The case of IncognitoMarket is disgusting. But there’s something I hope people will remember:
Never trust server-side encryption. You’ll never know what happens on the backend, because you have no access of it.
This case have some similarities with Law Enforcements made to Proton. They were fair by encrypting internal mails. But hey had to give all your mails coming from regular providers like gmail ect…
Conclusion ? When you want to use anykind of privacy/anonymity technology, you anonymize or encrypt yourself with tools like PGP for concealing files & text (and verify fingerprints) + Tor to hide your location ect…
P2P markets will need to rise at a moment or an other, because an other incognito like threat actor still can collect metadata around everything you encrypted (see how WhatsApp knows your life even with E2EE messages) & other precious data to harm you.
https://www.openpgp.org/software/