Welcome to Onchain AML API
OKLink Onchain AML products are supported by over 3 billion address labels including millions of malicious address labels and combined with our onchain data analytic skills to enhance the capability of full dimensional onchain risk detection, ensuring safety and compliance without worries.
- Know Your Transaction is an onchain transaction monitoring tool. With a vast database, users can easily identify connections between addresses and entities, detect risks, and raise instant alerts to meet the compliance needs of Virtual Asset Service Providers (VASPs).
- Know Your Address is a data-driven risk assessment tool. It quantifies the risk of the on-chain address by fixed rules and scoring model, and demonstrates the risk through the form of score, so that users have an intuitive sense of the risk level of the address.
- Token Risk scanner is a risk scanning tool that covers over 4 million tokens and mainly focuses on contract security, token stability and token distribution.
Product subscription
Subscribe now for our Onchain AML API or request a demo or trial account here.
You can also reach us by:
- Email:[email protected]
- Tele:https://t.me/OKLinkAPI
Create API Keys
Visit OKLink registration page and sign up with email or phone number
Visit and login to your OKLink account
Create your exclusive API Key by clicking "Create API" on the API page.Click on “Create API” and a new API Key will be created.
Customize risk setting according to compliance requirements on the KYT dashboard.
API Authentication
API key is the unique identifier used for accessing API interfaces. All Open API interfaces require API key authentication prior to accessing.
Root URL for API:
https://www.oklink.com/
You will be using the newly created API Key as query parameter.
Request Example:
curl -X GET 'https://www.oklink.com/api/v5/explorer/blockchain/summary' \
--header 'Ok-Access-Key:Your APIkey' \
--header 'Content-type: application/json'
Supported Crypto Networks
OKLink is dedicated to achieve the most comprehensive view of Onchian activities. Onchain AML not only able to track and trace continuously on any suspicious transaction on the same chain but also cross-chain transactions. The table below listed the blockchain that could be screened for risks on any address or transaction. For blockchains that are not currently supported, please contact us at [email protected] and OKLink team will review your request accordingly.
Know Your Transaction (KYT)
These endpoints provide a holistic crypto asset transactions monitoring solution.
Our Services:
- Monitor transaction risks in the deposit and withdrawal process, identify malicious addresses, generate risk warnings.
- Provide accurate risk warnings and continuous monitoring of designated transactions for the last 30 days.
- Multiple functions on customizing risk alert and allowing compliance teams to update alert status.
- Build a comprehensive address identity profile.
- Supported by a massive database with billions of address labels.
How it works:
- Users can build an extensive solution, by using KYT API, to integrate the entire workflow with OKLink compliance tool and to retrieve KYT-generated alerts and exposure details so as to assist in decision-making and risk screening.
Get supported crypto network
This endpoint retrieves the list of chains supported by OKLink KYT.
HTTP Request
GET /api/v5/tracker/kyt/chain-list
Request Example
GET /api/v5/tracker/kyt/chain-list
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| category | String | No | Choose the blockchain network either mature or emerging for this endpoint. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"chainFullName": "Bitcoin",
"chainShortName": "BTC",
"symbol": "BTC",
"model": "utxo",
"category": "mature",
"network": "BTC",
"chainId": "0"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| chainFullName | String | The blockchain network full name, e.g., Bitcoin. |
| chainShortName | String | The blockchain network, e.g., BTC. |
| symbol | String | The native token symbol, e.g., btc. |
| model | String | The type of Chain model, e.g., utxo, account and etc. |
| category | String | The category of blockchain network, e.g., mature or emerging. |
| network | String | The blockchain network, e.g., BTC. |
| chainId | String | The blockchain network ID. |
Get transaction details
This endpoint retrieves the transaction details through transaction hash.
HTTP Request
GET /api/v5/tracker/kyt/transfers-info
Request Example
GET /api/v5/tracker/kyt/transfers-info?userId=12&txid=0x1ccba96343bd1e6aad3668203d20b75e73022179b9d505721e00b66d21c91ae6&network=eth&outputAddress=0x043827a6dcfffb7fe21953d3bad32a1c74bb73bf
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., BTC. |
| tokenContractAddress | String | No | The token contract address, and can't not be empty when inquiring about token transaction. |
| txid | String | Yes | The transaction hash for this transaction. |
| outputAddress | String | Yes | The destination address for funds within the transaction |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"userId": "TronTest",
"chainFullName": "TRON",
"network": "TRON",
"token": "TRX",
"tokenContractAddress": "",
"txid": "9eef7ca0168332654b4392b61f55c6208f39f5edd52cdbb9adf150529399e34d",
"outputAddress": "TWd4WrZ9wn84f5x1hZhL4DHvk738ns5jwb",
"inputAddresses": "TZAzpGxSLHoKDEo1PhS18hTvnLSU57w44G",
"usdAmount": "0",
"tokenAmount": "0.000001",
"transactionTime": "1683780423000"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| chainFullName | String | The blockchain network full name, e.g., Bitcoin. |
| network | String | The blockchain network, e.g., BTC. |
| token | String | The token used for this network transction, e.g., BTC. |
| tokenContractAddress | String | The token contract address, and return "" if it's empty. |
| txid | String | The transaction hash for this transaction. |
| outputAddress | String | The destination address for funds within the transaction |
| inputAddresses | String | A list of input addresses of the transfer. |
| usdAmount | String | The amount of cryptocurrency funds in USD used in this transfer. |
| tokenAmount | String | The amount of cryptocurrency funds used in this transfer. |
| transactionTime | String | The Unix timestamp when the transfer occurred, e.g:1597026383085 |
Get address label
This endpoint retrieves the label details of a specific address including sanctions, malicious, entity-related, etc.
HTTP Request
GET /api/v5/tracker/kyt/transfers/exposures
Request Example
GET /api/v5/tracker/kyt/transfers/exposures?network=eth&userId=userId1&address=0x5a52E96BAcdaBb82fd05763E25335261B270Efcb&direction=sent
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., BTC. |
| tokenContractAddress | String | No | The token contract address, and can't not be empty when inquiring about token transaction. |
| txid | String | Optional | The transaction hash for this transaction. Choose either txid or address for this endpoint. |
| address | String | Optional | The blockchain address for this transaction. Choose either txid or address for this endpoint. |
| direction | String | No | This value defines whether the transfer is sent or received. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0x5a52e96bacdabb82fd05763e25335261b270efcb",
"entity": [
{
"category": "Exchange",
"value": "Binance"
}
],
"maliciousDirect": [],
"maliciousIndirect": [
{
"category": "Blocked",
"value": ""
},
{
"category": "Sanction",
"value": ""
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | The blockchain address for this call. |
| entity | Array | The list of entity labels for this address. |
| > category | String | The category of entity label. |
| > value | String | The detailed information of the entity label. |
| maliciousDirect | Array | The list of malicious labels for this address. |
| > category | String | The category of malicious label. |
| > value | String | The detailed information of the malicious label. |
| maliciousIndirect | Array | The list of suspicious labels for this address. |
| > category | String | The category of suspicious label. |
| > value | String | The detailed information of the suspicious label. |
Get transaction alert
This endpoint retrieves risk alert through transaction hash when certain transaction has triggered the customized risk setting.
