The Webacy Risk Score API uses a modular approach to risk assessment, allowing you to request specific types of analysis to optimize performance and focus on relevant risk factors for your use case. View a full list of flags here.
Quickstart
View the table below for a high-level overview of each module. Scroll down for more detail on each module, included tags, and recommended module combinations to get started.
📋 Module-to-Tags Quick Reference
Module | Key Risk Tags | Primary Use Case |
---|---|---|
security_essentials | not-renounced, freezeable, mintable | Real-time screening |
governance_analysis | hidden_owner, is_proxy, upgradeable_contract | Smart contract auditing |
token_security | is_blacklisted, buy_tax, transfer_pausable | Token screening |
contract_analysis | is_closed_source, reentrancy__, SWC__ | Security audits |
market_data | is_honeypot, volatility, cannot_buy | Trading algorithms |
holder_analysis | top-10-holders-own-*-percent | Rugpull prevention |
liquidity_analysis | unlocked-liquidity, creator_percent | DeFi investments |
fraud_detection | hacker, drainer, *_rugged | AML compliance |
sanctions_compliance | ofac_sanctioned, sanctioned | Regulatory compliance |
mixer_detection | tornado, mixer, *_fundflow_* | Transaction monitoring |
address_behavior | wash_trading, automated_trading | Behavioral analysis |
transaction_analysis | address_poisoning | Wallet security |
reputation_analysis | is_scam, spam, fake_kyc | Community security |
solana_specific | bundled_token, has_been_sniped | Solana MEV detection |
ton_specific | is_nonstandard_jetton | TON compliance |
basic_info | insufficientwallet* | Quick filtering |
Detail In Depth
Read on for in-depth detail for each module including the purpose, included risk tags, and use cases. Scroll down for example combinations of modules for specific use cases.
📋 Available Modules
⚡ security_essentials
Purpose: Core security flags for real-time applications
Risk Tags Covered:
not-renounce
/not-renounced
- Contract ownership not renouncedfreezeable
/freezable
- Tokens can be frozenis_mintable
/mintable
- New tokens can be minted
Use Cases: Trading interfaces, wallet integrations, real-time screening
🏛️ governance_analysis
Purpose: Contract ownership, upgradeability, and access controls
Risk Tags Covered:
hidden_owner
- Contract owner is hidden or obfuscatedcan_take_back_ownership
- Owner can reclaim ownership after renouncingis_proxy
- Contract uses proxy patternaccess_control
- Access control vulnerabilities detectednot-renounce
/not-renounced
- Contract ownership not renouncedunprotected_upgrade
- Upgrades not properly protectedanti_whale_modifiable
- Anti-whale limits can be modifiedslippage_modifiable
- Slippage settings can be modifiedpersonal_slippage_modifiable
- Personal slippage can be modifiedupgradeable_contract
- Contract is upgradeabletrust_list
- Uses trust/whitelist mechanism
Use Cases: DeFi protocol analysis, smart contract auditing, governance token evaluation
🔒 token_security
Purpose: Token manipulation capabilities and restrictions
Risk Tags Covered:
freezeable
/freezable
- Tokens can be frozenis_mintable
/mintable
- New tokens can be mintedis_blacklisted
- Address blacklisting capabilityis_whitelisted
- Address whitelisting capabilityowner_change_balance
- Owner can change user balancestransfer_without_approval
- Transfers possible without approvalprivileged_burn
- Privileged burning capabilityrestricted_approval
- Approval restrictions existoversupply_minting
- Risk of oversupply through mintingtrading_cooldown
- Trading cooldown mechanismstransfer_pausable
- Transfers can be pausedbuy_tax / sell_tax
- Transaction taxes appliedis_anti_whale
- Anti-whale mechanismsnon-transferable
- Tokens cannot be transferredis_burnable
- Tokens can be burned
Use Cases: Token screening, DEX listings, portfolio management, trading bot integration
