Introducing EmbeddedSafety™: Webacy’s Suite of API’s

Introducing EmbeddedSafety™: Webacy’s Suite of API’s

Since its inception, Webacy has been dedicated to bringing the most robust and valuable safety tools to consumers on blockchain. Today, we analyze over 300k transactions monthly, and monitor over $250MM in assets (and growing!). In order to serve and protect more end-users in web3, we’re finally revealing our API partner program, currently limited to invitation-only projects. 

We’ve talked about Embedded Safety before, especially with the launch of Wallet Safety Score in Unstoppable Domains’ profile pages and with our integration in Mintify. We’re now announcing 4 more API products.

This article will outline our powerful security APIs, giving you an overview of the many ways in which you can enhance the safety of your protocols, and ultimately, the people who use them.

We are currently selecting partners for our 2024 season. We’re already at 80% capacity, so If you’re interested in leveraging any of our APIs, please send an inquiry to [email protected], or get in touch with one of our team members. 

API Overview

We leverage over 12 data sources and leverage powerful ML/AI models to power the Webacy Risk Engine. Our API’s now look at several entities to cover risk: the wallet, the transaction, and the smart contract. This risk engine is adapted for various use cases, outlined in our 5 APIs (with more to come):

  • Wallet Level
    • Threat Risks API 
    • Exposure Risk API
  • Wallet Initiated / Smart Contract Level
    • Smart Contract Analysis API 
    • Transaction Risks API
  • Additional Functionality
    • Wallet Watch API

The following sections break each API down in detail, including possible use cases.

Wallet Level

These API’s look at a wallet address as an entity and its “sitting” risks and safety level.

Threat Risks API

This API takes a single blockchain address and returns that address’s risk to others. For example, the API would return data if that address appeared on the OFAC list, has previously deployed a known malicious smart contract, has close interaction with a known malicious address, and much more. 

Use cases include: 

  • Blocking certain address access to your platform / protocol for compliance, regulatory, or risk mitigation reasons
  • Warning users about interactions with a particular address
  • Hiding particular addresses, wallets, or accounts based on certain kinds of risk
  • Warning users before sending assets off-platform to a high-risk address
  • Flagging high risk NFTs or Tokens (ex. Fake tokens, spam, drainer contracts, and more)

Exposure Risk API 

This endpoint provides a holistic view of the safety of an on-chain address or wallet. In particular, this API gives you an understanding of how safe that account is: how likely it is to get drained or hacked, how risky its current set of open approvals are, the safety of the assets, NFTs, and tokens held within the wallet, its historical behavior, and so forth. 

The API returns a composite score, along with flags that bring insight to particular points of consideration within the account’s history. 

Use cases include:

  • Displaying the safety of an account to a user
  • Suggesting actions to be taken by an account owner to reduce their risk
  • Project owners maintaining healthy insight into their treasuries and accounts
  • DID and profile accounts displaying the safety level of users as part of a broader profile

Wallet Initiated / Smart Contract Level

These API’s look at the safety of “active” wallets and the things they interact with; i.e. a smart contract, or a transaction that has been initiated. 

Smart Contract Analysis API 

This endpoint enables real-time analysis of smart contract code itself, flagging malicious features and code that may heighten risk of engagement. The real-time nature of this endpoint allows you to analyze smart contracts that were previously unknown, or are brand new on-chain. 

Use cases include:

  • Scanning projects and tokens before showing them to end-users
  • Initial code audit while testing before submitting for a formal audit with a firm
  • Code assessment before interaction

Transaction Risks API

This API can run a risk assessment both prior and after a transaction. For pre-transaction, the endpoint will take multiple factors into consideration including counterparty risk, address risk, the action taken, any interaction with another contract or token, and so forth, to calculate the risk of a given transaction. This includes analyzing every possible transaction event; not just swaps (where it will analyze the swapped-to token smart contract) but also transfers, staking, LP’ing and more. 

Post-transaction, the endpoint is able to take a transaction hash and analyze risk after the fact. This action is particularly helpful when assessing the historical behavioral features of an address.

Use cases include:

  • Wallets displaying the risk of a transaction prior to execution to end-users
  • DEXs displaying the risk of a transaction in-app
  • Accountants or financial analysts understanding the safety of an address or account based on historical behavior (ex. Could recommend moving funds to a new wallet)
  • Browser extensions meant for MEV, Swapping, or other financial arbitrage can add an additional layer of safety to evaluate on-chain actions

Additional Functionality

Wallet Watch API

This endpoint enables you to subscribe your users to Webacy’s real-time monitoring suite. Users can receive alerts and notifications on any activity in and around an address. Each alert includes a risk score powered by the Webacy Risk Engine. 

Users can be notified of any send, receive, royalty payment, airdrop, approval, or any interaction with their wallet address on multiple chains, and can choose to monitor additional addresses. 

Conclusion

Our growing community is finding extreme value directly through our Webacy platform, and 

we’re excited to bring the Webacy Safety Suite to even more communities and projects through our powerful APIs. 

Please get in touch with us by sending an email to [email protected] or reach out to us directly via Twitter/X. Let’s build a safer Web3 together.