HTTP Request
GET /api/v5/tracker/kyt/transfers/transfers-alerts
Request Example
GET /api/v5/tracker/kyt/transfers/transfers-alerts?userId=63&network=eth&direction=received&address=0x7ff9cfad3877f21d41da833e2f775db0569ee3d9&tokenAmount=1
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| userId | String | Yes | The userID must be between 1 and 36 characters in length, and allowed characters are -_:a-zA-Z0-9.All user activity is recorded in the KYT API under a user ID. You should use the same user ID for a user across all supported asset types, as this allows KYT to assess the user risk based on his or her combined activity. |
| network | String | Yes | The blockchain network, e.g., BTC. |
| tokenContractAddress | String | No | The token contract address, and can't not be empty when inquiring about token transaction. |
| txid | String | Yes | The transaction hash for this transaction. Choose either txid or address for this endpoint. |
| outputAddress | String | Yes | The output address for that transaction (always the funds to address) |
| index | String | No | The position of the output address of the pen in the transaction (always the index of the funds-to address), only for blockchain of the UTXO model |
| direction | String | Yes | This value defines whether the transfer is sent or received |
| tag | String | No | The reference for your organization that can be added to this call. |
| tokenAmount | String | No | The amount of cryptocurrency funds used in this transfer, and it's required when choosing address as input parameter. |
| tokenPrice | String | No | Token price |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"tag": "test2",
"category": "Darknet",
"value": "",
"alertId": "f72b2ff2706d4ab5945587c7fba36487",
"alertAmount": "16.60490448518",
"alertLevel": "SEVERE",
"exposureType": "direct",
"alertType": "deposit",
"address": "0xca30d700034461a007f51867a505bef7307869102b1b1509c7403adfc4675275"
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| tag | String | Transfer reference for this transaction. |
| category | String | The category of address label. |
| value | String | The detailed information of the label. |
| alertId | String | The alert Id for this call. |
| alertAmount | String | The threshold for this type of risk category. |
| alertLevel | String | Type of alert level SEVERE HIGH MEDIUM LOW NONE |
| exposureType | String | Type of exposure as direct or indirect. |
| alertType | String | Type of alert deposit withdrawal behavioral |
| address | String | The blockchain address for this transaction. |
Get withdrawal attempts alerts
This endpoint retrieves address risk level through API by performing preliminary risk screening to withdrawal address. If risk is identified, users can instantly implement precise prevention and control.
HTTP Request
GET /api/v5/tracker/kyt/transfers/withdrawal-attempts-alerts
Request Example
GET /api/v5/tracker/kyt/transfers/withdrawal-attempts-alerts?userId=63&network=eth&direction=received&address=0x7ff9cfad3877f21d41da833e2f775db0569ee3d9&tokenAmount=1
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| userId | String | Yes | "The userID must be between 1 and 36 characters in length, and allowed characters are -_:a-zA-Z0-9.All user activity is recorded in the KYT API under a user ID. You should use the same user ID for a user across all supported asset types, as this allows KYT to assess the user risk based on his or her combined activity." |
| network | String | Yes | The blockchain network, e.g., BTC. |
| tokenContractAddress | String | No | The token contract address, and can't not be empty when inquiring about token transaction. |
| address | String | Yes | The blockchain address for this transaction. Choose either txid or address for this endpoint. |
| direction | String | Yes | This value defines whether the transfer is sent or received |
| tag | String | No | The reference for your organization that can be added to this call. |
| tokenAmount | String | Yes | The amount of cryptocurrency funds used in this transfer, and it's required when choosing address as input parameter. |
| tokenPrice | String | Yes | Token price |
| time | String | No | Withdrawal time |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"tag": "test2",
"category": "Darknet",
"value": "",
"alertId": "f72b2ff2706d4ab5945587c7fba36487",
"alertAmount": "16.60490448518",
"alertLevel": "SEVERE",
"exposureType": "direct",
"alertType": "deposit",
"address": "0xca30d700034461a007f51867a505bef7307869102b1b1509c7403adfc4675275"
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| tag | String | Transfer reference for this transaction. |
| category | String | The category of address label. |
| value | String | The detailed information of the label. |
| alertId | String | The alert Id for this call. |
| alertAmount | String | The threshold for this type of risk category. |
| alertLevel | String | Type of alert level SEVERE HIGH MEDIUM LOW NONE |
| exposureType | String | Type of exposure as direct or indirect. |
| alertType | String | Type of alert deposit withdrawal behavioral |
| address | String | The blockchain address for this transaction. |
Get all transaction alerts
This endpoint retrieves information on all alerts that have been raised within your organization.
HTTP Request
GET /api/v5/tracker/kyt/alerts
Request Example
GET /api/v5/tracker/kyt/alerts?limit=2&alertLevel=HIGH
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| userId | String | No | Returns all alerts associated with a specific userId. |
| token | String | No | Returns all alerts associated with a specific token. |
| tokenContractAddress | String | No | Returns all alerts associated with a specific token adress. |
| produceAlertType | String | No | Filters alerts by alert genration method as initiative and continuous. |
| alertLevel | String | No | Filters alerts by alert level as SEVERE, HIGH, MEDIUM, LOW and NONE. |
| alertType | String | No | Filters alerts by alert type as deposit, withdrawal and behavioral. |
| alertStatus | String | No | Filters alerts by alert status as unreviewed, in_review, completed, flagged and dismissed. |
| limit | String | No | Places a limit on the number of returned alert objects. |
| page | String | No | Returns all alerts on a specific page number. |
| begin | String | No | Filters alerts by time greater than specific Unix timestamp and uses with end parameter. |
| end | String | No | Filters alerts by time less than specific Unix timestamp. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"page": "1",
"limit": "1",
"totalPage": "397",
"alertList": [
{
"alertUsdAmount": "0",
"txid": "0xf7e679b1f59312c46034384dd9e5e9f506a8f7a18f210626908caaef654a3ef4",
"exposureType": "indirect",
"alertStatus": "unreviewed",
"alertId": "61ac574e6ee34c7ca789d55b72e8bdbd",
"direction": "received",
"transactionTime": "1652646460000",
"alertLevel": "SEVERE",
"category": "Hack",
"value": "",
"updateTime": "1678696120133",
"userId": "98",
"alertCreatTime": "1678696120133",
"alertType": "deposit",
"produceAlertType": "initiative",
"address": "0x73b359d5da488eb2e97990619976f2f004e9ff7c",
"token": "eth"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| page | String | The current page number. |
| limit | String | The total number of alert objects returned. |
| totalPage | String | The total number of pages. |
| alertList | Array | A list of alerts. |
| > alertUsdAmount | String | The transaction value in USD. |
| > txid | String | The transaction hash. |
| > exposureType | String | Type of exposure as direct or indirect. |
| > alertStatus | String | The alert status as unreviewed, in_review, completed, flagged and dismissed. |
| > alertId | String | Alert Id generated by KYT system. |
| > direction | String | Direction of the transaction as sent and received. |
| > transactionTime | String | The time when the transaction on the blockchain that caused the alert. |
| > alertLevel | String | Transaction alert level as SEVERE, HIGH, MEDIUM, LOW and NONE. |
| > category | String | The category of address label. |
| > value | String | The detailed information of the label. |
| > updateTime | String | This transaction risk information was last updated on |
| > userId | String | User Id |
| > alertCreatTime | String | Time that the alert was created. |
| > alertType | String | The alert type as deposit, withdrawal and behavioral. |
| > produceAlertType | String | The alert genration method as initiative and continuous. |
| > address | String | The blockchain address for this transaction. |
| > token | String | The token for this transaction. |
Post alert statuses and comments
The compliance team may modify alert status and add remarks through API.
