DeFi Compliance SDK
Drop-in JavaScript that screens wallet addresses before every transaction. One script tag protects your users from scams, sanctioned addresses, and high-risk wallets.
Quick Start
Add one script tag to your DeFi frontend. The SDK automatically intercepts MetaMask and EIP-6963 wallets.
<script
src="https://chainevidence.net/api/v1/sdk.js"
data-key="YOUR_API_KEY"
data-mode="block-sanctioned"
></script>That's it. Every eth_sendTransaction call is now screened. If the destination address is risky, your users see a warning modal before the transaction is sent to their wallet.
How It Works
Intercept
The SDK monkey-patches window.ethereum.request() to intercept eth_sendTransaction calls before they reach the wallet.
Screen
The destination address is checked against scam databases, OFAC sanctions lists, and our risk scoring engine. Results are cached locally for 5 minutes.
Protect
If risk is detected, a Shadow DOM modal warns the user. Depending on mode, they can proceed or the transaction is blocked entirely.
Configuration
Configure the SDK via data- attributes on the script tag.
| Attribute | Required | Description |
|---|---|---|
| data-key | Yes | Your ChainEvidence API key. Required. The SDK will not initialize without it. data-key="ce_live_a1b2c3d4..." |
| data-mode | No | Enforcement mode. "warn" shows a dismissible warning for risky addresses. "block-sanctioned" prevents OFAC-sanctioned transactions (warnings for high risk). "strict" blocks both sanctioned and high-risk addresses. data-mode="block-sanctioned" |
| data-api | No | Override the API base URL. Defaults to https://chainevidence.net. Useful for self-hosted or staging deployments. data-api="https://your-instance.com" |
Enforcement Modes
Choose a mode based on your compliance requirements.
warnWarnShows a dismissible warning modal for risky addresses (score >= 40, known scam, or sanctioned). Users can always proceed. Best for general DeFi frontends.
block-sanctionedBlock SanctionedBlocks OFAC-sanctioned addresses (no "Proceed" button). Shows dismissible warnings for non-sanctioned high-risk addresses. Recommended for regulated platforms.
strictStrictBlocks both sanctioned and high/critical-risk addresses (no "Proceed" button). Warns on medium risk. For compliance-first applications.
Event Callbacks
Subscribe to SDK events via window.ChainEvidence.on(). Use these for analytics, logging, or custom UI.
window.ChainEvidence.on('riskDetected', function(data) {
console.log('Risk detected for', data.address, '- Score:', data.risk.score);
analytics.track('risky_tx_attempt', data);
});
window.ChainEvidence.on('userCancelled', function(data) {
console.log('User cancelled transaction to', data.address);
});
window.ChainEvidence.on('blocked', function(data) {
console.log('Transaction blocked:', data.address, data.risk.level);
});| Event | Description | Payload |
|---|---|---|
| checked | Fired after every address check completes (regardless of risk level). | { address, risk: { score, level, scamReports, isKnownScam, isSanctioned } } |
| riskDetected | Fired when the address has a risk score >= 40, is a known scam, or is sanctioned. A modal is shown to the user. | { address, risk } |
| blocked | Fired when the address is blocked based on the current mode (strict or block-sanctioned). The "Proceed" button may be hidden. | { address, risk } |
| allowed | Fired when the address passes the risk check and the transaction proceeds normally. | { address, risk } |
| userProceeded | Fired when the user clicks "Proceed Anyway" on the risk modal. | { address, risk } |
| userCancelled | Fired when the user clicks "Cancel Transaction" or presses Escape. | { address, risk } |
| cacheHit | Fired when an address check is served from the local LRU cache (no API call made). | { address } |
| apiError | Fired when the ChainEvidence API returns a non-OK response or the network request fails. The transaction is NOT blocked. | { address, status?, error? } |
| providerIntercepted | Fired once when the SDK successfully patches window.ethereum.request. | { provider: 'ethereum' } |
Manual Address Check
You can also check addresses programmatically without waiting for a transaction.
// Returns the same data as the /api/v1/address/{address}/check endpoint
const result = await window.ChainEvidence.check('0x1234...');
if (result && result.risk.score >= 60) {
showCustomWarning('This address has a high risk score');
}
if (result && result.scamDatabase.isKnown) {
blockWithdrawal();
}Pricing
per address check
Billed per unique API call. Cached results (5min TTL) are free.
1,000 checks
$10
10,000 checks
$100
100,000+ checks
Contact us
20 free checks included with every API key. Top up your balance at any time via Stripe. No monthly fees, no commitments.
Features
Shadow DOM Isolation
The risk modal renders inside a closed Shadow DOM. Your app's CSS cannot affect it, and it cannot affect your app.
LRU Cache
50-entry LRU cache with 5-minute TTL. Repeat checks against the same address are instant and free.
Multi-Wallet Support
Intercepts MetaMask (window.ethereum) and all EIP-6963 announced wallet providers automatically.
Fail-Open Design
If the ChainEvidence API is unreachable or returns an error, the transaction proceeds normally. Your DApp is never blocked by our service.
Framework Integration
The SDK is a plain IIFE with zero dependencies. It works with any framework.
// Add to your _app.tsx or layout.tsx
import Script from 'next/script';
export default function Layout({ children }) {
return (
<>
{children}
<Script
src="https://chainevidence.net/api/v1/sdk.js"
data-key={process.env.NEXT_PUBLIC_CE_KEY}
data-mode="block-sanctioned"
strategy="afterInteractive"
/>
</>
);
}<!-- nuxt.config.ts -->
export default defineNuxtConfig({
app: {
head: {
script: [
{
src: 'https://chainevidence.net/api/v1/sdk.js',
'data-key': 'YOUR_API_KEY',
'data-mode': 'warn',
},
],
},
},
});<!-- Just before </body> -->
<script
src="https://chainevidence.net/api/v1/sdk.js"
data-key="YOUR_API_KEY"
data-mode="block-sanctioned"
></script>Protect your users today
Add one line of HTML to screen every transaction against scam databases and sanctions lists. 20 free checks included.