3. Real-Time Transaction Risk Alert API
Description
Supports risk screening for recent real-time transactions (within the last 24 hours).
This endpoint is used when you act as the fund recipient and perform a risk screening after an on-chain transaction has occurred, with a focus on the risk associated with the source of funds.
The interface applies the strategies configured in the rule engine.
1. Endpoint URL
GET /openapi/v3/risk/rule/tx/screening
2. Request Parameters
| Parameter | Type | Required | Description |
|---|
| apikey | string | true | API key |
| tx | string | true | Transaction hash |
| chain | string | true | Main chain name |
| to_address | string | true | Token receiving address |
| coin | string | true | Token name |
| app_id | string | true | Application ID |
3. Response Parameters
{
"code": 200,
"message": "success",
"data": {
"unique_id": "2541......c245",
"risk_level": "severe",
"risk_types": [
"Blackmail Scam"
],
"risk_tags": [
"phishing",
"Blackmail Scam"
],
"risk_code": 4444,
"risk_detail": {
"private_data": {
"hit_private_whitelist": false,
"hit_private_blacklist": false,
"private_blacklist_name": "Private blacklist name"
},
"hit_blacklist_address": true,
"tx_blacklist_address": [
{
"blacklist_address": "0xE0......D015",
"risk_types": "Blackmail Scam",
"risk_tags": [
"phishing"
]
}
],
"hit_direct_risk_review": false,
"hit_indirect_risk_review": true,
"hit_aml_review": true
}
}
}
Response Field Description
| Field | Type | Description |
|---|
| code | int | Business status code. 200 indicates success; other values indicate failure (refer to actual error codes returned). |
| message | string | Response status message, e.g., success. |
| data | object | Response data object. |
data Field Description
| Field | Type | Description |
|---|
| unique_id | string | Unique request ID (used for tracking and troubleshooting). |
| risk_level | string | Risk level: severe, high, medium, low, none (no risk hit or unknown). |
| risk_types | string[] | Risk type array (high-level categories), e.g., ["Blackmail Scam"]. |
| risk_tags | string[] | Risk tag array (more granular labels), e.g., ["phishing","Blackmail Scam"]. |
| risk_code | int | Risk code: 0 (no risk detected), -1 (not found), 4444 (blacklist hit). For other codes, refer to the Risk Code Specification. |
| risk_detail | object | Detailed risk information (strategy hits, blacklist matches, etc.). |
risk_detail Field Description
| Field | Type | Description |
|---|
| private_data | object | Private list hit information. |
| hit_blacklist_address | boolean | Whether the transaction includes a blacklist address (from or to). |
| tx_blacklist_address | array | List of blacklist addresses matched in the transaction (may contain multiple entries). |
| hit_direct_risk_review | boolean | Whether direct risk review rules were triggered. |
| hit_indirect_risk_review | boolean | Whether indirect risk review rules were triggered. |
| hit_aml_review | boolean | Whether AML review rules were triggered. |
private_data Field Description
| Field | Type | Description |
|---|
| hit_private_whitelist | boolean | Whether the address hits the private whitelist. true indicates a match. |
| hit_private_blacklist | boolean | Whether the address hits the private blacklist. true indicates a match. |
| private_blacklist_name | string | Name of the matched private blacklist (may be empty or not returned if no match). |
tx_blacklist_address Element Description
| Field | Type | Description |
|---|
| blacklist_address | string | The matched blacklist address. |
| risk_types | string | Risk type associated with the address. |
| risk_tags | string[] | Risk tag array associated with the address. |