HTTP Request
POST /api/v5/tracker/kyt/update-alert-status
Request Example
POST /api/v5/tracker/kyt/update-alert-status
Body
{
"alertId": "50ac803210c842bcbbe2e9d5deaf1acc",
"alertStatus": "flagged",
"comment": "pdsd"
}
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| alertId | String | Yes | Alert Id generated by KYT system. |
| alertStatus | String | No | Filters alerts by alert status as unreviewed, in_review, completed, flagged and dismissed. |
| comment | String | No | Include the comment you want to specify for the given alert within 1000 characters. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"alertId": "50ac803210c842bcbbe2e9d5deaf1acc",
"alertStatus": "completed",
"comment": "this is bug",
"updateTime": "1678699149743"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| alertId | String | Alert Id generated by KYT system. |
| alertStatus | String | Alert status as unreviewed, in_review, completed, flagged and dismissed. |
| comment | String | The comment you submitted in your request body. |
| updateTime | String | The Unix timestamp when the the alert status was updated. |
Get alert statuses and comments
This endpoint retrieves the latest alert status and comment through API.
HTTP Request
GET /api/v5/tracker/kyt/alert-status
Request Example
GET /api/v5/tracker/kyt/alert-status?alertId=4cb7279357064143af29b26d0cf19bea
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| alertId | String | Yes | Alert Id generated by KYT system. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"alertId": "50ac803210c842bcbbe2e9d5deaf1acc",
"alertStatus": "completed",
"comment": "this is bug",
"updateTime": "1678699149743"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| alertId | String | Alert Id generated by KYT system. |
| alertStatus | String | Alert status as unreviewed, in_review, completed, flagged and dismissed. |
| comment | String | The comment you submitted in your request body. |
| updateTime | String | The Unix timestamp when the the alert status was updated. |
Get all users
This endpoint retrieves all user details and risk screening report in the KYT system.
HTTP Request
GET /api/v5/tracker/kyt/users
Request Example
GET /api/v5/tracker/kyt/users
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| limit | String | No | Places a limit on the number of returned alert objects, default is 100, maximum is 100 |
| page | String | No | Returns all users on a specific page number. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"page": "1",
"limit": "1",
"totalPage": "19",
"userList": [
{
"userId": "98",
"updateTime": "1678697034939",
"riskLevel": "SEVERE"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| page | String | The current page number. |
| limit | String | The total number of users objects returned. |
| totalPage | String | The total number of pages. |
| userList | Array | A list of users. |
| > userId | String | User ID |
| > riskLevel | String | User risk level SEVER HIGH MEDIUM LOW |
| > updateTime | String | The Unix timestamp when the the users status was updated. |
Get a single user by userId
This endpoint retrieves particular user details in the KYT system.
HTTP Request
GET /api/v5/tracker/kyt/user
Request Example
GET /api/v5/tracker/kyt/user?userId=APTTest2
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| userId | String | Yes | Returns all alerts associated with a specific userId. |
| limit | String | No | Places a limit on the number of returned alert objects. |
| page | String | No | Returns all users on a specific page number. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"page": "1",
"limit": "100",
"totalPage": "1",
"userId": "APTTest2",
"updateTime": "1684327472684",
"riskLevel": "SEVERE",
"createTime": "1684210586588",
"sentUsdAmount": "0",
"receivedUsdAmount": "50.400687283012005",
"alertList": [
{
"alertId": "f72b2ff2706d4ab5945587c7fba36487",
"value": "",
"category": "Darknet"
},
{
"alertId": "e080161a2a5c4e08b978812f3177fb90",
"value": "",
"category": "Darknet"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| page | String | The current page number. |
| limit | String | The total number of objects returned. |
| totalPage | String | The total number of pages. |
| userId | String | User Id. |
| updateTime | String | The Unix timestamp when the the user status was updated. |
| riskLevel | String | User risk level as SEVERE, HIGH, MEDIUM, LOW and NONE. |
| createTime | String | The Unix timestamp when the the user status was created. |
| sentUsdAmount | String | Total sent amount in USD. |
| receivedUsdAmount | String | Total received amount in USD. |
| alertList | Array | User's list of alerts. |
| > alertId | String | Alert Id generated by KYT system. |
| > category | String | The category of address label. |
| > value | String | The detailed information of the label. |
Know Your Address(KYA)
The following endpoints identify risks through five dimensions: malicious addresses, malicious address associates, suspicious transactions, high-risk identities and risky entities
Get supported crypto network
Get the list of blockchain supported by Address Healthiness through this interface.
HTTP Request
GET /api/v5/tracker/kya/chain-list
Request Example
GET /api/v5/tracker/kya/chain-list
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"chainId": "1",
"chainFullName": "Ethereum",
"chainShortName": "ETH",
"network": "ETH"
},
{
"chainId": "195",
"chainFullName": "TRON",
"chainShortName": "TRON",
"network": "TRON"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| chainFullName | String | The blockchain network full name, e.g., Ethereum. |
| chainShortName | String | The blockchain network, e.g., ETH. |
| chainId | String | The blockchain network ID. |
| network | String | The blockchain network, e.g., ETH. |
Get address score
This endpoint retrieves address score and detailed breakdown.
