Predictive crypto risk and KYT (Know Your Transaction) — wallet screening, transaction tracing, and counterparty risk via Compass and the KYBB API across BTC, EVM, Solana, Tron, and 20+ chains.
- 01wallet screening
- 02transaction monitoring (KYT)
- 03fund tracing and graph analysis
- 04counterparty due diligence
- 05VASP risk scoring
| Variable | Scope | Description |
|---|---|---|
| MERKLE_SCIENCE_API_KEY | Server | API key for the Compass / KYBB API issued from the Merkle Science dashboard. |
Use Merkle Science Compass for wallet and transaction screening. Server-side, call `POST https://api.compass.merklescience.com/api/v4/addresses/` with `Authorization: Token <MERKLE_SCIENCE_API_KEY>` and a body of `{ identifier, currency }` to register an address for monitoring; the response includes the assigned `risk_level` (low/medium/high/severe) and category exposures (e.g. sanctions, darknet, scam, mixer). For deposit/withdrawal screening at the transaction level, call `POST /api/v4/transactions/` with `tx_hash`, `currency`, and the customer-side address, then surface `tags`, `risk_score`, and `risk_categories` to your reviewer queue. Subscribe to the Compass alerts webhook so newly attributed exposure on previously low-risk wallets re-fires asynchronously, and use the KYBB API for VASP/business counterparty screening.
- ⚑Risk categorization depends on Merkle Science's labeling pipeline — wallets recently linked to illicit activity may take hours to days to reflect in scores, so layer with your own velocity rules for fast-moving abuse.
- ⚑Chain coverage and depth differ (BTC/ETH are deepest, newer chains have thinner attribution) — confirm coverage for every chain you support before relying on category exposure as a hard block.
- ⚑False-positive rates are noticeable on high-volume exchange hot wallets and DEX routers — exclude or de-prioritize protocol-tagged addresses in your blocking logic.
- ⚑Sandbox returns deterministic fixtures and does not reflect live attribution — never tune thresholds against sandbox.
- ⚑Webhooks must be authenticated via the configured signing secret (HMAC) — verify on every call to avoid forged alert dispositions.
- ⚑Data retention and right-to-erasure obligations vary (GDPR vs FinCEN record-keeping) — Merkle Science retains screening history server-side, but you remain the controller of customer linkage.