Well, the Bisq trading process leaves a huge fingerprint:
- Funds go through a multisig address
- Every deposit transaction has exactly one 32 byte OP_RETURN output and exactly one output to the multisig address receiving all inputs (minus fee)
- The multisig address is funded by exactly two inputs
- These inputs come from maker and taker fee transactions. With BTC trading fees, they can be identified as such pretty confidently by the amount and size of the outputs. If BSQ was used, it isn’t even a question whether it’s a Bisq transaction…
- Same-fee taker, deposit and payout transactions
- Taker fee and deposit transactions are broadcast at the same time
- …
If you use all these, you can identify funds coming from Bisq payouts pretty confidently.
Whether they would take the effort to code this just to attack Bisq is another question, though…