HTTP Request
GET /api/v5/tracker/kya/address-risk-level
Request Example
GET /api/v5/tracker/kya/address-risk-level?network=ETH&address=0xde3fa44e0f532fb1de4fbe157ff3b031b7df67e0
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., ETH |
| address | String | Yes | The blockchain address for this call. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0xde3fa44e0f532fb1de4fbe157ff3b031b7df67e0",
"level": "LOW",
"riskScore": "80",
"associatBlackAddresses": "1",
"interactionTime": "1",
"amount": "6.9883895758257",
"maliciousAddressrelatedpartiesList": [
{
"associatedWithDarknet": false,
"associatedWithFakeIco": false,
"associatedWithGambling": false,
"associatedWithHack": false,
"associatedWithLaundering": false,
"associatedWithPhishing": false,
"associatedWithPonzi": false,
"associatedWithScam": false,
"associatedWithThief": false,
"associatedWithRansomware": false,
"associatedWithSanction": false,
"associatedWithBlocked": true,
"associatedWithTerroristFinancing": false,
"associatedWithHighRiskJurisdiction": false
}
],
"suspiciousTransactionList": [
{
"newAddressNotEnabled": false,
"multipleTransaction": false,
"largeTransaction": false,
"frequentTransaction": false,
"ultraHighValueTransaction": false,
"frequentTransferIn": false,
"decentralizedTransferOut": false,
"privacyToken": false,
"frequentTransfers": false,
"highConcentration": false,
"transitAddress": false,
"excessiveTransactionTarget": false,
"frequentTransferOut": false,
"centralizedTransferOut": false,
"inactiveAddress": false
}
],
"maliciousAddressList": [
{
"darknet": false,
"fakeIco": false,
"gambling": false,
"hack": false,
"moneyLaundering": false,
"phishing": false,
"ponzi": false,
"scam": false,
"thief": false,
"ransomware": false,
"sanction": false,
"blocked": false,
"terroristFinancing": false,
"highRiskJurisdiction": false
}
],
"entityRiskList": [
{
"highRiskExchange": false,
"mediumRiskExchange": false,
"lowRiskExchange": false
}
],
"identityRisk": [
{
"sybil": false,
"mixerUser": false,
"flashLoanAttack": false
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | An echo back of the address parameter. |
| level | String | Address risk level as SEVERE, HIGH, MEDIUM, LOW and NONE. |
| riskScore | String | Low score will be assigned to an illicit address. |
| maliciousAddressrelatedpartiesList | Array | Malicious addressre latedparties list |
| > associatedWithDarknet | Bol | Address is associated with address labels as darknet. |
| > associatedWithFakeIco | Bol | Address is associated with address labels as fake ico. |
| > associatedWithGambling | Bol | Address is associated with address labels as gambling. |
| > associatedWithHack | Bol | Address is associated with address labels as hack. |
| > associatedWithLaundering | Bol | Address is associated with address labels as laundering. |
| > associatedWithPhishing | Bol | Address is associated with address labels as phishing. |
| > associatedWithPonzi | Bol | Address is associated with address labels as ponzi. |
| > associatedWithScam | Bol | Address is associated with address labels as scam. |
| > associatedWithThief | Bol | Address is associated with address labels as thief. |
| > associatedWithRansomware | Bol | Address is associated with address labels as ransomware. |
| > associatedWithSanction | Bol | Address is associated with address labels as sanction. |
| > associatedWithBlocked | Bol | Address is associated with address labels as blocked. |
| > associatedWithTerroristFinancing | Bol | Address is associated with address labels as terrorist financing. |
| > associatedWithHighRiskJurisdiction | Bol | Address is associated with address labels as high risk jurisdiction. |
| associatBlackAddresses | String | Count illicit addresses that associated with target addresses. |
| interactionTime | String | Count the iteration between illicit addresses and target address. |
| amount | String | Total transaction amount in USD. |
| suspiciousTransactionList | Array | Suspicious behavior for this address. |
| > largeTransaction | Bol | Address has large portion of whale transaction. |
| > ultraHighValueTransaction | Bol | Address has ultra high volume of transaction. |
| > frequentTransferIn | Bol | Address has frequent inflow volume. |
| > frequentTransferOut | Bol | Address has frequent outflow volume. |
| > frequentTransaction | Bol | Address has high volume of transaction. |
| > highConcentration | Bol | Address has high concentration of transaction. |
| > centralizedTransferOut | Bol | Address has many small amount inflow transaction and concentrated large outflow transaction. |
| > decentralizedTransferOut | Bol | Address has many small amount outflow transaction and concentrated large inflow transaction. |
| > multipleTransaction | Bol | Address has frequent transaction with single counterparty. |
| > transitAddress | Bol | Address is a transit address. |
| > inactiveAddress | Bol | Address is an inactive address. |
| > newAddressNotEnabled | Bol | Address is not enabled. |
| > frequentTransfers | Bol | Address has many inflow transactions with seldom outflow transaction. |
| > excessiveTransactionTarget | Bol | Address trades large selection of tokens. |
| > privacyToken | Bol | Address trades privacy token. |
| maliciousAddressList | Array | Malicious labels for this address. |
| > darknet | Bol | This address labels as darknet. |
| > fakeIco | Bol | This address labels as fake ICO. |
| > gambling | Bol | This address labels as gambling. |
| > hack | Bol | This address labels as hack. |
| > moneyLaundering | Bol | This address labels as money laundering. |
| > phishing | Bol | This address labels as phishing. |
| > ponzi | Bol | This address labels as ponzi. |
| > scam | Bol | This address labels as scam. |
| > thief | Bol | This address labels as thief. |
| > ransomware | Bol | This address labels as ransomware. |
| > sanction | Bol | This address labels as sanction. |
| > blocked | Bol | This address labels as blocked . |
| > terroristFinancing | Bol | This address labels as terrorist financing. |
| > highRiskJurisdiction | Bol | This address labels as high risk jurisdiction . |
| entityRiskList | Array | Entity labels for this address. |
| > highRiskExchange | Bol | This address labels as high risk exchange. |
| > mediumRiskExchange | Bol | This address labels as medium risk exchange. |
| > lowRiskExchange | Bol | This address labels as low risk exchange. |
| identityRiskList | Array | Identity label for this address. |
| > sybil | Bol | This address labels as sybil. |
| > mixerUser | Bol | This address labels as mixer user. |
| > flashLoanAttack | Bol | This address labels as flash loan attack. |
Get address risk level
Generate address risk assessment results based on customized risk rules and API returns address risk levels in real time.
HTTP Request
GET /api/v5/tracker/kya/address-risk-screening
Request Example
GET /api/v5/tracker/kya/address-risk-screening?network=BSC&address=0x489a8756c18c0b8b24ec2a2b9ff3d4d447f79bec'
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., ETH |
| address | String | Yes | The blockchain address for this call. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0x489a8756c18c0b8b24ec2a2b9ff3d4d447f79bec",
"level": "HIGH",
"associateBlackAddresses": "0",
"interactionTime": "0",
"amount": "0",
"maliciousAddressList": [
{
"category": "Hack",
"value": "BNB Token Hub"
}
],
"maliciousAddressRelatedPartiesList": []
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | An echo back of the address parameter. |
| level | String | Address risk level as SEVERE, HIGH, MEDIUM, LOW and NONE. |
| associateBlackAddresses | String | Interactions with blocklist addresses |
| interactionTime | String | Count the iteration between illicit addresses and target address. |
| amount | String | Total transaction amount in USD. |
| maliciousAddressList | Array | Malicious labels for this address. |
| >category | String | Risk Label Category darknet fake_ico gambling hack money_laundering phishing ponzi scam thief ransomware sanction blocked terrorist_financing high_risk_jurisdiction crypto_mixer_user sybil_attacks flash_loan_attacks |
| >name | String | Label name |
| maliciousAddressRelatedPartiesList | Array | Malicious addressre latedparties list |
| >category | String | Risk Label Category darknet fake_ico gambling hack money_laundering phishing ponzi scam thief ransomware sanction blocked terrorist_financing high_risk_jurisdiction crypto_mixer_user sybil_attacks flash_loan_attacks |
Create address monitoring
This interface adds address-time monitoring to the addresses you are interested in.
HTTP Request
POST /api/v5/tracker/kya/create-address-monitoring
Request Example
POST /api/v5/tracker/kya/create-address-monitoring
{
"duration":"30D",
"trigger":"BLACK_TYPE",
"note":"binance",
"phone":"18888",
"network":"BSC",
"address":"0x8894E0a0c962CB723c1976a4421c95949bE2D4E3"
}
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., ETH |
| address | String | Yes | The blockchain address for this call. |
| note | String | No | Note |
| trigger | String | No | Monitoring conditions that trigger a change in risk RISK_LEVEL BLACK_TYPE |
| duration | String | No | Duration perpetual 90D 60D 30D |
| phone | String | Optional | Phone number to receive information about risk changes at this address |
| String | Optional | Email address to receive information about risk changes at this address |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0x8894E0a0c962CB723c1976a4421c95949bE2D4E3",
"network": "BSC"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | An echo back of the address parameter. |
| network | String | The blockchain network, e.g., ETH. |
Cancel address monitoring
This interface allows you to cancel monitoring addresses that you have added.
