Web3 security API: wallet screening, token risk, and URL checks
Answer: The Web3Defender API lets developers screen wallets for sanctions and mixer exposure, check tokens for honeypot and exit risk, and verify URLs for phishing — across Ethereum, BSC, Polygon, Arbitrum, Base, Solana, and TON. The Business tier includes 10,000 API requests per month with batch support.
Who the API is for
- Funds and power users screening many counterparty wallets per day for sanctions and mixer exposure
- Wallets and apps adding an in-product safety check before a transaction or approval
- Telegram bots and trading tools verifying tokens or URLs before surfacing them to users
- Projects and exchanges running compliance checks on deposit and withdrawal addresses
What the API checks
- Wallet risk — sanctions (OFAC), mixer and tumbler activity, 16 risk factors, 0-100 risk score
- Token risk — honeypot detection, trade locks, sell-tax traps, exit-pattern risk
- URL risk — phishing, lookalike domains, impersonation patterns
- Approvals — active spending approvals on a wallet, including unlimited and unverified contracts
Supported chains
| Chain | Wallet | Token | URL |
|---|---|---|---|
| Ethereum | ✓ | ✓ | ✓ |
| BSC | ✓ | ✓ | ✓ |
| Polygon | ✓ | ✓ | — |
| Arbitrum | ✓ | ✓ | — |
| Base | ✓ | ✓ | — |
| Solana | ✓ | — | — |
| TON | ✓ | — | — |
Business tier
- 10,000 API requests per month
- 2,000 scans per day
- 50 watched wallets with real-time alerts
- Batch wallet screening
- Structured JSON output suitable for compliance logging and audit workflows
Get API access (Business) → Web3Defender
Response format
Each API call returns a risk score (0–100) plus the specific flags that contributed to it. The response is structured JSON — no further parsing or analyst interpretation required. Results are suitable for direct ingestion into compliance workflows and audit logs.
Frequently asked questions
What does the Web3Defender API do?
It screens wallets for sanctions (OFAC) and mixer exposure, checks tokens for honeypot and exit risk, and verifies URLs for phishing, returning a 0-100 risk score plus the specific flags that contributed to it.
Which blockchains are supported?
Ethereum, BSC, Polygon, Arbitrum, Base, Solana, and TON. Ethereum mainnet has the deepest threat intelligence coverage because most high-value on-chain activity occurs there.
How many API requests are included in the Business tier?
The Business tier includes 10,000 API requests per month with batch scanning support, 2,000 scans per day, and 50 watched wallets with alerts.
Can the API be used for compliance workflows?
Yes. Each result returns a structured risk score plus the specific flags that triggered it, suitable for integration into compliance logging and audit workflows.
Is there a free tier for testing?
Individual checks are available without an account at the web app. The Business tier adds API access, batch operations, and higher limits for teams.