legal problem, not an inconvenience you can explain away.
  • Address poisoning. Scammers send a zero-value transaction from an address that mimics the first and last characters of one you have paid before, hoping you copy the wrong one on your next invoice.

The checklist

Run through these steps in order, before the client's payment is treated as final.

  1. Collect the wallet address in writing before you start work.
    • Get it in the contract or a dated message, not a screenshot pulled from a group chat.
    • Confirm the chain - Ethereum mainnet or a supported layer-2 - matches what you plan to invoice.
  2. Screen the address before you accept the first payment.
    • Check for sanctions-list hits, mixer exposure, and stolen-funds clusters in one pass.
    • Treat a clean result as permission to proceed, not as proof of the client's identity.
  3. Check the address specifically against the sanctions list.
    • A direct match to the OFAC SDN list is a compliance problem, not just a reputational one - do not accept the payment.
    • The list updates regularly, so an address that was clean six months ago can be listed today.
  4. Verify the address character-by-character before you send confirmation back to the client.
    • Address poisoning relies on you copying a look-alike from your own transaction history instead of your records.
    • Copy the address straight from the contract or the original message, never from a similar-looking past transaction.
  5. Ask about the source of any payment that arrives larger than the invoice.
    • An overpayment followed by a request to refund the difference is a common scam pattern, independent of what screening shows.
    • Flag any request to split a payment across several unfamiliar addresses.
  6. Hold before forwarding a flagged payment to an exchange.
    • Moving tainted funds along does not clear the taint - it adds another hop with your name on it.
    • Record the transaction hash and your correspondence with the client while you assess the exposure.
  7. Re-screen recurring clients before each new invoice cycle.
    • A wallet's risk profile can change between payments if it transacts with a new counterparty.
    • Treat screening as a standing habit tied to invoicing, not a one-time onboarding step.

What should you do if a wallet comes back flagged?

A flagged result is not an accusation. It is a prompt to slow down before the funds move somewhere you cannot easily reverse. Do not immediately forward the payment to an exchange or another wallet.

Ask the client directly about the source of funds and request a different payment address if the exposure looks material. Document the transaction hash, the screening result, and your correspondence with the client. If you already accepted the payment, hold it in the same wallet until you understand the exposure - this is what a frozen deposit looks like once tainted funds have already moved on. A low, distant score usually just means keeping records. A direct hit to a sanctioned address or a fresh hack means stopping before you touch the funds again.

How often should you re-screen a recurring client?

A one-time check at onboarding is not enough for a client who pays you every month. Re-screen before each invoice cycle on high-value or recurring relationships, and always after a client pays you from a new address you have not seen before.

A wallet's risk profile is not fixed. It changes every time the address transacts with someone new, so a clean result from three months ago tells you nothing about today. Treat re-screening as part of invoicing, the same way you would confirm payment terms before starting new work.

FAQ

Do I need to screen every client, even ones I trust?

Screening checks the wallet's on-chain history, not the client's intentions. A client can be entirely honest and still pay you from an address that received funds from a compromised source earlier in its history, so screening protects you regardless of how well you know them.

Is it awkward to ask a client for their wallet address before invoicing?

No. Asking for a payment address before work begins is standard practice, similar to confirming a bank routing number on a fiat invoice. Most clients expect it and will send it without questions.

What if I already accepted a payment and did not screen it first?

Screen it now, before you move the funds anywhere. If the result is clean, proceed as normal. If it is flagged, hold the funds and document the transaction while you assess whether the exposure is likely to trigger a hold at your exchange.

Does a clean screening result guarantee my deposit will not be held?

No screen can guarantee an exchange's internal decision. A clean result means no flagged exposure was found in the address's history, which makes a hold far less likely, not impossible.

Disclaimer: This article is for educational and informational purposes only and is not legal, financial, tax, or compliance advice. Crypto carries risk; you act on this information at your own risk. Always do your own research and consult a qualified professional before making decisions. Views are the author's own and do not constitute financial, legal, or investment advice.

About Plastron

Plastron is a free, non-custodial wallet screening tool. It checks Ethereum and six EVM chains for AML and KYT risk — sanctions exposure, mixer contact, and stolen-funds proximity — and returns a risk report in seconds. It reads public on-chain data only: it never takes custody of funds and never asks for private keys.

How Plastron works and who runs it →

Keep reading

Preventing Exchange Account Freezes: Screening Your Deposits for High-Risk OriginsWhat to Do If You Received Crypto From a Hacked ProtocolDoes Using a No-KYC Exchange Flag Your Wallet for AML Risk?Address Screening vs Transaction Monitoring: Which AML Control Do You Need?