HTTP Request
POST /api/v5/tracker/kya/cancel-address-monitoring
Request Example
POST /api/v5/tracker/kya/cancel-address-monitoring
{
"network":"eth",
"address":"0xe1e3b9481c27887e9a078fb08a11fa93fda4cd4a"
}
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., ETH |
| address | String | Yes | The blockchain address for this call. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0x8894E0a0c962CB723c1976a4421c95949bE2D4E3",
"network": "BSC"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | An echo back of the address parameter. |
| network | String | The blockchain network, e.g., ETH. |
Get address monitoring list
This interface allows you to view the list of addresses you have added to the watch list.
HTTP Request
GET /api/v5/tracker/kya/address-monitoring-list
Request Example
GET /api/v5/tracker/kya/address-monitoring-list
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., ETH |
| address | String | Yes | The blockchain address for this call. |
| trigger | String | No | Monitoring conditions that trigger a change in risk RISK_LEVEL BLACK_TYPE |
| limit | String | No | Places a limit on the number of returned alert objects, default is 100, maximum is 100 |
| page | String | No | Returns all users on a specific page number. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"page": "0",
"limit": "1",
"totalPage": "13",
"monitoringList": [
{
"network": "BSC",
"address": "0xf152c00a302c6d17aca1863da78c8f63a46a79a2",
"trigger": "RISK_LEVEL",
"email": "",
"phone": "",
"createdTime": "1694145384287",
"updateTime": "0",
"note": ""
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| page | String | The current page number. |
| limit | String | The total number of users objects returned. |
| totalPage | String | The total number of pages. |
| monitoringList | Array | Address monitoring list |
| > network | String | The blockchain network, e.g., ETH. |
| > address | String | An echo back of the address parameter. |
| > trigger | String | Monitoring conditions that trigger a change in risk RISK_LEVEL BLACK_TYPE |
| String | Email address to receive information about risk changes at this address | |
| > phone | String | Phone number to receive information about risk changes at this address |
| > createdTime | String | Address Monitor create Time |
| > updateTime | String | Risk update time for this address |
| > note | String | Note |
Get address monitoring detail
This interface allows you to view the list of addresses you have added to the watch list.
HTTP Request
GET /api/v5/tracker/kya/address-monitoring-detail
Request Example
GET /api/v5/tracker/kya/address-monitoring-detail?network=ETH&address=0x94f1b9b64e2932f6a2db338f616844400cd58e8a'
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| network | String | Yes | The blockchain network, e.g., ETH |
| address | String | Yes | The blockchain address for this call. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"network": "ETH",
"address": "0x94f1b9b64e2932f6a2db338f616844400cd58e8a",
"level": "SEVERE",
"totalTransactionVolume": "9752202.670120968",
"createTime": "1694063288625",
"trigger": "RISK_LEVEL",
"email": "",
"phone": "133333",
"note": "",
"associateBlackAddresses": "2",
"duration": "perpetual",
"records": [
{
"updateTime": "1694071362160",
"level": "HIGH",
"category": "Hack"
},
{
"updateTime": "1694079703790",
"level": "NONE",
"category": ""
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | An echo back of the address parameter. |
| network | String | The blockchain network, e.g., ETH. |
| level | String | Address risk level as SEVERE, HIGH, MEDIUM, LOW and NONE. |
| totalTransactionVolume | String | Total transaction volume |
| createTime | String | Address Monitor create Time |
| trigger | String | Monitoring conditions that trigger a change in risk RISK_LEVEL BLACK_TYPE |
| String | Email address to receive information about risk changes at this address | |
| phone | String | Phone number to receive information about risk changes at this address |
| note | String | Note |
| associateBlackAddresses | String | Interactions with blocklist addresses |
| duration | String | Duration perpetual 90D 60D 30D |
| records | Array | Monitoring records |
| > level | String | Risk level of changeSEVEREHIGHMEDIUMLOWNONE |
| > updateTime | String | Risk update time for this address |
| > category | String | Risk Label Category darknet fake_ico gambling hack money_laundering phishing ponzi scam thief ransomware sanction blocked terrorist_financing high_risk_jurisdiction crypto_mixer_user sybil_attacks flash_loan_attacks |
Get entity labels
Get the entity label of the address through this interface.
HTTP request
GET /api/v5/tracker/tag/entity-tag
Request Example
GET /api/v5/tracker/tag/entity-tag?chainShortName=eth&address=0xF977814e90dA44bFA03b6295A0616a897441aceC
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| address | String | Yes | Address |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0xf977814e90da44bfa03b6295a0616a897441acec",
"entityTagList": [
{
"category": "Exchange",
"value": "Binance",
"attribute": "Cold Wallet"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | Address |
| entityTagList | Array | Entity labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
Get entity labels and black labels
Get the entity label and black label of the address through this interface.
HTTP request
GET /api/v5/tracker/tag/entity-black-tag
Request Example
GET /api/v5/tracker/tag/entity-black-tag?chainShortName=eth&address=0xcf5e4066bab04ac196816aa04ee94143b79e14d2
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| address | String | Yes | Address |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0xcf5e4066bab04ac196816aa04ee94143b79e14d2",
"entityTagList": [
{
"category": "Exchange",
"value": "Coinbase",
"attribute": "Exchange User"
}
],
"blackTagList": []
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | Address |
| entityTagList | Array | Entity labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
| blackTagList | Array | Black labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
Get all labels
Get all the tag information on the address through this interface.
HTTP request
GET /api/v5/tracker/tag/tag-all
Request Example
GET /api/v5/tracker/tag/tag-all?chainShortName=eth&address=0xcf5e4066bab04ac196816aa04ee94143b79e14d2
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| address | String | Yes | Address |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"address": "0xcf5e4066bab04ac196816aa04ee94143b79e14d2",
"entityTagList": [
{
"category": "Exchange",
"value": "Coinbase",
"attribute": "Exchange User"
}
],
"blackTagList": [],
"identityTagList": [],
"projectTagList": [],
"attributeTagList": [
{
"category": "",
"value": "",
"attribute": "Eth2-depositor,beacon-depositor"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| address | String | Address |
| entityTagList | Array | Entity labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
| blackTagList | Array | Black labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
| identityTagList | Array | Identity labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
| projectTagList | Array | Project labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
| transactionBehaviorTagList | Array | Transaction Behavior labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
| attributeTagList | Array | Attribute labels |
| > category | Bol | Category |
| > value | String | Label |
| > attribute | String | Attribute |
Token risk scanner
These endpoints provide a quantitative measurement tool for token assessment.
Get supported crypto network
This endpoint retrieves the list of crypto networks supported by OkLink Token Risk Scanner.
