[gizmo686]

Two points. First, crypto is hard. Unless a system is proven to have a certain property, assume the worst case scenario for your system. Second, SHA256, RIPEMD160 are hashes. By definition (of an ideal hashing algorithm), every output can be generated with the same probability, and changing a single bit of the input will have a 50% chance of changing a given output bit.

[Xcelerate]

I am familiar with how hashes work (I've written a Bitcoin address generator myself). To illustrate what I mean:

The Bitcoin address is just some chain of hashes (and a checksum) applied to the public key. To prove that the address IS actually output from the hash functions [and not spam], simply provide the public key along with it. Of course, you might say that is way too much data for the blockchain to handle. So you only limit the requirement of providing the public key to "suspicious" transactions. What constitutes a suspicious transaction could be a matter of debate, but I imagine it could be done, and it would avoid the problem of a Bitcoin's value depending on its ancestry.

[drivebyacct2]

Yeah, I think there is actually WIP to do something along the lines of what you worked out.

However, I'm not sure what good identifying "suspicious transactions" is going to do. They're not reversible. You can't really make any attempt to "blacklist" them - you'll almost surely lose.