Sionix API Documentation
Real-time risk scoring, threat detection, and network intelligence across 7 EVM chains. Integrate in minutes. Powered by the Prism engine.
Overview
Sionix provides a REST API for detecting automated fraud, threat networks, and high-risk wallet activity on EVM-compatible chains. Every request returns a risk score, threat classification, and recommended action in milliseconds.
Base URL: https://api.sionix.tech
Sionix offers three plans: Trial (limited evaluation access), Business, and Enterprise. All production endpoints require a Business or Enterprise API key. Enterprise adds deeper intelligence fields, threat feed access, ecosystem management, and higher rate limits.
All responses follow a consistent format:
{
"success": true,
"data": { ... },
"meta": {
"requestId": "req_abc123",
"version": "1.0.0"
}
}
Quickstart
Get a risk score in under 60 seconds.
1. Get your API key
Sionix is sales-led. To get an API key and sandbox access, email sales@sionix.tech with your company name and use case. We'll provision a key and walk you through onboarding.
Once you have a key, pass it in the x-api-key header on every request. You can also use Authorization: Bearer YOUR_API_KEY.
2. Scan a wallet
curl -X POST https://api.sionix.tech/v1/wallet/scan \
-H "Content-Type: application/json" \
-H "x-api-key: YOUR_API_KEY" \
-d '{"address": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18", "chain": "ETH"}'
const response = await fetch("https://api.sionix.tech/v1/wallet/scan", {
method: "POST",
headers: {
"Content-Type": "application/json",
"x-api-key": "YOUR_API_KEY",
},
body: JSON.stringify({
address: "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18",
chain: "ETH",
}),
});
const result = await response.json();
console.log(result.data);
import requests
response = requests.post(
"https://api.sionix.tech/v1/wallet/scan",
headers={
"Content-Type": "application/json",
"x-api-key": "YOUR_API_KEY",
},
json={
"address": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18",
"chain": "ETH",
},
)
result = response.json()
print(result["data"])
3. Response (Business tier)
{
"success": true,
"data": {
"address": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18",
"chain": "ETH",
"riskScore": 14,
"riskTier": "low",
"isMalicious": false,
"threatType": "SAFE",
"threatCategory": "NONE",
"recommendedAction": "allow",
"summary": "No threat indicators detected",
"threatIntel": {
"sanctioned": false,
"reportedScam": false,
"knownEntity": false,
"feedSources": 0
}
}
}
Authentication
Every request requires an API key. Pass it using either header format:
x-api-key: YOUR_API_KEY
Authorization: Bearer YOUR_API_KEY
API keys are tied to your account and plan tier. Keep them secret — keys are hashed on our side and cannot be recovered if lost.
To request an API key, email sales@sionix.tech.
Never expose your API key in client-side code, public repos, or browser requests. Use a server-side proxy.
Scan Wallet
Analyze a wallet and return a full risk assessment. Enterprise keys receive additional intelligence fields (see Response Tiers).
Request body
| Field | Type | Required | Description |
|---|---|---|---|
| address | string | Yes | Ethereum-format address (0x...) |
| chain | string | No | Chain to scan. Default: ETH |
| includeHistory | boolean | No | Include historical context. Default: false |
Example request
curl -X POST https://api.sionix.tech/v1/wallet/scan \
-H "Content-Type: application/json" \
-H "x-api-key: YOUR_API_KEY" \
-d '{"address": "0x...", "chain": "ETH"}'
Example response (Business tier)
{
"success": true,
"data": {
"address": "0x...",
"chain": "ETH",
"riskScore": 85,
"riskTier": "critical",
"isMalicious": true,
"threatType": "CONFIRMED_THREAT",
"threatCategory": "WALLET_DRAINER",
"recommendedAction": "block",
"summary": "Confirmed threat — wallet exhibits drainer behavior",
"threatIntel": {
"sanctioned": false,
"reportedScam": true,
"knownEntity": false,
"feedSources": 2
}
}
}
threatType is one of: CONFIRMED_THREAT, HIGH_RISK, SUSPICIOUS, SAFE.
Response Tiers — Business vs Enterprise
Enterprise keys receive all Business fields plus deeper intelligence. Below is a side-by-side comparison for the same flagged wallet.
{
"address": "0x...",
"chain": "ETH",
"riskScore": 85,
"riskTier": "critical",
"isMalicious": true,
"threatType": "CONFIRMED_THREAT",
"threatCategory": "WALLET_DRAINER",
"recommendedAction": "block",
"summary": "...",
"threatIntel": {
"sanctioned": false,
"reportedScam": true,
"knownEntity": false,
"feedSources": 2
}
}
{
// ... all Business fields, plus:
"threatSeverity": "CRITICAL",
"assessmentConfidence": 0.95,
"lifecycleStage": "ACTIVE",
"behavioralContext": ["..."],
"classifications": ["..."],
"riskWindow": "24h",
"riskStability": "VOLATILE",
"threatNetwork": true,
"networkSeverity": "CRITICAL",
"networkThreatType": "DRAINER",
"networkSize": 14,
"associatedVictimCount": 230,
"estimatedLossEth": 412.5,
"networkConfidence": 0.92,
"threatPersistence": "PERSISTENT",
"threatRecurrence": "PATTERN_DETECTED",
"walletClassification": {
"role": "WALLET_DRAINER",
"confidence": 0.95,
"recommendedAction": "block"
},
"riskIndicators": [
{ "category": "...",
"severity": "...",
"description": "..." }
],
"riskContext": {
"category": "...",
"confidence": 0.95,
"networkAssociation": true,
"activeThreats": true,
"firstSeen": "...",
"lastActivity": "...",
"chainsAffected": 2
},
"recommendedMonitoringWindow": "24h",
"threatIntel": {
"sanctioned": false,
"reportedScam": true,
"knownEntity": false,
"entityType": null,
"entityLabel": null,
"feedMatches": [
{ "source": "...",
"category": "...",
"severity": "...",
"label": "..." }
],
"feedSources": 2,
"riskBoost": 15
}
}
Batch Scan
Scan up to 100 wallets in a single request.
