Use the Webacy SDK to add blockchain security across diverse applications. Here’s how you can leverage these capabilities for your use case.
Wallet Apps & Browser Extensions
Examples: MetaMask-like wallets, hardware wallet companions, mobile wallets
Pre-Transaction Scanning
addresses.analyze() - Check addresses before sending funds
Fast Risk Assessment
addresses.getQuickProfile() - Sub-500ms risk scores for real-time UX
Copy-Paste Protection
addresses.checkPoisoning() - Detect address poisoning attacks
Transaction Simulation
scan.scanTransaction() - Simulate transactions before signing
scan.scanEip712() - Verify permit signaturesurl.check() - Block phishing linkswallets.getApprovals() - Show risky token approvals
import { ThreatClient, Chain } from '@webacy-xyz/sdk';
const client = new ThreatClient({
apiKey: process.env.WEBACY_API_KEY,
defaultChain: Chain.ETH,
});
// Before sending funds, check the recipient
async function checkRecipient(address: string) {
// Quick risk check (< 500ms)
const profile = await client.addresses.getQuickProfile(address);
if (profile.riskScore > 70) {
// Deep analysis for high-risk addresses
const analysis = await client.addresses.analyze(address);
return { safe: false, issues: analysis.issues };
}
// Check for address poisoning
const poisoning = await client.addresses.checkPoisoning(address);
if (poisoning.is_poisoned) {
return { safe: false, issues: ['Possible address poisoning attack'] };
}
return { safe: true };
}
Value: Protect your users before they sign dangerous transactions
DeFi Protocols & DEXes
Examples: Uniswap-like DEXes, lending protocols, yield aggregators
Token Screening
contracts.analyze() - Screen new token listings
Tax Detection
contracts.getTax() - Show buy/sell taxes
Compliance
addresses.checkSanctioned() - OFAC sanctions screening
Rug Pull Detection
holderAnalysis.get() - Detect concentrated holdings
tokens.getPools() - Pool risk analysis
import { ThreatClient, TradingClient, Chain } from '@webacy-xyz/sdk';
const threat = new ThreatClient({ apiKey: process.env.WEBACY_API_KEY });
const trading = new TradingClient({ apiKey: process.env.WEBACY_API_KEY });
// Screen a token before listing
async function screenTokenForListing(tokenAddress: string, chain: Chain) {
const [contract, holders, tax] = await Promise.all([
threat.contracts.analyze(tokenAddress, { chain }),
trading.holderAnalysis.get(tokenAddress, { chain }),
threat.contracts.getTax(tokenAddress, { chain }),
]);
const redFlags: string[] = [];
if (contract.overallRisk > 70) redFlags.push('High contract risk');
if (holders.top10Percentage > 90) redFlags.push('Concentrated holdings');
if (tax.buyTax > 10 || tax.sellTax > 10) redFlags.push('High tax token');
return { approved: redFlags.length === 0, redFlags };
}
Value: Screen tokens and protect your users from scams
Examples: Copy trading apps, trading bots, alpha scanners
Fast Token Risk
tradingLite.analyze() - Rapid token analysis (Solana)
Sniper Detection
holderAnalysis.get() - Detect snipers and bundlers
Trending Tokens
tokens.getTrending() - Find trending tokens with risk scores
Hidden Fee Detection
contracts.getTax() - Uncover hidden trading fees
tokens.getPoolOhlcv() - Technical analysis data
import { TradingClient, ThreatClient, Chain } from '@webacy-xyz/sdk';
const trading = new TradingClient({
apiKey: process.env.WEBACY_API_KEY,
defaultChain: Chain.SOL,
});
const threat = new ThreatClient({ apiKey: process.env.WEBACY_API_KEY });
// Quick token analysis for trading bot
async function analyzeForTrading(tokenAddress: string) {
// Fast analysis (< 1s)
const quick = await trading.tradingLite.analyze(tokenAddress);
if (quick.isHoneypot) return { tradeable: false, reason: 'Honeypot' };
if (quick.riskScore > 80) return { tradeable: false, reason: 'High risk' };
// Check for hidden fees
const tax = await threat.contracts.getTax(tokenAddress, { chain: Chain.SOL });
if (tax.buyTax > 5 || tax.sellTax > 5) {
return { tradeable: false, reason: `High tax: ${tax.buyTax}/${tax.sellTax}` };
}
return { tradeable: true, riskScore: quick.riskScore };
}
Value: Identify safe trading opportunities, avoid scams
Exchanges (CEX & DEX)
Examples: Centralized exchanges, hybrid exchanges
Sanctions Screening
addresses.checkSanctioned() - OFAC/sanctions compliance
Deposit Screening
addresses.analyze() - Screen incoming deposits
Fund Tracing
accountTrace.trace() - Multi-hop fund flow analysis
Transaction Monitoring
transactions.analyze() - Real-time transaction screening
contracts.analyze() - Token listing due diligence
import { ThreatClient, Chain } from '@webacy-xyz/sdk';
const client = new ThreatClient({
apiKey: process.env.WEBACY_API_KEY,
defaultChain: Chain.ETH,
});
// Screen deposit address for compliance
async function screenDeposit(address: string, chain: Chain) {
// Sanctions check (required for compliance)
const sanctions = await client.addresses.checkSanctioned(address, { chain });
if (sanctions.is_sanctioned) {
return { allowed: false, reason: 'Sanctioned address', details: sanctions };