HTTP Request
GET /api/v5/tracker/tokenscanner/chain-list
Request Example
GET /api/v5/tracker/tokenscanner/chain-list
Response Example
{
"code":"0",
"msg":"",
"data":[
{
"chainFullName":"Binance Smart Chain",
"chainShortName":"BSC",
"isHoneypotMonitor":true,
"isPayTaxesMonitor":true,
"isSaleTaxesMonitor":true,
"isVerified":true,
"isMint":true,
"isDestory":true,
"isStopTransaction":true,
"hasWhitelist":true,
"hasBlacklist":true,
"isProxy":true,
"isHavePrivilege":true,
"isOwnerMultiSign":false,
"isTransactionTaxesMonitor":true,
"isIntegerOverflow":true,
"isFakeRecharge":true,
"isPrivilegeAddressHoldingCurrency":true,
"isGiantWhales":true,
"isTokenFocusRate":true,
"isInDex":true,
"isPrivilegeAddressLpRate":true,
"isLiquidity":true
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| chainFullName | String | The blockchain network full name, e.g., Ethereum. |
| chainShortName | String | The blockchain network, e.g., ETH. |
| isHoneypotMonitor | Bol | This token has honey pot scam monitoring. |
| isPayTaxesMonitor | Bol | This token has pay taxes monitoring. |
| isSaleTaxesMonitor | Bol | This token has sale taxes monitoring. |
| isVerified | Bol | This token has been verified. |
| isMint | Bol | This token has mint function. |
| isDestory | Bol | This token has destroy function. |
| isStopTransaction | Bol | This token has stop transaction function. |
| hasWhitelist | Bol | This token has a white list. |
| hasBlacklist | Bol | This token has a black list. |
| isProxy | Bol | This token has Proxy. |
| isHavePrivilege | Bol | This token has privilege address. |
| isOwnerMultiSign | Bol | This token owner supports multisig. |
| isTransactionTaxesMonitor | Bol | This token can modify transaction taxes. |
| isIntegerOverflow | Bol | This token has interger overflow feature. |
| isFakeRecharge | Bol | This token has fake recharge feature. |
| isPrivilegeAddressHoldingCurrency | Bol | Large share of tokens is under privilege addresses. |
| isGiantWhales | Bol | This token has large share of whale addresses. |
| isTokenFocusRate | Bol | This token has high concentration risk. |
| isInDex | Bol | This token is listed in top dex. |
| isPrivilegeAddressLpRate | Bol | This token dex LP has large portion of privilege address. |
| isLiquidity | Bol | This token has sufficient liquidity. |
Get token alert
This endpoint retrieves token risk scores and detailed breakdowns for erc-20 and erc-721 tokens.
HTTP Request
GET /api/v5/tracker/tokenscanner/token-risk-scanning
Request Example
GET /v5/tracker/tokenscanner/token-risk-scanning?chainShortName=eth&tokenContractAddress=0xbc4ca0eda7647a8ab7c2061c2e118a18a936f13d
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| tokenContractAddress | String | Yes | Token address for this call and this endpoint supports erc-20 and erc-721 tokens. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"token": "BAYC",
"tokenFullName": "BoredApeYachtClub",
"tokenContractAddress": "0xbc4ca0eda7647a8ab7c2061c2e118a18a936f13d",
"chainShortName": "ETH",
"updateTime": "1684834470270",
"riskScore": "93",
"contractCreaterAddress": "0xaba7161a7fb69c88e16ed9f455ce62b791ee4d03",
"contractCreateTime": "1619060596000",
"firstFeeSourceAddress": "0x912fd21d7a69678227fe6d08c64222db41477ba0",
"protocolType": "ERC721",
"tokenScannerList": [
{
"isHoneypotMonitor": false,
"payTaxesMonitor": "",
"saleTaxesMonitor": "",
"isVerified": false,
"isMint": false,
"isDestory": false,
"isStopTransaction": false,
"isWhitelist": false,
"isBlacklist": false,
"isProxy": false,
"isHavePrivilege": true,
"isOwnerMultiSign": false,
"isTransactionTaxesMonitor": false,
"isIntegerOverflow": false,
"isFakeRecharge": false,
"privilegeAddressHoldingCurrency": "0",
"giantWhales": "0",
"tokenFocusRate": "0.174981",
"isInDex": false,
"privilegeAddressLpRate": "",
"liquidity": "",
"isPermit": false,
"isRebase": false,
"isRugpull": false,
"isErc677": false,
"isErc777": false
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| token | String | Token name for this token address. |
| tokenContractAddress | String | An echo back of the token address. |
| chainShortName | String | The blockchain network, e.g., ETH. |
| updateTime | String | The Unix timestamp when the the token risk score was updated. |
| riskScore | String | Low score will be assigned to a risky token. |
| contractCreateAddress | String | Token creator address. |
| contractCreateTime | String | The Unix timestamp when the the token was created. |
| firstFeeSourceAddress | String | The funding address for creator address. |
| protocolType | String | Protocol Type:token_20;token_721 |
| tokenScannerList | Array | List of token risk scanning result. |
| > isHoneypotMonitor | Bol | Token is honey pot scam. |
| > payTaxesMonitor | String | This token has pay taxes feature. |
| > saleTaxesMonitor | String | This token has sale taxes feature. |
| > isVerified | Bol | This token has been verified. |
| > isMint | Bol | This token has mint function. |
| > isDestory | Bol | This token has destroy function. |
| > isStopTransaction | Bol | This token has stop transaction function. |
| > hasWhitelist | Bol | This token has a white list. |
| > hasBlacklist | Bol | This token has a black list. |
| > isProxy | Bol | This token has Proxy. |
| > isHavePrivilege | Bol | This token has privilege address. |
| > isOwnerMultiSign | Bol | This token owner supports multisig. |
| > isTransactionTaxesMonitor | Bol | This token can modify transaction taxes. |
| > isIntegerOverflow | Bol | This token has interger overflow feature. |
| > isFakeRecharge | Bol | This token has fake recharge feature. |
| > privilegeAddressHoldingCurrency | String | Large share of tokens is under privilege addresses. |
| > giantWhales | String | This token has large share of whale addresses. |
| > tokenFocusRate | String | This token has high concentration risk. |
| > isInDex | Bol | This token is listed in top dex. |
| > privilegeAddressLpRate | String | This token dex LP has large portion of privilege address. |
| > liquidity | String | This token has sufficient liquidity. |
| > isPermit | Bol | This token has at least one sepcial permit function. |
| > isRebase | Bol | This token has rebase feature which adjust suply based on market price. |
| > isRugpull | Bol | This token is a rug pull. |
| > isErc677 | Bol | This token belongs to Erc-677. |
| > isErc777 | Bol | This token belongs to Erc-777. |
GET privileged address
This endpoint retrieves all privileged addresses on a specific token.
HTTP Request
GET /api/v5/tracker/tokenscanner/privileged-address
Request Example
GET /api/v5/tracker/tokenscanner/privileged-address?chainShortName=eth&tokenContractAddress=0xdac17f958d2ee523a2206206994597c13d831ec7
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| tokenContractAddress | String | Yes | Token address for this call and this endpoint supports erc-20 and erc-721 tokens. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"tokenFullName": "Tether USD",
"token": "USDT",
"tokenContractAddress": "0xdac17f958d2ee523a2206206994597c13d831ec7",
"privilegedAddressList": [
{
"privilegedAddressTag": "admin",
"privilegedAddress": "0x0x00000000000000000000000000000000000000"
},
{
"privilegedAddressTag": "creator",
"privilegedAddress": "0x3bdd83c37568ac665054e9663f86b35c38f8d90b"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| tokenContractAddress | String | An echo back of the token address. |
| tokenFullName | String | Token full name. |
| token | String | Token abbreviation. |
| privilegedAddressList | Array | List of privilege addresses. |
| > privilegedAddress | String | The privilege address. |
| > privilegedAddressTag | String | Labels associated with the privilege address. |
Get malicious functions
This endpoint retrieves all malicious functions on a specific token.
