DYOR AML API Documentation
Integrate real-time compliance signals directly into your workflow. Our REST API provides automated risk scoring, exposure analysis, and behavioral insights for Ethereum and Solana wallets.
RESTful Endpoints
Predictable resource-oriented URLs using standard HTTP response codes and JSON payloads.
Secure Auth
Simple API Key authentication via Bearer tokens. Secure your integration with role-based access.
Rate Limiting
Scalable tiers designed for both small developers and high-volume enterprise compliance teams.
Core API Endpoints
Comprehensive wallet analysis through specialized resource paths.
/v1/wallet/{address}/risk Retrieves the high-level risk score (0-100) and primary risk flags for a specific wallet address. Ideal for rapid screening at the point of interaction.
Path Parameters
-
address(string, required): The wallet address to analyze (ETH/SOL).
{ "address": "0x742d35Cc6634C0532925a3b844Bc454e4438f44e", "risk_score": 85, "level": "High", "flags": ["sanctions_related", "mixer_exposure"], "updated_at": "2024-03-20T14:30:00Z"
} /v1/wallet/{address}/exposure Provides detailed counterparty exposure summary, including hop distance to known high-risk entities and entity clustering insights.
Path Parameters
-
address(string, required): The wallet address to analyze.
{ "address": "0x742d35Cc6634C0532925a3b844Bc454e4438f44e", "exposure_summary": { "direct_exposure": 12.5, "indirect_exposure": 45.2, "top_entities": ["Tornado Cash", "Lazarus Group (Related)"] }
} /v1/batch Submit up to 100 addresses for parallel risk screening. Returns a job ID to poll for results or wait for a webhook callback.
Request Body
-
addresses(array, required): List of strings. -
webhook_url(string, optional): URL for results delivery.
{ "job_id": "job_987654321", "status": "queued", "estimated_completion": "2024-03-20T14:35:00Z"
} Implementation Examples
Static code snippets to accelerate your development process.
curl -X GET "https://api.dyoraml.io/v1/wallet/0x123.../risk" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Accept: application/json" const axios = require('axios'); async function checkRisk(address) { const response = await axios.get(`https://api.dyoraml.io/v1/wallet/${address}/risk`, { headers: { 'Authorization': 'Bearer YOUR_API_KEY' } }); console.log(response.data);
} import requests def get_risk(address): url = f"https://api.dyoraml.io/v1/wallet/{address}/risk" headers = {"Authorization": "Bearer YOUR_API_KEY"} response = requests.get(url, headers=headers) return response.json() Authentication & Limits
Secure your integration and understand our operational boundaries.
Bearer Token Format
All API requests must include your API key in the Authorization header using the Bearer scheme. Keep your keys confidential; never commit them to public repositories.
Authorization: Bearer dyor_live_xxxxxxxxxxxx | Tier | Rate Limit | Monthly Cap |
|---|---|---|
| Free | 1 req/sec | 100 requests |
| Pro | 10 req/sec | 50,000 requests |
| Enterprise | Custom | Unlimited |
HTTP 429 Too Many Requests
When you exceed your rate limit, the API returns a 429 status code. We recommend implementing an exponential backoff strategy for retries.
{ "error": "rate_limit_exceeded", "message": "You have exceeded your current limit. Retry in 60 seconds.", "retry_after": 60
} Webhooks & Batching
Event-driven compliance monitoring and high-volume screening.
Real-time Alerts
Webhooks allow your system to receive push notifications when a monitored wallet's risk score changes significantly or hits a predefined threshold.
Async Results
For batch operations, webhooks serve as the primary delivery mechanism once large-scale analysis is completed by our engine.
{ "event": "wallet.risk_increased", "timestamp": "2024-03-20T15:00:00Z", "data": { "address": "0x742d35Cc6634C0532925a3b844Bc454e4438f44e", "previous_score": 15, "new_score": 72, "trigger_reason": "interaction_with_sanctioned_entity" }
} Batch POST requests expect a JSON array of addresses. Our system clusters these to optimize lookup speed and reduce credit usage for related entities.
Data & Security Principles
How we handle information and the responsibilities of our users.
Anonymity & Privacy
DYOR AML does not require user registration or personal data for basic screening. We analyze public blockchain data and commercial signals. We do not store or link your API queries to real-world identities beyond what is necessary for rate limiting and billing.
- Never expose API keys in client-side code (browsers/mobile apps).
- Use server-side proxying to keep keys secure.
- Rotate keys regularly using our rotation endpoint.
- Implement IP whitelisting for production keys.
Important Disclaimer
DYOR AML provides risk indicators based on public data. These signals are NOT legal advice, nor do they guarantee the presence or absence of criminal activity. Our scoring is a decision-support tool, not a substitute for comprehensive KYC/EDD procedures.
Developer FAQ
Quick answers to common integration questions.
How do I get an API Key?
API keys are issued during onboarding. Please contact our sales team to receive credentials and integration guidance.
Which blockchains are supported?
We support Ethereum (Mainnet) and Solana.
What do the risk scores mean?
Scores 0-30 are Low Risk, 31-70 are Medium, and 71-100 are High. Scores are calculated based on sanctions-related signals, mixer usage, and behavioral anomalies.
How do rate limits work?
Rate limits protect stability and are applied per API key. Limits depend on your plan and can be increased for high-volume workflows.
Is there a pagination limit for exposure data?
Yes, exposure lists are paginated with a default limit of 50 entities per page. Use the page and limit query parameters to navigate results.