Request body
| Field | Type | Required | Description |
|---|---|---|---|
| addresses | string[] | Yes | Array of addresses (1–100) |
| chain | string | No | Chain to scan. Default: ETH |
Example request
curl -X POST https://api.sionix.tech/v1/wallet/batch \
-H "Content-Type: application/json" \
-H "x-api-key: YOUR_API_KEY" \
-d '{"addresses": ["0xabc...", "0xdef..."], "chain": "ETH"}'
Get Risk Score
Get the cached risk score for a previously scanned wallet.
Check Compromised
Quick boolean check — is this wallet compromised?
Example response
{
"success": true,
"data": {
"address": "0x...",
"chain": "ETH",
"compromised": true
}
}
Risk History
Historical risk data for a wallet. Business gets a summary; Enterprise gets the full timeline with compliance fields.
Pre-Transaction Screen
Screen a wallet before allowing a transaction. Returns an allow, warn, or block recommendation in under 200ms.
Example response
{
"success": true,
"data": {
"address": "0x...",
"decision": "warn",
"riskScore": 54,
"reason": "Elevated risk — associated with known threat activity"
}
}
Monitors
Set up continuous monitoring on wallets. Sionix rescans them on a configurable interval and fires alerts via webhooks when risk changes.
Create a new wallet monitor. Business: up to 50 monitors. Enterprise: unlimited.
List all active monitors.
Get details for a specific monitor.
Update monitor settings (threshold, interval, active state).
Delete a monitor.
Create monitor — request body
| Field | Type | Required | Description |
|---|---|---|---|
| address | string | Yes | Wallet address to monitor |
| chain | string | No | Default: ETH |
| label | string | No | Friendly name (max 100 chars) |
| alertThreshold | number | No | Risk score to trigger alert (0–100). Default: 50 |
| scanInterval | number | No | Rescan interval in seconds (60–86400). Default: 300 |
| webhookUrl | string | No | URL to receive alerts |
Webhooks
Register a webhook endpoint for real-time alerts. Business: up to 5 webhooks. Enterprise: unlimited.
List registered webhooks.
Supported events
| Event | Description |
|---|---|
| monitor.alert | Risk score crossed alert threshold |
| monitor.risk_change | Risk tier changed (e.g. LOW → HIGH) |
| monitor.compromise_detected | Wallet flagged as compromised |
| monitor.cluster_match | Wallet linked to a known threat group |
| scan.complete | Async scan finished |
Threat Groups
Aggregate statistics on tracked threat groups.
Get details on a specific threat group.
Threat Feed
Live threat intelligence feed with cluster summaries, threat categories, and estimated losses.
Ecosystem Import
Import your entire wallet base for continuous risk monitoring.
Import up to 10,000 wallets in a single call. Returns a job ID for tracking.
Aggregate risk summary across your entire imported wallet base.
Trigger a full rescan of all imported wallets.
Check status of a background scan job.
Compliance Reports
Generate a compliance-grade risk report across your ecosystem. Includes risk trajectory, tier changes, compromise history, and audit metadata.
Error Codes
| Code | Meaning |
|---|---|
| 400 | Invalid request — check your request body against the schema |
| 401 | Invalid or missing API key |
| 403 | Feature not available on your plan |
| 404 | Resource not found |
| 429 | Rate limit exceeded — back off and retry |
| 500 | Internal server error |
All error responses include a structured body:
{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid request body",
"details": [...]
}
}
Rate Limits
| Plan | Requests / min | Scans / month |
|---|---|---|
| Business | 200 | 250,000 |
| Enterprise | 1,000 | Unlimited |
When you exceed a rate limit, the API returns 429 Too Many Requests. Back off and retry after the window resets (60-second rolling window).
Supported Chains
| Code | Chain |
|---|---|
| ETH | Ethereum |
| POLYGON | Polygon |
| ARBITRUM | Arbitrum One |
| BASE | Base |
| OPTIMISM | Optimism |
| BSC | BNB Smart Chain |
| AVALANCHE | Avalanche C-Chain |
Support
Need help integrating? Have a question about your plan?
| Channel | Contact |
|---|---|
| Sales & API keys | sales@sionix.tech |
| General support | support@sionix.tech |
| Security | security@sionix.tech |
| API status | api.sionix.tech/health |
Official Sionix domains
Sionix will never ask for your private keys, seed phrases, or wallet credentials. The only legitimate Sionix domains are:
- sionix.tech — Website
- api.sionix.tech — API
- docs.sionix.tech — Documentation
If you encounter a site impersonating Sionix, report it to security@sionix.tech.