HTTP Request
GET /api/v5/tracker/tokenscanner/privileged-function
Request Example
GET /api/v5/tracker/tokenscanner/privileged-function?chainShortName=eth&tokenContractAddress=0xdac17f958d2ee523a2206206994597c13d831ec7
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| tokenContractAddress | String | Yes | Token address for this call and this endpoint supports erc-20 tokens. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"tokenFullName": "Tether USD",
"token": "USDT",
"tokenContractAddress": "0xdac17f958d2ee523a2206206994597c13d831ec7",
"privilegedAddressList": [
{
"function": "transferOwnership(address)",
"ofCalled": "3",
"proportionCalled": "0.23",
"priviledgedAddress": "0x335292a1e2b74be6cd1bcad05279f3c08f31530a",
"transactionTime": "1682096339000",
"lastTransactionHash": "0x978b1ef188ee1cb71fc0fad9a02ddf69369cc9dd67fac55a308930fe5397180a"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| tokenContractAddress | String | An echo back of the token address. |
| tokenFullName | String | Token full name. |
| token | String | Token abbreviation. |
| privilegedFunctionList | Array | List of privileged functions. |
| > function | String | Name of privileged function. |
| > ofCalled | String | Privileged function usage. |
| > proportionCalled | String | Privileged function usage percentage. |
| > priviledgedAddress | String | Privileged addresses. |
| > transactionTime | String | The Unix timestamp when the privileged function was callled. |
| > lastTransactionHash | String | The transaction hash of last privileged function usage. |
Get privileged transaction
This endpoint retrieves all privileged transactions on a specific token.
HTTP Request
GET /api/v5/tracker/tokenscanner/privileged-transaction
Request Example
GET /api/v5/tracker/tokenscanner/privileged-transaction?chainShortName=eth&tokenContractAddress=0xdac17f958d2ee523a2206206994597c13d831ec7
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| tokenContractAddress | String | Yes | Token address for this call and this endpoint supports erc-20 tokens. |
| limit | String | No | Returns all users on a specific page number. |
| page | String | No | Returns all users on a specific page number. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"page": "1",
"limit": "1",
"totalPage": "71",
"tokenFullName": "Tether USD",
"token": "USDT",
"tokenContractAddress": "0xdac17f958d2ee523a2206206994597c13d831ec7",
"privilegedTransactionList": [
{
"txid": "0x31fe024700e4dc6ce0fa3d6b126cdaec35cc9e5557292333dfc8cdb1d3168a6b",
"function": "transferOwnership(address)",
"height": "17096095",
"lastTransactionTime": "1682096339000",
"fromAddress": "0x78bb2fa426905b0ccc2bb9301e911930d3856346",
"isContractAddress": false,
"state": "fail"
}
]
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| page | String | The current page number. |
| limit | String | The total number of objects returned. |
| totalPage | String | The total number of pages. |
| tokenContractAddress | String | An echo back of the token address. |
| tokenFullName | String | Token full name. |
| token | String | Token abbreviation. |
| privilegedTransactionList | Array | List of privileged transactions. |
| > txid | String | Privileged transaction hash. |
| > function | String | Name of privileged function |
| > lastTransactionTime | String | The Unix timestamp when the privileged function was callled. |
| > height | String | The block height for this transaction. |
| > fromAddress | String | From address. |
| > isContractAddress | Bol | From address is smart contract. |
| > state | String | Transaction stuatus. |
Get contract alert
This endpoint retrieves alert and detailed breakdowns on a specific smart contract.
HTTP Request
GET /api/v5/tracker/contractscanner/contract-risk-scanning
Request Example
GET api/v5/tracker/contractscanner/contract-risk-scanning?chainShortName=eth&inputData=0x39509351000000000000000000000000f70c5bc4e7829e90e5df3e4161b2ac884d41b4f000000000000000000000000000000000000000000000000b475b1bccbd0a91c900000000000000000000000000000000000000000000000000000000000000c00000000000000000000000000000000000000000000000000000000063752518000000000000000000000000000000000000000000000000000000000000f7ee00000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000041bbdb63b11948f59572c4d7ee41cd21d901bfd6556d4b074274d1d23163f6b20f349c674fd9bd748d51c11b3b4f93491c8807d5a6763de7c1c1bdd537d4622da61c00000000000000000000000000000000000000000000000000000000000000
Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| chainShortName | String | Yes | The blockchain network, e.g., ETH. |
| inputData | String | Yes | The input data of this contract. |
Response Example
{
"code": "0",
"msg": "",
"data": [
{
"chainShortName": "ETH",
"isIncreaseAllowance": true,
"isSetApprovalForAll": false,
"authorizationAddress": "0xf70c5bc4e7829e90e5df3e4161b2ac884d41b4f0",
"isRisk": true,
"tag": "FTX attacker"
}
]
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| chainShortName | String | The blockchain network, e.g., ETH. |
| isIncreaseAllowance | bol | The authorization for ERC-20. |
| isSetApprovalForAll | bol | The authorization for ERC-1155 or ERC-721. |
| authorizationAddress | String | The authorization address for this contract. |
| isRisk | bol | The address is under phshing threat. |
| tag | String | Label associated with this contract. |
API Technology Integration Guide
Developers: This document focuses on providing your development team with the technical information necessary for successfully integrating KYT into your system.
Compliance risk allocation: This article will provide a guide to using KYT, and you need to customize and add risk configurations that meet your compliance requirements. The specific risk configurations, thresholds, and risk control rules should be formulated and reviewed by your compliance team, and then integrate the risk screening process into your internal workflow.
Before Technology Integration
Create OKLink account
OpenAPI requires APIkey for authentication. Register and log in to your account to create an APIkey, unlock massive real-time data on the chain, and use compliance tools.
1、 Go to OKLink registration page, and use either email or cell phone to register an account.
2、Go to OKLink login page, and use your login credentials.
3、1. Once you're logged to your OKLink account, go to API page. Click on “Create API” and a new API Key will be created.
KYT Workflows
Depending on your desired level of integration, it can take anywhere from one or two days to a couple of weeks to completely integrate with the KYT API through different workflows.
| KYT Workflows | workflows 1 | workflows 2 | workflows 3 |
|---|---|---|---|
| KYT dashboard | Supported | Supported | Supported |
| Withdrawal attempt alert | Supported | Supported | Supported |
| Transfer alert | Supported | Supported | |
| Continuous alert monitoring | Supported |
Workflows breakdown
Workflows 1 : Use KYT to monitor the withdrawal behavior of your wallet service in real time. Based on the risk level provided by KYT API, you can add automated withdrawal processing procedures to decide whether to respond to your.
Workflows 2 : Use KYT to monitor your transaction behavior in real time. Based on the risk level of KYT API, you can add automated business processing flows to decide whether your wallet service accepts user deposits.
