Skip to main content
POST
/
check-transfer
Transaction Check (KYT): decode + Tier 4 BFS + policy
curl --request POST \
  --url https://api.aegis-kyt.com/v2/check-transfer \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "chain": "<string>",
  "tx_hash": "<string>"
}
'
{
  "schema_version": 1,
  "check_id": "8f1f1c2e-4b8e-4f6a-9b3c-2a7d9e5c1f00",
  "status": "completed",
  "chain": "TRON",
  "tx_hash": "3dba6516a1f9a1b2c3d4e5f60718293a4b5c6d7e8f901234567890abcdef1234",
  "parse_result": {
    "transfers": [
      {
        "from": "TXmVpin5vq5gdZsciyyjdZgKRUju4st1wM",
        "to": "TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t",
        "asset": "USDT",
        "value": "2500.000000",
        "value_usd": 2500
      }
    ]
  },
  "composite_result": {
    "risk_level": "medium",
    "risk_score": 38,
    "risk_categories": [
      "sanctions_exposure"
    ],
    "origin_sources": [
      {
        "category": "exchange",
        "share": 0.81
      },
      {
        "category": "sanctions_exposure",
        "share": 0.19
      }
    ],
    "cold_enrich": {
      "candidates": 1,
      "folded": 1
    }
  },
  "policy_result": {
    "risk_level": "medium",
    "alerts": [],
    "policy": "standard"
  },
  "decode_warnings": [],
  "billing": {
    "model": "ledger",
    "charged_usd": "0.500000",
    "balance_usd": "42.500000",
    "monthly_spent_usd": "12.300000",
    "monthly_cap_usd": "500.000000"
  }
}
Auth: Authorization: Bearer aeg_… · Billing: charge-on-success, per your plan (commercial agreement)
Screen an inbound transaction the way /v2/check-address screens an address. Aegis decodes the tx, runs AML exposure analysis on each sender via Tier 4 BFS, applies the Aegis Standard policy to the USD-weighted composite, and returns PolicyAlerts. Mirrors the x402 GET /check-transfer/{chain}/{tx_hash} endpoint 1:1, at the same price.

Request

curl -X POST https://api.aegis-kyt.com/v2/check-transfer \
  -H "Authorization: Bearer aeg_YOUR_KEY_HERE" \
  -H "Content-Type: application/json" \
  -d '{ "chain": "TRON", "tx_hash": "abc…64hex" }'
FieldTypeNotes
chainstringETH | BSC | POLYGON | BASE | ARBITRUM | TRON
tx_hashstring0x-prefixed 32-byte hex, or TRON 64-hex
Send Idempotency-Key: <token> to make retries safe.

Synchronous, with a 202 fallback

The check waits up to ~25s for completion:
  • 200 — completed; body carries composite_result, policy_result, and a billing envelope. Charged once.
  • 202 — still running; body is { check_id, retry_url }. Fetch the result from the free GET /v2/transfer/{check_id}/result — you are billed once between the two calls.
  • 402insufficient_funds / monthly_cap_exceeded.
  • 409kyt_requires_subgroup: the key’s user has no organization / subgroup (KYT alerts + idempotency are tenant-scoped).
Charge-on-success: a parse or RPC failure returns 502 and is not charged.

Poll

curl https://api.aegis-kyt.com/v2/transfer/<check_id>/result \
  -H "Authorization: Bearer aeg_YOUR_KEY_HERE"
Returns 200 (verdict, charged once on first successful delivery), 202 (still running), 502 (failed — no charge), or 404 (unknown / not owned by the caller).

See also

Authorizations

Authorization
string
header
required

Your aeg_… API key from the dashboard (Account → API tab).

Body

application/json
chain
string
required

ETH | BSC | POLYGON | BASE | ARBITRUM | TRON.

Required string length: 1 - 20
Examples:

"TRON"

"ETH"

tx_hash
string
required

Transaction hash (0x-prefixed 32-byte hex, or TRON 64-hex).

Required string length: 1 - 80
Example:

"0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"

Response

Successful Response

The response is of type Response Check Transfer Check Transfer Post · object.