🔍 contract_analysis
Purpose: Static/dynamic code analysis and vulnerability detection
Risk Tags Covered:
is_closed_source
- Contract source code not verifiedselfdestruct
/suicidal
- Contract can self-destructexternal_call
- Makes external callsreentrancy_without_eth_transfer
/reentrancy_no_eth
- Reentrancy vulnerabilitiesinteger_overflow / integer_underflow
- Integer overflow/underflow risksfront_running_low/medium/high
- Front-running vulnerabilitiesmint_low/high
- Minting-related riskscentralized_risk_low/medium/high
- Centralization risksprice_manipulation_low/medium/high
- Price manipulation vulnerabilitieslocked_ether
- Ether can be locked in contractweak_prng
- Weak pseudo-random number generationtimestamp
- Timestamp dependency issuesSWC_108
throughSWC_130
- Smart Contract Weakness Classificationpess_*
tags - Pessimistic analysis for advanced vulnerability detection- Plus 50+ additional vulnerability detection tags
Use Cases: Security audits, DeFi risk assessment, smart contract due diligence
📊 market_data
Purpose: Price, volatility, market cap, and liquidity analysis
Risk Tags Covered:
volatility
- High price volatility detectedmarket_cap
- Market capitalization concernsis_in_dex
- Token listed on decentralized exchangescannot_buy
- Token cannot be purchasedis_honeypot
- Honeypot token detectedhoneypot_with_same_creator
- Creator has other honeypot tokens
Use Cases: Trading algorithms, market analysis, portfolio optimization, arbitrage detection
👥 holder_analysis
Purpose: Token distribution and concentration risks
Risk Tags Covered:
- top-10-holders-own-X-percent - Top 10 holders own X% (10%, 20%, 30%, 40%, 50%, 60%, 70%, 80%, 90%, 100%)
- minter-own-X-percent - Minter owns X% (20%, 50%, 90%)
- owner-own-X-percent - Owner owns X% (20%, 50%, 90%)
- update-authority-own-X-percent - Update authority owns X% (20%, 50%, 90%)
Use Cases: Investment research, rugpull prevention, tokenomics analysis, whale monitoring
💧 liquidity_analysis
Purpose: Pool data, unlock schedules, and LP analysis
Risk Tags Covered:
unlocked-liquidity
- Liquidity is not lockedlp_holder_count
- Liquidity provider holder count analysislp_total_supply
- Total LP token supply analysiscreator_balance
/creator_percent
- Creator's token balance/percentageowner_balance
/owner_percent
- Owner's token balance/percentage
Use Cases: DeFi investments, yield farming, liquidity provision, rugpull prevention
🚨 fraud_detection
Purpose: Malicious actor and rugpull detection
Risk Tags Covered:
hacker
/drainer
- Address identified as malicious actorassociated_hacker
/associated_drainer
- Associated with malicious actors*_rugged
/*_multiple_rugged
- Rugpull history (minter/owner/authority/holders)*_hacker
/*_drainer
- Malicious actor association (minter/owner/authority/holders)stealing_attack
/financial_crime
/cybercrime
/exploitation
- Criminal activity_fundflow_hacker
_ /*_fundflow_drainer
- Fund flow to malicious actors
Use Cases: AML compliance, fraud prevention, risk screening, security monitoring
⚖️ sanctions_compliance
Purpose: Regulatory compliance and sanctions screening
Risk Tags Covered:
sanctioned
/associated_sanctioned
- Sanctioned addressofac_sanctioned
- OFAC sanctioned*_ofac
- OFAC association (minter/owner/authority/holders)*_fundflow_ofac
- Fund flow to sanctioned addresses
Use Cases: Compliance programs, regulatory reporting, KYC/AML, institutional trading
🌪️ mixer_detection
Purpose: Privacy coin and mixer usage detection
Risk Tags Covered:
mixer
/associated_mixer
- Mixer usagetornado
/associated_tornado
- Tornado Cash usage_mixer
/_fixedfloat
/*_simpleswap
- Mixer service usage (minter/owner/authority)_fundflow_mixer
/ *_fundflow_fixedfloat
/_fundflow_simpleswap
- Fund flow through mixers
Use Cases: AML compliance, transaction monitoring, regulatory reporting
📈 address_behavior
