The Webacy Risk Score API uses a modular approach to risk assessment, allowing you to request specific types of analysis to optimize performance and focus on relevant risk factors for your use case. View a full list of flags here.
Quickstart
View the table below for a high-level overview of each module. Scroll down for more detail on each module, included tags, and recommended module combinations to get started.
Full Score Not Calculated When Using Modules
When you select one or more modules in your request, youβre choosing to retrieve only a portion of the total data available for a given address.
The DD Score (risk score) is computed by evaluating all detected flags across the full dataset. If you limit the request to specific modules, only the flags relevant to those modules are included, meaning the score will be based on a partial view of the addressβs risk profile.
To receive a complete, composite risk score that includes all available flags and signals, call the endpoint without selecting any modules.
π Module-to-Tags Quick Reference
| Module | Key Risk Tags | Primary Use Case |
|---|---|---|
| security_essentials | not-renounced, freezeable, mintable | Real-time screening |
| governance_analysis | hidden_owner, is_proxy, upgradeable_contract | Smart contract auditing |
| token_security | is_blacklisted, buy_tax, transfer_pausable | Token screening |
| contract_analysis | is_closed_source, reentrancy__, SWC__ | Security audits |
| market_data | is_honeypot, volatility, cannot_buy | Trading algorithms |
| holder_analysis | top-10-holders-own-*-percent | Rugpull prevention |
| liquidity_analysis | unlocked-liquidity, creator_percent | DeFi investments |
| fraud_detection | hacker, drainer, *_rugged | AML compliance |
| sanctions_compliance | ofac_sanctioned, sanctioned | Regulatory compliance |
| mixer_detection | tornado, mixer, *_fundflow_* | Transaction monitoring |
| address_behavior | wash_trading, automated_trading | Behavioral analysis |
| transaction_analysis | address_poisoning | Wallet security |
| reputation_analysis | is_scam, spam, fake_kyc | Community security |
| solana_specific | bundled_token, has_been_sniped | Solana MEV detection |
| ton_specific | is_nonstandard_jetton | TON compliance |
| basic_info | insufficientwallet* | Quick filtering |
Detail In Depth
Read on for in-depth detail for each module including the purpose, included risk tags, and use cases. Scroll down for example combinations of modules for specific use cases.
π Available Modules
β‘ security_essentials
Purpose: Core security flags for real-time applications
Risk Tags Covered:
not-renounce/not-renounced- Contract ownership not renouncedfreezeable/freezable- Tokens can be frozenis_mintable/mintable- New tokens can be minted
Use Cases: Trading interfaces, wallet integrations, real-time screening
ποΈ governance_analysis
Purpose: Contract ownership, upgradeability, and access controls
Risk Tags Covered:
hidden_owner- Contract owner is hidden or obfuscatedcan_take_back_ownership- Owner can reclaim ownership after renouncingis_proxy- Contract uses proxy patternaccess_control- Access control vulnerabilities detectednot-renounce/not-renounced- Contract ownership not renouncedunprotected_upgrade- Upgrades not properly protectedanti_whale_modifiable- Anti-whale limits can be modifiedslippage_modifiable- Slippage settings can be modifiedpersonal_slippage_modifiable- Personal slippage can be modifiedupgradeable_contract- Contract is upgradeabletrust_list- Uses trust/whitelist mechanism
Use Cases: DeFi protocol analysis, smart contract auditing, governance token evaluation
π token_security
Purpose: Token manipulation capabilities and restrictions
Risk Tags Covered:
freezeable/freezable- Tokens can be frozenis_mintable/mintable- New tokens can be mintedis_blacklisted- Address blacklisting capabilityis_whitelisted- Address whitelisting capabilityowner_change_balance- Owner can change user balancestransfer_without_approval- Transfers possible without approvalprivileged_burn- Privileged burning capabilityrestricted_approval- Approval restrictions existoversupply_minting- Risk of oversupply through mintingtrading_cooldown- Trading cooldown mechanismstransfer_pausable- Transfers can be pausedbuy_tax / sell_tax- Transaction taxes appliedis_anti_whale- Anti-whale mechanismsnon-transferable- Tokens cannot be transferredis_burnable- Tokens can be burned
Use Cases: Token screening, DEX listings, portfolio management, trading bot integration
π contract_analysis
Purpose: Static/dynamic code analysis and vulnerability detection
Risk Tags Covered:
is_closed_source- Contract source code not verifiedselfdestruct/suicidal- Contract can self-destructexternal_call- Makes external callsreentrancy_without_eth_transfer/reentrancy_no_eth- Reentrancy vulnerabilitiesinteger_overflow / integer_underflow- Integer overflow/underflow risksfront_running_low/medium/high- Front-running vulnerabilitiesmint_low/high- Minting-related riskscentralized_risk_low/medium/high- Centralization risksprice_manipulation_low/medium/high- Price manipulation vulnerabilitieslocked_ether- Ether can be locked in contractweak_prng- Weak pseudo-random number generationtimestamp- Timestamp dependency issuesSWC_108throughSWC_130- Smart Contract Weakness Classificationpess_*tags - Pessimistic analysis for advanced vulnerability detection- Plus 50+ additional vulnerability detection tags
Use Cases: Security audits, DeFi risk assessment, smart contract due diligence
π market_data
Purpose: Price, volatility, market cap, and liquidity analysis
Risk Tags Covered:
volatility- High price volatility detectedmarket_cap- Market capitalization concernsis_in_dex- Token listed on decentralized exchangescannot_buy- Token cannot be purchasedis_honeypot- Honeypot token detectedhoneypot_with_same_creator- Creator has other honeypot tokens
Use Cases: Trading algorithms, market analysis, portfolio optimization, arbitrage detection
π₯ holder_analysis
Purpose: Token distribution and concentration risks
Risk Tags Covered:
- top-10-holders-own-X-percent - Top 10 holders own X% (10%, 20%, 30%, 40%, 50%, 60%, 70%, 80%, 90%, 100%)
- minter-own-X-percent - Minter owns X% (20%, 50%, 90%)
- owner-own-X-percent - Owner owns X% (20%, 50%, 90%)
- update-authority-own-X-percent - Update authority owns X% (20%, 50%, 90%)
Use Cases: Investment research, rugpull prevention, tokenomics analysis, whale monitoring
π§ liquidity_analysis
Purpose: Pool data, unlock schedules, and LP analysis
Risk Tags Covered:
unlocked-liquidity- Liquidity is not lockedlp_holder_count- Liquidity provider holder count analysislp_total_supply- Total LP token supply analysiscreator_balance/creator_percent- Creator's token balance/percentageowner_balance/owner_percent- Owner's token balance/percentage
Use Cases: DeFi investments, yield farming, liquidity provision, rugpull prevention
π¨ fraud_detection
Purpose: Malicious actor and rugpull detection
Risk Tags Covered:
hacker/drainer- Address identified as malicious actorassociated_hacker/associated_drainer- Associated with malicious actors*_rugged/*_multiple_rugged- Rugpull history (minter/owner/authority/holders)*_hacker/*_drainer- Malicious actor association (minter/owner/authority/holders)stealing_attack/financial_crime/cybercrime/exploitation- Criminal activity_fundflow_hacker_ /*_fundflow_drainer- Fund flow to malicious actors
Use Cases: AML compliance, fraud prevention, risk screening, security monitoring
βοΈ sanctions_compliance
Purpose: Regulatory compliance and sanctions screening
Risk Tags Covered:
sanctioned/associated_sanctioned- Sanctioned addressofac_sanctioned- OFAC sanctioned*_ofac- OFAC association (minter/owner/authority/holders)*_fundflow_ofac- Fund flow to sanctioned addresses
Use Cases: Compliance programs, regulatory reporting, KYC/AML, institutional trading
πͺοΈ mixer_detection
Purpose: Privacy coin and mixer usage detection
Risk Tags Covered:
mixer/associated_mixer- Mixer usagetornado/associated_tornado- Tornado Cash usage_mixer/_fixedfloat/*_simpleswap- Mixer service usage (minter/owner/authority)_fundflow_mixer/ *_fundflow_fixedfloat/_fundflow_simpleswap- Fund flow through mixers
