Sionix API Documentation

Real-time risk scoring, threat detection, and cluster intelligence across 7 EVM chains. Integrate in minutes. Powered by the Prism engine.

Overview

Sionix provides a REST API for detecting automated fraud, attacker clusters, and high-risk wallet activity on EVM-compatible chains. Every request returns a risk score, threat classification, and recommended action in milliseconds.

Base URL: https://api.sionix.tech

All responses follow a consistent format:

{
  "success": true,
  "data": { ... },
  "meta": {
    "requestId": "req_abc123",
    "version": "1.0.0"
  }
}

Quickstart

Get a risk score in under 60 seconds.

1. Get your API key

2. Scan a wallet

curl -X POST https://api.sionix.tech/v1/wallet/scan \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_API_KEY" \
  -d '{"address": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18", "chain": "ETH"}'

3. Response

{
  "success": true,
  "data": {
    "address": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD18",
    "chain": "ETH",
    "riskScore": 14,
    "riskTier": "LOW",
    "isMalicious": false,
    "threatType": "NONE",
    "recommendedAction": "none"
  }
}

Authentication

Every request requires an API key passed in the x-api-key header.

x-api-key: YOUR_API_KEY

API keys are tied to your account and plan tier. Keep them secret — keys are hashed on our side and cannot be recovered if lost.

Never expose your API key in client-side code, public repos, or browser requests. Use a server-side proxy.

Scan Wallet

POST /v1/wallet/scan All tiers

Analyze a wallet and return a full risk assessment.

Request body

Field	Type	Required	Description
address	string	Yes	Ethereum-format address (0x...)
chain	string	No	Chain to scan. Default: `ETH`
includeHistory	boolean	No	Include historical context. Default: `false`

Example request

curl -X POST https://api.sionix.tech/v1/wallet/scan \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_API_KEY" \
  -d '{"address": "0x...", "chain": "ETH"}'

Example response

{
  "success": true,
  "data": {
    "address": "0x...",
    "chain": "ETH",
    "riskScore": 72,
    "riskTier": "HIGH",
    "isMalicious": true,
    "threatType": "DRAINER",
    "recommendedAction": "block"
  }
}

Batch Scan

POST /v1/wallet/batch Pro+

Scan up to 50 wallets (Pro) or 100 wallets (Business+) in a single request.

Request body

Field	Type	Required	Description
addresses	string[]	Yes	Array of addresses (1–100)
chain	string	No	Chain to scan. Default: `ETH`

Example request

curl -X POST https://api.sionix.tech/v1/wallet/batch \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_API_KEY" \
  -d '{"addresses": ["0xabc...", "0xdef..."], "chain": "ETH"}'

Get Risk Score

GET /v1/wallet/:address/risk All tiers

Get the cached risk score for a previously scanned wallet.

Check Compromised

GET /v1/wallet/:address/is-compromised All tiers

Quick boolean check — is this wallet compromised?

Example response

{
  "success": true,
  "data": {
    "address": "0x...",
    "isCompromised": true,
    "riskScore": 89,
    "recommendedAction": "block"
  }
}

Risk History

GET /v1/wallet/:address/history Pro+

Historical risk data for a wallet. Pro gets a summary; Business+ gets the full timeline with compliance fields.

Pre-Transaction Screen

POST /v1/transaction/screen All tiers

Screen a wallet before allowing a transaction. Returns an allow, warn, or block recommendation in under 200ms.

Example response

{
  "success": true,
  "data": {
    "address": "0x...",
    "decision": "warn",
    "riskScore": 54,
    "reason": "Elevated risk — associated with known threat activity"
  }
}

Monitors

Set up continuous monitoring on wallets. Sionix rescans them on a configurable interval and fires alerts via webhooks when risk changes.

POST /v1/monitors Pro+

Create a new wallet monitor.

GET /v1/monitors Pro+

List all active monitors.

GET /v1/monitors/:id Pro+

Get details for a specific monitor.

PATCH /v1/monitors/:id Pro+

Update monitor settings (threshold, interval, active state).

DELETE /v1/monitors/:id Pro+

Delete a monitor.

Create monitor — request body

Field	Type	Required	Description
address	string	Yes	Wallet address to monitor
chain	string	No	Default: `ETH`
label	string	No	Friendly name (max 100 chars)
alertThreshold	number	No	Risk score to trigger alert (0–100). Default: `50`
scanInterval	number	No	Rescan interval in seconds (60–86400). Default: `300`
webhookUrl	string	No	URL to receive alerts

Webhooks

POST /v1/webhooks Pro+

GET /v1/webhooks Pro+

List registered webhooks.

Supported events

Event	Description
monitor.alert	Risk score crossed alert threshold
monitor.risk_change	Risk tier changed (e.g. LOW → HIGH)
monitor.compromise_detected	Wallet flagged as compromised
monitor.threat_match	Wallet linked to a known threat group
scan.complete	Async scan finished

Threat Groups

GET /v1/cluster/stats Pro+

Aggregate statistics on tracked threat groups.

GET /v1/cluster/:id Pro+

Get details on a specific threat group.

Threat Feed

GET /v1/threat-feed Pro+

Live threat intelligence feed. Pro gets an overview; Business+ gets expanded threat context and estimated losses.

Ecosystem Import

Import your entire wallet base for continuous risk monitoring.

POST /v1/ecosystem/import Business+

Import up to 10,000 wallets in a single call. Returns a job ID for tracking.

GET /v1/ecosystem/summary Business+

Aggregate risk summary across your entire imported wallet base.

POST /v1/ecosystem/rescan Business+

Trigger a full rescan of all imported wallets.

GET /v1/ecosystem/scan/:jobId Business+

Check status of a background scan job.

Compliance Reports

GET /v1/ecosystem/compliance Business+

Generate a compliance-grade risk report across your ecosystem. Includes risk trajectory, tier changes, compromise history, and audit metadata.

Error Codes

Code	Meaning
400	Invalid request — check your request body against the schema
401	Invalid or missing API key
403	Feature not available on your plan
404	Resource not found
429	Rate limit exceeded — back off and retry
500	Internal server error

All error responses include a structured body:

{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid request body",
    "details": [...]
  }
}

Rate Limits

Rate limits, scan quotas, and feature access are configured per plan. Request access to discuss the right configuration for your team.

Supported Chains

Code	Chain
ETH	Ethereum
POLYGON	Polygon
ARBITRUM	Arbitrum One
BASE	Base
OPTIMISM	Optimism
BSC	BNB Smart Chain
AVALANCHE	Avalanche C-Chain

Support

Need help integrating? Have a question about your plan?

Channel	Contact
General support	support@sionix.tech
Security	security@sionix.tech
API status	api.sionix.tech/health

Official Sionix domains

Sionix will never ask for your private keys, seed phrases, or wallet credentials. The only legitimate Sionix domains are:

sionix.tech — Website
api.sionix.tech — API
docs.sionix.tech — Documentation

If you encounter a site impersonating Sionix, report it to security@sionix.tech.