they discard the decoys when they’re given the transactions of interest, this lets them know that this transaction they saw on their node actually comes from that subphoenable entity (centralised exchange), from there they have the list of transactions that went through and they can rule out the dandelion decoys. but otherwise they can’t.

I also mentionned that they are looking at the fee structure on their malicious nodes, hence my recommendation to use the default fees. not sure if they’re actually using the rest. (number of inputs and outputs ?)