GET /check-address/{chain}/{address}

$1.00 — Aegis full 4-tier verdict

curl --request GET \
  --url https://x402.aegis-kyt.com/check-address/{chain}/{address}

{
  "schema_version": 1,
  "address": "TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t",
  "network": "TRON",
  "provider": "Aegis",
  "decision": "reject",
  "verdict": {
    "ok": true,
    "risk_level": "sanctioned",
    "risk_score": 100,
    "risk_categories": [
      "sanctioned"
    ],
    "sdn_match": {
      "entity_name": "EXAMPLE DESIGNATED ENTITY",
      "programs": [
        "SDN"
      ],
      "listing_date": "2025-11-14"
    },
    "consensus_found": true,
    "source_count": 3,
    "confidence": 0.92,
    "tier3_applied": true,
    "tier4_applied": true,
    "sanctions_exposure_share": null,
    "vasp_attribution": null,
    "fallback_used": []
  },
  "elapsed_ms": 1840
}

GET

check-address

{chain}

{address}

$1.00 — Aegis full 4-tier verdict

curl --request GET \
  --url https://x402.aegis-kyt.com/check-address/{chain}/{address}

{
  "schema_version": 1,
  "address": "TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t",
  "network": "TRON",
  "provider": "Aegis",
  "decision": "reject",
  "verdict": {
    "ok": true,
    "risk_level": "sanctioned",
    "risk_score": 100,
    "risk_categories": [
      "sanctioned"
    ],
    "sdn_match": {
      "entity_name": "EXAMPLE DESIGNATED ENTITY",
      "programs": [
        "SDN"
      ],
      "listing_date": "2025-11-14"
    },
    "consensus_found": true,
    "source_count": 3,
    "confidence": 0.92,
    "tier3_applied": true,
    "tier4_applied": true,
    "sanctions_exposure_share": null,
    "vasp_attribution": null,
    "fallback_used": []
  },
  "elapsed_ms": 1840
}

Tier: $1.00 · Asset: USDC · Network: Base

The full Aegis verdict. Combines:

Tier	What it does
0 · SDN	Direct lookup against OFAC SDN + UK OFSI + EU sanctions lists
1+2 · Consensus	17-source aggregation with severity caps + confidence scoring
3 · One-hop	Inherits risk from immediate counterparties (haircut formula)
4 · BFS	Multi-hop priority-queue exposure traversal (max 5 hops)

Returns the full per-tier breakdown so an analyst can see WHY the address is risky, not just THAT it’s risky.

Path parameters

Name	Type	Description
`chain`	string	See networks
`address`	string	Address; case-normalised per chain

Request

curl -H "X-PAYMENT: <proof>" \
     https://x402.aegis-kyt.com/check-address/eth/0xa7efae728d2936e78bda97dc267687568dd593f4

Response — 200

{
  "schema_version": 5,
  "tier": "screen.deep",
  "address": "0xa7efae728d2936e78bda97dc267687568dd593f4",
  "chain": "eth",
  "risk_level":      "critical",
  "risk_score":       95,
  "risk_categories": ["mixer", "ofac-sdn"],
  "consensus_found":  true,
  "source_count":     12,
  "confidence":       0.92,
  "primary_source_slug": "ofac-sdn",
  "label":            "Tornado Cash Router",
  "sdn_match": {
    "id":             "12345",
    "entity_name":    "TORNADO CASH",
    "programs":       ["CYBER2"],
    "sanctions_types": ["Block"],
    "listing_date":   "2022-08-08"
  },
  "one_hop": {
    "applied":         true,
    "neighbours_seen": 47,
    "max_severity":    100,
    "contribution":    23.4
  },
  "bfs": {
    "applied":         true,
    "hops_explored":   3,
    "addresses_seen":  189,
    "exposure_score":  91.2,
    "category_breakdown": {
      "mixer":  {"contribution": 71.1, "min_hops": 0},
      "scam":   {"contribution": 12.8, "min_hops": 2}
    }
  },
  "tiers_run":     ["sdn", "consensus", "one_hop", "bfs"],
  "tiers_skipped": [],
  "elapsed_ms":     2840
}

Response shape

schema_version=5 envelope from the underlying Aegis service. Top-level fields:

Field	Type	Notes
`risk_level`, `risk_score`, `risk_categories[]`	…	Same semantics as /screen
`consensus_found`	bool	True when ≥1 source has labelled this address
`primary_source_slug`	string \| null	Top-trust source contributing to the verdict
`sdn_match`	object \| null	Tier-0 hit on a sanctions list
`one_hop`	object \| null	Tier-3 1-hop inheritance result
`bfs`	object \| null	Tier-4 BFS multi-hop result
`tiers_run[]`	string[]	Which tiers actually executed for this call
`tiers_skipped[]`	object[]	Tiers we declined to run + reason (e.g. `{"name":"bfs", "reason":"already_critical"}`)
`elapsed_ms`	int	Server-side wall time

Tier-skip behaviour

For maximum speed Aegis short-circuits. If Tier 0 hits an exact OFAC SDN match, Tier 3 (1-hop) and Tier 4 (BFS) are skipped — there’s nothing more to learn. Conversely if Tier 0+1+2 find nothing, the expensive BFS Tier 4 always runs to confirm the negative. tiers_skipped[] records every skip with a one-word reason so you know whether the absence of bfs in the response is “we ran it and it found nothing” vs “we didn’t run it because we already had a verdict”.

Use this vs other tiers

**Use /screen ( $0.10)** when you don't need graph traversal — saves$ 0.90. You still get every per-source label plus the consensus risk verdict.
Use /check-transfer ($0.50) to screen an inbound transaction (per-sender exposure + policy alerts) rather than a single address.

Path Parameters

chain

string

required

address

string

required

Response

Successful Response

The response is of type Response Tier Screen Deep Screen Deep Chain Address Get · object.

GET /screen/{chain}/{address}GET /check-transfer/{chain}/{tx_hash}

​Path parameters

​Request

​Response — 200

​Response shape

​Tier-skip behaviour

​Use this vs other tiers

Path Parameters

Response

Path parameters

Request

Response — 200

Response shape

Tier-skip behaviour

Use this vs other tiers