curl --request GET \
--url https://api.webacy.com/contracts/{contractAddress} \
--header 'x-api-key: <api-key>'import requests
url = "https://api.webacy.com/contracts/{contractAddress}"
headers = {"x-api-key": "<api-key>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {'x-api-key': '<api-key>'}};
fetch('https://api.webacy.com/contracts/{contractAddress}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.webacy.com/contracts/{contractAddress}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"x-api-key: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.webacy.com/contracts/{contractAddress}"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("x-api-key", "<api-key>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.webacy.com/contracts/{contractAddress}")
.header("x-api-key", "<api-key>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.webacy.com/contracts/{contractAddress}")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["x-api-key"] = '<api-key>'
response = http.request(request)
puts response.read_body{
"score": 3,
"tags": {
"centralized_risk_high": {
"key": "centralized_risk_high",
"name": "Centralized Risk High",
"description": "This contract may have logic that lead us to think it is is a drainer.",
"tags": {
"centralized_risk_high": true
}
}
},
"categories": {
"contract_possible_drainer": {
"key": "contract_possible_drainer",
"name": "Centralized Risk High",
"description": "Our detectors have found that this smart contract has exploitable logic that can be used to drain funds. This is a serious risk and you should avoid interacting with this contract.",
"tags": {
"centralized_risk_high": true
}
}
},
"analysis": {
"address_characteristics": {
"key": "address_characteristics",
"name": "Wallet Characteristics",
"description": "This address may have risk factors related to address age, number of transactions, or balance.",
"tags": {
"insufficient_wallet_age": true
}
}
},
"metadata": {
"name": "USD Coin",
"symbol": "USDC",
"contract_address": "0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48",
"chain": "eth",
"other_chains": [
{
"chain": "pol",
"contract_address": "0x2791bca1f2de4661ed88a30c99a7a9449aa84174"
}
],
"categories": [
"stablecoin",
"asset-backed-stablecoin",
"usd-stablecoin"
],
"last_updated": "2023-06-15T12:34:56Z",
"decimals": 6,
"links": {
"homepage": "https://www.circle.com/en/usdc",
"github": [
"https://github.com/centrehq"
],
"twitter": "https://twitter.com/circle",
"telegram": "https://t.me/circle_issuer"
},
"image_url": "https://assets.coingecko.com/coins/images/6319/large/USD_Coin_icon.png",
"created_at": "2018-09-26"
},
"source_code_analysis": {
"analysis": {
"contract_address": "0x1234567890123456789012345678901234567890",
"chain": "eth",
"analysis_date": "2023-11-15T10:30:00Z",
"status": "completed",
"findings": [
{
"risk": "reentrancy",
"details": {},
"function_signatures": [
{
"function_name": "withdraw",
"function_signature": "function withdraw(uint256 amount) external"
}
],
"statements": [
{
"statement_type": "call",
"statement_text": "msg.sender.call{value: amount}(\"\")"
}
]
}
],
"urls": [
{
"url": "https://example.com/analysis-report"
}
]
}
},
"similar_contracts": [
{}
],
"analysis_status": "STARTED",
"analysis_type": "STATIC",
"deployer": {
"address": "0xaBA7161A7fb69c88e16ED9f455CE62B791EE4D03",
"risk": {
"analyzed_at": "2026-07-07T03:06:06.986Z",
"count": 1,
"medium": 1,
"high": 0,
"overallRisk": 25.99,
"issues": [
{
"score": 3,
"tags": [
{
"name": "Insufficient Wallet Age",
"description": "The age of this wallet or address is new.",
"type": "noHistoryRisk",
"severity": 3,
"key": "insufficient_wallet_age"
}
],
"categories": {
"address_characteristics": {
"key": "address_characteristics",
"name": "Wallet Characteristics",
"description": "This address may have risk factors related to address age, number of transactions, or balance.",
"tags": {
"insufficient_wallet_age": true
}
}
}
}
],
"details": {
"source_code_analysis": {
"contract_address": "0x1234567890123456789012345678901234567890",
"chain": "eth",
"analysis_date": "2023-11-15T10:30:00Z",
"status": "completed",
"findings": [
{
"risk": "reentrancy",
"details": {},
"function_signatures": [
{