}
// Risk analysis
const risk = await client.addresses.analyze(address, { chain });
if (risk.overallRisk > 80) {
// Trace fund sources for high-risk
const trace = await client.accountTrace.trace(address, { chain });
return { allowed: false, reason: 'High risk', risk, trace };
}
return { allowed: true, riskScore: risk.overallRisk };
}
Value: Meet regulatory requirements and protect your platform
Portfolio Trackers & Analytics
Examples: Zerion, DeBank-like apps, wallet dashboards
Approval Management
wallets.getApprovals() - Show and manage token approvals
Transaction History
wallets.getTransactions() - Risk-scored transaction history
Wallet Health
addresses.getQuickProfile() - Wallet security scores
Token Data
tokens.getToken() - Token economics and safety data
import { ThreatClient, TradingClient, Chain } from '@webacy-xyz/sdk';
const threat = new ThreatClient({ apiKey: process.env.WEBACY_API_KEY });
const trading = new TradingClient({ apiKey: process.env.WEBACY_API_KEY });
// Build wallet health dashboard
async function getWalletHealth(address: string, chain: Chain) {
const [profile, approvals, transactions] = await Promise.all([
threat.addresses.getQuickProfile(address, { chain, withApprovals: true }),
threat.wallets.getApprovals(address, { chain }),
threat.wallets.getTransactions(address, { chain }),
]);
// Count risky approvals (unlimited or to unknown contracts)
const riskyApprovals = approvals.approvals.filter(
a => a.amount === 'unlimited' || a.spenderRisk > 50
);
return {
riskScore: profile.riskScore,
riskLevel: profile.riskLevel,
accountAge: profile.accountAge,
riskyApprovals: riskyApprovals.length,
recentIssues: transactions.issues,
};
}
Value: Give users insights into their wallet security
Compliance & Security Teams
Examples: Crypto compliance firms, AML providers, forensic investigators
Sanctions Screening
addresses.checkSanctioned() - Real-time sanctions checks
Fund Tracing
accountTrace.trace() - Multi-hop transaction tracing
History Analysis
wallets.getTransactions() - Complete transaction history
Contract Audits
contracts.getCodeAnalysis() - Smart contract security analysis
import { ThreatClient, Chain } from '@webacy-xyz/sdk';
const client = new ThreatClient({
apiKey: process.env.WEBACY_API_KEY,
defaultChain: Chain.ETH,
});
// AML screening workflow
async function amlScreening(address: string, chain: Chain) {
// Step 1: Sanctions check
const sanctions = await client.addresses.checkSanctioned(address, { chain });
if (sanctions.is_sanctioned) {
return { status: 'blocked', reason: 'sanctioned', data: sanctions };
}
// Step 2: Risk analysis
const risk = await client.addresses.analyze(address, { chain });
// Step 3: Fund flow tracing for medium+ risk
if (risk.overallRisk >= 50) {
const trace = await client.accountTrace.trace(address, { chain });
const transactions = await client.wallets.getTransactions(address, { chain });
return {
status: risk.overallRisk >= 75 ? 'review' : 'monitor',
risk,
trace,
transactions,
};
}
return { status: 'approved', risk };
}
Value: Enterprise-grade blockchain compliance and forensics
Examples: Pump.fun integrations, launchpads, fair launch platforms
Holder Distribution
holderAnalysis.get() - Monitor holder concentration
Launch Screening
tradingLite.analyze() - Screen new token launches
Contract Safety
contracts.analyze() - Verify contract security
import { ThreatClient, TradingClient, Chain } from '@webacy-xyz/sdk';
const threat = new ThreatClient({ apiKey: process.env.WEBACY_API_KEY });
const trading = new TradingClient({
apiKey: process.env.WEBACY_API_KEY,
defaultChain: Chain.SOL,
});
// Screen new token launch
async function screenLaunch(tokenAddress: string) {
const [quick, holders, contract] = await Promise.all([
trading.tradingLite.analyze(tokenAddress),
trading.holderAnalysis.get(tokenAddress),
threat.contracts.analyze(tokenAddress, { chain: Chain.SOL }),
]);
const warnings: string[] = [];
if (quick.isHoneypot) warnings.push('Honeypot detected');
if (holders.sniperCount > 5) warnings.push(`${holders.sniperCount} snipers`);
if (holders.bundlerCount > 0) warnings.push(`${holders.bundlerCount} bundlers`);
if (holders.top10Percentage > 80) warnings.push('High concentration');
if (contract.overallRisk > 70) warnings.push('Contract risk');
return {
safe: warnings.length === 0,
warnings,
metrics: { holders: holders.totalHolders, liquidity: quick.liquidity },
};
}
Value: Verify launches are safe, detect snipers and bundlers
Why Webacy SDK?
Multi-Chain
12+ chains: ETH, SOL, BASE, ARB, POL, OPT, BSC, TON, SUI, STELLAR, BTC, SEI
Type-Safe
Full TypeScript support with IntelliSense
Real-Time
Quick profile optimized for sub-500ms responses
Comprehensive
Addresses, contracts, URLs, transactions
Production-Ready
Built-in retry logic and error handling
Pre-Transaction
Stop losses before they happen
Get Started
Installation
Install the SDK in your project
ThreatClient
Start with address and contract analysis
TradingClient
Token and holder analysis
API Reference
Full endpoint documentation