Workflows 3 : In addition to the above integration flows, we also provide continuous monitoring over 1 month. This workflow will integrate real time alerts and user risk levels that are continuously monitored into your compliance system.
Workflows 1
Before attempting withdrawals to external addresses from your wallet, integrate this workflow into your system to conduct real-time risk screening of the withdrawal address and pre-screen the withdrawal risk.
Advantages:
Before the actual on-chain transfer, risk detection of addresses is performed to prevent withdrawals to risky addresses.
Alerts are generated based on risk setting.
Limitations:
Alerts can only be viewed and managed on the KYT dashboard.
Alerts are not integrated into your internal system, so automated business processing and alert updates cannot be performed.
Endpoint
Get transaction details::
GET /api/v5/tracker/kyt/transfers/withdrawal-attempts-alerts
Note:
If it is withdrawal detection, tokenContractAddress must be filled in to indicate the transferred token.
tokenAmount and tokenPrice are required fields used to calculate the value of the transfer.
Request Example:
curl --location -g --request GET 'https://www.oklink.com/api/v5/tracker/kyt/transfers/alerts?tag=BTM12&chainShortName=BTM&userId=BTM12&direction=received&address=bn1qjxawq5nl29qvakkum8t90aaza6mj4qmycus4v3&tokenAmount=10' \
--header 'Ok-Access-Key: Your APIkey'
Response Example:
{
"code": "0",
"msg": "",
"data": [
{
"tag": "BTM12",
"category": "",
"value": "",
"alertId": "",
"alertAmount": "0.2506",
"alertLevel": "NONE",
"exposureType": "",
"alertType": "",
"address": "bn1qjxawq5nl29qvakkum8t90aaza6mj4qmycus4v3"
}
]
}
Workflows 2
Before crediting user deposit balance integrate this workflow to complete deposit risk screening.
Advantages:
Advantages
Real time deposit risk screening.
Alert data can be integrated into your system.
Limitations
It does not cover continuous monitoring.
Alerts are not integrated into your internal system, so automated business processing and alert updates cannot be performed.
Endpoint
Get transfers alert:
GET /api/v5/tracker/kyt/transfers/transfers-alerts
Request Example:
curl --location -g --request GET 'https://www.oklink.com/api/v5/tracker/kyt/transfers/transfers-alerts?userId=eth100&chainShortName=eth&direction=sent&txid=0xc49db99c4252def4c741c87d6833b7d326eed3d538fc0bcc786237f4a8902851&outputAddress=0xdae533fe8d28158423ae37e6874244308b562509&tokenContractAddress=0xdac17f958d2ee523a2206206994597c13d831ec7' \
--header 'Ok-Access-Key: Your APIkey'
Response Example:
{
"code": "0",
"msg": "",
"data": [
{
"tag": "",
"category": "",
"value": "",
"alertId": "",
"alertAmount": "66.04713625819542",
"alertLevel": "NONE",
"exposureType": "",
"alertType": "",
"address": "0xdae533fe8d28158423ae37e6874244308b562509"
}
]
}
Workflows 3
Included continuous monitoring into your workflow.
Continuous alert monitoring
Advantages:
Fully integrated with KYT functionality, allowing for all data to be synchronized into your compliance and risk management processes.
You can take risk control measures based on your risk appetite for continuously monitoring the production of alerts.
KYT system data is consistent with your internal risk management system.
Endpoint:
You can view workflow 1 and workflow 2 corresponding to pre-tested withdrawals and real-time risk detection of transactions.
Get all transaction alerts
GET /api/v5/tracker/kyt/alerts
Request Example:
curl --location --request GET 'https://www.oklink.com/api/v5/tracker/kyt/alerts' \
--header 'Ok-Access-Key: Your APIkey'
Response Example:
{
"code": "0",
"msg": "",
"data": [
{
"page": "1",
"limit": "1",
"totalPage": "1966",
"alertList": [
{
"alertUsdAmount": "2803.8450000000003",
"txid": "",
"exposureType": "indirect",
"alertStatus": "unreviewed",
"alertId": "8542fe7018ef40b1a590c49746221e0b",
"direction": "sent",
"transactionTime": "1689223199478",
"alertLevel": "HIGH",
"category": "Hack",
"value": "",
"updateTime": "1689298569000",
"userId": "98",
"alertCreatTime": "1689298569000",
"alertType": "withdrawal",
"produceAlertType": "continuous",
"address": "0x098b716b8aaf21512996dc57eb0615e2383e2f96",
"token": "eth"
}
]
}
]
}
Post alert statuses and comments
POST /api/v5/tracker/kyt/update-alert-status
Request Example:
curl --location --request POST 'https://www.oklink.com/api/v5/tracker/kyt/update-alert-status' \
--header 'Your APIkey' \
--header 'Content-Type: application/json' \
--body '{
"alertId": "8542fe7018ef40b1a590c49746221e0b",
"alertStatus": "unreviewed",
"comment": "test"
}'
Response Example:
{
"code": "0",
"msg": "",
"data": [
{
"alertId": "8542fe7018ef40b1a590c49746221e0b",
"alertStatus": "unreviewed",
"comment": "test",
"updateTime": "1689320037668"
}
]
}
Alerts
How to review and modify risk setting
To access the KYT dashboard management page, apply for a chaintelligence account and log in. From there, click on the "Transaction Monitoring" panel.
When you click on "Risk Setting", you will be directed to a list where you can configure risk rules based on your compliance requirements and business needs. These rules will be applied in transaction risk detection and withdrawal pre-checks.
FAQ
How many chains does KYT support?
- We have supported the risk screening capability of 127 blockchain and are continuously expanding. Details can be viewed in the chain list
How to Contact Us?
Official email:[email protected]
Tele:https://t.me/OKLinkAPI
How to fill in Userid in the KYT system?
Userid should not include your user's personal information
We encourage association with the user ID of your internal system, so that your compliance personnel can quickly find monitoring users and respond to risk control measures in a timely manner.
For the same user, the same Userid is used in all the recharge and withdrawal coins on the chain. Our KYT system will provide the risk level of the user dimension based on the comprehensive situation of the user, in order to manage and monitor key customers with you.
What are the main sources of address labels (especially black and gray address labels)
Regular crawling of open-source data platforms
Data released by official institutions
Reports collected by Chaintelligence
Analysis results of on-chain security events
Cases cracked by law enforcement agencies with the help of Chaintelligence
Updating gray addresses daily based on black addresses
Data provided through procurement and/or supplied by service providers
Data obtained by internal process of the platform and verified with customers
What are the advantages of address labels?
On-chain data: 162 chains among the 200 chains across the globe have been tagged with our address labels
Massive data: a total of 3.4 billion addresses with 5 million black addresses and 24 million black addresses;
Categories of labels: 7 aspects, 19 types (entity, identity, project, black address, risk, nature, transaction related)
Continuous expansion and modification of address labels, multi-model proofreading and editing, real-time updates, and address label lifecycle management
With a specialised SOP team to conduct global address label acquisition and verification on a regular basis
Where do dark internet and online gambling addresses come from, and how do we define and classify them?
Provided by open-source third-party data platforms
Cases cracked by law enforcement agencies
For cases relating to online gambling, it has a special model, running a platform-like address set, with a combination of case source collection, information verification, large address or personal address designation, and a special extended model