"function_name": "withdraw",
"function_signature": "function withdraw(uint256 amount) external"
}
],
"statements": [
{
"statement_type": "call",
"statement_text": "msg.sender.call{value: amount}(\"\")"
}
]
}
],
"urls": [
{
"url": "https://example.com/analysis-report"
}
]
},
"multiPlatformAnalysisData": {
"developerAddress": "ESoMiyuJ1ksL5L99LjYCcwjt7XR2B7hdn6mkbBDFbadV",
"analyzedAt": "2025-09-05T18:28:55.907Z",
"platformBreakdown": {}
}
},
"context": [
{
"name": "Paid Information",
"description": "The project has paid to display additional project info on platforms like DexScreener",
"type": "tokenRisk",
"key": "paid-info"
}
],
"isContract": false
},
"deployed_contracts": [
{}
]
}
}{
"message": "Unauthorized"
}Get a Real-Time Analysis for a Given Contract Address
Perform real-time security analysis on a smart contract including vulnerability detection
curl --request GET \
--url https://api.webacy.com/contracts/{contractAddress} \
--header 'x-api-key: <api-key>'import requests
url = "https://api.webacy.com/contracts/{contractAddress}"
headers = {"x-api-key": "<api-key>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {'x-api-key': '<api-key>'}};
fetch('https://api.webacy.com/contracts/{contractAddress}', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.webacy.com/contracts/{contractAddress}",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"x-api-key: <api-key>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.webacy.com/contracts/{contractAddress}"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("x-api-key", "<api-key>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.get("https://api.webacy.com/contracts/{contractAddress}")
.header("x-api-key", "<api-key>")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.webacy.com/contracts/{contractAddress}")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["x-api-key"] = '<api-key>'
response = http.request(request)
puts response.read_body{
"score": 3,
"tags": {
"centralized_risk_high": {
"key": "centralized_risk_high",
"name": "Centralized Risk High",
"description": "This contract may have logic that lead us to think it is is a drainer.",
"tags": {
"centralized_risk_high": true
}
}
},
"categories": {
"contract_possible_drainer": {
"key": "contract_possible_drainer",
"name": "Centralized Risk High",
"description": "Our detectors have found that this smart contract has exploitable logic that can be used to drain funds. This is a serious risk and you should avoid interacting with this contract.",
"tags": {
"centralized_risk_high": true
}
}
},
"analysis": {
"address_characteristics": {
"key": "address_characteristics",
"name": "Wallet Characteristics",
"description": "This address may have risk factors related to address age, number of transactions, or balance.",
"tags": {
"insufficient_wallet_age": true
}
}
},
"metadata": {
"name": "USD Coin",
"symbol": "USDC",
"contract_address": "0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48",
"chain": "eth",
"other_chains": [
{
"chain": "pol",
"contract_address": "0x2791bca1f2de4661ed88a30c99a7a9449aa84174"
}
],
"categories": [
"stablecoin",
"asset-backed-stablecoin",
"usd-stablecoin"
],
"last_updated": "2023-06-15T12:34:56Z",
"decimals": 6,
"links": {
"homepage": "https://www.circle.com/en/usdc",
"github": [
"https://github.com/centrehq"
],
"twitter": "https://twitter.com/circle",
"telegram": "https://t.me/circle_issuer"
},
"image_url": "https://assets.coingecko.com/coins/images/6319/large/USD_Coin_icon.png",
"created_at": "2018-09-26"
},
"source_code_analysis": {
"analysis": {
"contract_address": "0x1234567890123456789012345678901234567890",
"chain": "eth",
"analysis_date": "2023-11-15T10:30:00Z",
"status": "completed",
"findings": [
{
"risk": "reentrancy",
"details": {},
"function_signatures": [
{
"function_name": "withdraw",
"function_signature": "function withdraw(uint256 amount) external"
}
],
"statements": [
{
"statement_type": "call",
"statement_text": "msg.sender.call{value: amount}(\"\")"
}
]
}
],
"urls": [
{
"url": "https://example.com/analysis-report"
}
]
}
},
"similar_contracts": [
{}
],
"analysis_status": "STARTED",
"analysis_type": "STATIC",
"deployer": {
"address": "0xaBA7161A7fb69c88e16ED9f455CE62B791EE4D03",