Use Cases: AML compliance, transaction monitoring, regulatory reporting
π address_behavior
Purpose: Trading patterns and behavioral analysis
Risk Tags Covered:
wash_trading- Wash trading detectedautomated_trading- Automated trading patternsmoney_laundering- Money laundering indicatorsdarkweb_transactions- Dark web transaction historymalicious_mining_activities- Malicious miningblackmail_activities/phishing_activities- Criminal activitiesdeployed_high_volatility_token- Deployed high-risk tokensnumber_of_malicious_contracts_created- Created malicious contracts
Use Cases: Behavioral analysis, fraud detection, compliance monitoring, bot detection
π transaction_analysis
Purpose: Transaction-level risk detection
Risk Tags Covered:
address_poisoning- Address poisoning attacks detected
Use Cases: Wallet security, transaction monitoring, attack prevention
π’ reputation_analysis
Purpose: Community reports and reputation scoring
Risk Tags Covered:
blacklist_doubt- Questionable blacklist statusspam_domain/spam- Spam-related activityvalid_report- Valid community reportsfake_kyc- Fake KYC documentationis_fake_token/is_true_token/is_scam- Token authenticityillegal_unicode- Illegal unicode charactersis_airdrop_scam- Airdrop scam detection
Use Cases: Community-driven security, reputation systems, scam prevention
π Chain-Specific Modules
βοΈ solana_specific
Purpose: Solana-only risk factors
Risk Tags Covered:
has_been_sniped- Token has been sniped by MEV botshas_been_bundled/bundled_token- Token involved in bundling attacksmutable-metadata- Metadata can be changed after deploymentminted-less-than-10-minutes/minted-less-than-1-hour/minted-less-than-1-day- Recently minted tokensimpersonator- Token impersonates another legitimate tokenknown-malicious-token- Token identified as malicious
Supported Chains: Solana
π evm_specific
Purpose: EVM-only risk factors
Risk Tags Covered:
(Currently no specific tags mapped - module focuses on EVM-specific analysis patterns)
Supported Chains: Ethereum, Polygon, BSC, Arbitrum, Optimism, Base
π ton_specific
Purpose: TON-only risk factors
Risk Tags Covered:
is_nonstandard_jetton- Non-standard jetton implementationis_nonstandard_jetton_wallet- Non-standard jetton wallet implementation
Supported Chains: TON
π sui_specific
Purpose: SUI-only risk factors
Risk Tags Covered:
(Currently no specific tags mapped - module focuses on SUI-specific analysis patterns)
Supported Chains: SUI
π basic_info
Purpose: Fast metadata checks
Risk Tags Covered:
insufficient_wallet_age- Wallet too newinsufficient_wallet_balance- Insufficient balanceinsufficient_wallet_transactions- Too few transactions
Use Cases: Basic screening, wallet validation, quick filtering
Recommended
Not sure where to start? Not sure which modules work best for your use case? Consider the combinations below.
π― Recommended Module Combinations
πββοΈ Real-Time Applications
modules=security_essentials
Use Case: Trading interfaces, wallet integrations, real-time screening
Coverage: Essential security flags only
π‘οΈ Security-Focused Analysis
modules=token_security,fraud_detection,sanctions_compliance,contract_analysis
Use Case: Security audits, DeFi protocols, comprehensive screening
Coverage: Complete security assessment
π° Investment Research
modules=market_data,liquidity_analysis,holder_analysis,governance_analysis
Use Case: Portfolio management, investment decisions, due diligence
Coverage: Financial and governance risks
π Compliance & AML
modules=sanctions_compliance,fraud_detection,mixer_detection,address_behavior
Use Case: Regulatory compliance, AML programs, institutional trading
Coverage: Regulatory and criminal activity detection
π Comprehensive Analysis
modules=security_essentials,token_security,fraud_detection,sanctions_compliance,market_data,liquidity_analysis
Use Case: Due diligence, comprehensive risk assessment, audit preparation
Coverage: All major risk categories