Overview
The Webacy API provides risk assessment for the Hedera blockchain ecosystem. Analyze Hedera accounts, tokens, and transactions for security threats, malicious activity, and risk factors.Hedera support includes native Hedera Token Service (HTS) analysis with admin key detection, custom fee analysis, and account status monitoring.
Supported Endpoints
Address Risk Analysis
Analyze any Hedera account for security threats and risk factors. Sanction checks are included in the response.Transaction Risk Analysis
Analyze a specific Hedera transaction for risk indicators.Holder Analysis
Analyze token holder distribution and detect suspicious activity for HTS tokens.Address Formats
Hedera supports two address formats:
Both formats are accepted across all Hedera endpoints.
Transaction ID Formats
Hedera transaction IDs use a unique format with the payer account and timestamp:
All three formats are accepted by the transactions endpoint.
Example Requests
Address Risk Analysis
Transaction Risk Analysis
Holder Analysis
Hedera-Specific Risk Tags
Token Risk Tags
These risk tags analyze HTS token admin keys, fees, and state:Account Risk Tags
Additional Risk Tags
Standard risk tags also apply to Hedera addresses:sanctioned- Address appears on sanction lists (OFAC, OpenSanctions)insufficient_wallet_age- Account is very newinsufficient_wallet_balance- Low account balanceinsufficient_wallet_transactions- Limited transaction history- Holder concentration tags (top holders owning significant percentages)
Example Responses
Transaction Risk Response
Holder Analysis Response
Holder Analysis Details
Hedera holder analysis includes features specific to the Hedera Token Service:- Token admin keys analysis - Checks for admin, freeze, wipe, pause, supply, KYC, and fee schedule keys
- Custom fee schedules - Detects fixed fees, fractional fees, and royalty fees on tokens
- Pause status - Whether the token is currently paused (
PAUSED,UNPAUSED, orNOT_APPLICABLE) - No MEV/sniper detection - Hedera has deterministic transaction ordering, so sniper and bundling analysis is excluded
Best Practices
- Check token admin keys - Tokens with active freeze, wipe, or pause keys carry higher risk. Look for
hedera-token-keys-renouncedas a positive signal. - Watch for custom fees - High or excessive custom fees (>10%) are a common honeypot pattern on Hedera.
- Use native format for tokens - Use the
0.0.XHTS token ID format for holder analysis rather than EVM addresses. - Account status matters - Check for deleted or expired accounts before transacting.
- No MEV on Hedera - Unlike EVM chains, Hedera has deterministic transaction ordering, so sniper/bundler detection is not applicable.