"risk": {
"analyzed_at": "2026-07-07T03:06:06.986Z",
"count": 1,
"medium": 1,
"high": 0,
"overallRisk": 25.99,
"issues": [
{
"score": 3,
"tags": [
{
"name": "Insufficient Wallet Age",
"description": "The age of this wallet or address is new.",
"type": "noHistoryRisk",
"severity": 3,
"key": "insufficient_wallet_age"
}
],
"categories": {
"address_characteristics": {
"key": "address_characteristics",
"name": "Wallet Characteristics",
"description": "This address may have risk factors related to address age, number of transactions, or balance.",
"tags": {
"insufficient_wallet_age": true
}
}
}
}
],
"details": {
"source_code_analysis": {
"contract_address": "0x1234567890123456789012345678901234567890",
"chain": "eth",
"analysis_date": "2023-11-15T10:30:00Z",
"status": "completed",
"findings": [
{
"risk": "reentrancy",
"details": {},
"function_signatures": [
{
"function_name": "withdraw",
"function_signature": "function withdraw(uint256 amount) external"
}
],
"statements": [
{
"statement_type": "call",
"statement_text": "msg.sender.call{value: amount}(\"\")"
}
]
}
],
"urls": [
{
"url": "https://example.com/analysis-report"
}
]
},
"multiPlatformAnalysisData": {
"developerAddress": "ESoMiyuJ1ksL5L99LjYCcwjt7XR2B7hdn6mkbBDFbadV",
"analyzedAt": "2025-09-05T18:28:55.907Z",
"platformBreakdown": {}
}
},
"context": [
{
"name": "Paid Information",
"description": "The project has paid to display additional project info on platforms like DexScreener",
"type": "tokenRisk",
"key": "paid-info"
}
],
"isContract": false
},
"deployed_contracts": [
{}
]
}
}{
"message": "Unauthorized"
}Authorizations
Path Parameters
contract address
Query Parameters
Selected chain. This includes 'eth', 'base', 'bsc', 'pol', 'opt' and 'arb'. Supported blockchain networks
eth, base, bsc, pol, opt, arb, hedera Does full bytecode analysis on unverified contracts. The full scan can take up to several minutes. To retrieve the final results, either refresh this endpoint, or supply a callback URL for which results will be posted every 5 seconds.
Re-analyze contract address and retrieve fresh data.
Returns asynchronous response from bytecode analysis. This callback will be called every 5 seconds with any new data found until the full analysis has been completed. If an analysis is already completed, the callback will not be called.
Analyze the deployer address for risks and include a flag if the deployer is risky
Boolean to determine whether to hide trust-related flags from the response
Response
Success
Overall risk score for the contract
3
List of tags associated with the contract
Show child attributes
Show child attributes
{
"centralized_risk_high": {
"key": "centralized_risk_high",
"name": "Centralized Risk High",
"description": "This contract may have logic that lead us to think it is is a drainer.",
"tags": { "centralized_risk_high": true }
}
}
List of categories associated with the contract
Show child attributes
Show child attributes
{
"contract_possible_drainer": {
"key": "contract_possible_drainer",
"name": "Centralized Risk High",
"description": "Our detectors have found that this smart contract has exploitable logic that can be used to drain funds. This is a serious risk and you should avoid interacting with this contract.",
"tags": { "centralized_risk_high": true }
}
}
List of analyses associated with the contract
{
"address_characteristics": {
"key": "address_characteristics",
"name": "Wallet Characteristics",
"description": "This address may have risk factors related to address age, number of transactions, or balance.",
"tags": { "insufficient_wallet_age": true }
}
}
Token metadata information including name, symbol, links, and other details
Show child attributes
Show child attributes
Source code analysis result if available. May be an analysis payload, an error, or an informational message.
- Option 1
- Option 2
- Option 3
Show child attributes
Show child attributes
List of similar/related contracts discovered during checksum comparison
Static analysis job status
"STARTED"
Type of analysis performed
"STATIC"
Information about the contract deployer and its risk assessment (only returned when deployer_risk=true)
Show child attributes
Show child attributes