Purpose: Trading patterns and behavioral analysis
Risk Tags Covered:
wash_trading
- Wash trading detectedautomated_trading
- Automated trading patternsmoney_laundering
- Money laundering indicatorsdarkweb_transactions
- Dark web transaction historymalicious_mining_activities
- Malicious miningblackmail_activities
/phishing_activities
- Criminal activitiesdeployed_high_volatility_token
- Deployed high-risk tokensnumber_of_malicious_contracts_created
- Created malicious contracts
Use Cases: Behavioral analysis, fraud detection, compliance monitoring, bot detection
🔄 transaction_analysis
Purpose: Transaction-level risk detection
Risk Tags Covered:
address_poisoning
- Address poisoning attacks detected
Use Cases: Wallet security, transaction monitoring, attack prevention
📢 reputation_analysis
Purpose: Community reports and reputation scoring
Risk Tags Covered:
blacklist_doubt
- Questionable blacklist statusspam_domain
/spam
- Spam-related activityvalid_report
- Valid community reportsfake_kyc
- Fake KYC documentationis_fake_token
/is_true_token
/is_scam
- Token authenticityillegal_unicode
- Illegal unicode charactersis_airdrop_scam
- Airdrop scam detection
Use Cases: Community-driven security, reputation systems, scam prevention
🌐 Chain-Specific Modules
☀️ solana_specific
Purpose: Solana-only risk factors
Risk Tags Covered:
has_been_sniped
- Token has been sniped by MEV botshas_been_bundled
/bundled_token
- Token involved in bundling attacksmutable-metadata
- Metadata can be changed after deploymentminted-less-than-10-minutes
/minted-less-than-1-hour
/minted-less-than-1-day
- Recently minted tokensimpersonator
- Token impersonates another legitimate tokenknown-malicious-token
- Token identified as malicious
Supported Chains: Solana
🔗 evm_specific
Purpose: EVM-only risk factors
Risk Tags Covered:
(Currently no specific tags mapped - module focuses on EVM-specific analysis patterns)
Supported Chains: Ethereum, Polygon, BSC, Arbitrum, Optimism, Base
💎 ton_specific
Purpose: TON-only risk factors
Risk Tags Covered:
is_nonstandard_jetton
- Non-standard jetton implementationis_nonstandard_jetton_wallet
- Non-standard jetton wallet implementation
Supported Chains: TON
🌊 sui_specific
Purpose: SUI-only risk factors
Risk Tags Covered:
(Currently no specific tags mapped - module focuses on SUI-specific analysis patterns)
Supported Chains: SUI
📋 basic_info
Purpose: Fast metadata checks
Risk Tags Covered:
insufficient_wallet_age
- Wallet too newinsufficient_wallet_balance
- Insufficient balanceinsufficient_wallet_transactions
- Too few transactions
Use Cases: Basic screening, wallet validation, quick filtering
Recommended
Not sure where to start? Not sure which modules work best for your use case? Consider the combinations below.
🎯 Recommended Module Combinations
🏃♂️ Real-Time Applications
modules=security_essentials
Use Case: Trading interfaces, wallet integrations, real-time screening
Coverage: Essential security flags only
🛡️ Security-Focused Analysis
modules=token_security,fraud_detection,sanctions_compliance,contract_analysis
Use Case: Security audits, DeFi protocols, comprehensive screening
Coverage: Complete security assessment
💰 Investment Research
modules=market_data,liquidity_analysis,holder_analysis,governance_analysis
Use Case: Portfolio management, investment decisions, due diligence
Coverage: Financial and governance risks
🔍 Compliance & AML
modules=sanctions_compliance,fraud_detection,mixer_detection,address_behavior
Use Case: Regulatory compliance, AML programs, institutional trading
Coverage: Regulatory and criminal activity detection
📊 Comprehensive Analysis
modules=security_essentials,token_security,fraud_detection,sanctions_compliance,market_data,liquidity_analysis
Use Case: Due diligence, comprehensive risk assessment, audit preparation
Coverage: All major risk categories