API documentation

REST API for AML screening of crypto addresses and transactions across 24 networks. The risk score is built from source-of-funds analysis using the AMLBot methodology. All requests are over HTTPS with JSON bodies and responses.

Updated:
Base URL: https://amlbridge.io

Authentication

Create a key in “API keys” and pass it in the x-api-key header. The key is shown once at creation — store it; only its hash is kept.

Checks are isolated per key: over the API each key sees only its own checks (GET /v1/checks and /v1/checks/{id}). The dashboard shows all account checks, including those created via the API.

Default limit — 600 requests per minute per key. Each check spends 1 credit; on a provider error the credit is refunded automatically.

x-api-key: ab_live_xxxxxxxxxxxxxxxxxxxxxxxx

Endpoints

MethodPathDescription
GET/v1/chainsList of supported networks
POST/v1/checksCreate a check → 202 Accepted
GET/v1/checks/{id}Check status and result
GET/v1/checksList your checks with filters
GET/v1/balanceRemaining credits and balance

Supported networks

curl "https://amlbridge.io/v1/chains" -H "x-api-key: ab_live_..."

{ "chains": ["BTC","ERC20","TRC20","BEP20","SOL","POL", ...] }   // всего: 24

Creating a check

A check is asynchronous — the response immediately returns an id with status pending; the result is prepared in the background.

Request parameters

FieldTypeReq.Description
kindstringyesaddress — screen an address; tx — screen a transaction
chainstringyesNetwork code (values from GET /v1/chains)
addressstringyesAddress to screen (for kind=tx — the recipient address)
txIdstringnoTransaction hash (required when kind=tx)
webhookUrlstringnoURL to notify on completion (optional)
# Проверка адреса
curl -X POST "https://amlbridge.io/v1/checks" \
  -H "x-api-key: ab_live_..." -H "content-type: application/json" \
  -d '{"kind":"address","chain":"ERC20","address":"0xabc...def"}'

# Проверка транзакции
curl -X POST "https://amlbridge.io/v1/checks" \
  -H "x-api-key: ab_live_..." -H "content-type: application/json" \
  -d '{"kind":"tx","chain":"ERC20","address":"0xreceiver...","txId":"0xdeadbeef..."}'

# С вебхуком
curl -X POST "https://amlbridge.io/v1/checks" \
  -H "x-api-key: ab_live_..." -H "content-type: application/json" \
  -d '{"kind":"address","chain":"BTC","address":"bc1q...","webhookUrl":"https://example.com/hook"}'

# 202 Accepted
{ "id": "5f0c...", "status": "pending", "chain": "ERC20", "address": "0xabc...def" }

Lifecycle

Poll GET /v1/checks/{id} until status is final, or provide webhookUrl to receive the result via push.

in progresspendingthe check is still running
cleanokclean — risk below the block threshold
dirtydirtydirty — risk in the block zone (≥50%)
errorerrorprovider error, credit refunded

Getting the result

The /v1/checks list supports page, limit, status and target (search by address/hash) and returns only this key’s checks.

curl "https://amlbridge.io/v1/checks/<id>" -H "x-api-key: ab_live_..."

{
  "id": "5f0c...",
  "kind": "address",
  "chain": "ERC20",
  "address": "0xabc...def",
  "status": "dirty",
  "riskScore": 0.68,
  "signals": { "stolen_coins": 0.47, "risky_exchange": 0.14, "exchange": 0.13 },
  "createdAt": "2026-07-13T11:45:40.000Z",
  "finishedAt": "2026-07-13T11:46:50.000Z"
}

# Список (только проверки этого ключа) и баланс
curl "https://amlbridge.io/v1/checks?page=1&limit=20&status=dirty&target=0xabc" -H "x-api-key: ab_live_..."
curl "https://amlbridge.io/v1/balance" -H "x-api-key: ab_live_..."

Risk Score

riskScore (0–1) is the likelihood that an address is tied to illegal activity. It is computed from source-of-funds shares weighted by their danger: danger sources contribute the most, and “heavy” ones (mixer, dark market, stolen coins, sanctions, etc.) raise the score even at a small share.

Risk levels

Low (0–24%) — transfers are generally safe.
Medium (25–49%) — attention required.
High / risk zone (≥50%) — transfers may be blocked by exchanges.

Signals reference

The signals field holds shares (0–1) of funds from each source. Each source belongs to one of three danger groups:

Danger — direct criminal / prohibited sources
Suspicious — elevated risk
Trusted — legitimate, regulated sources
SignalGroupDescription
mixerDangerFunds passed through a mixer/tumbler to obscure the trail. A primary laundering tool.
dark_marketDangerFunds from darknet markets — platforms for illegal trade.
dark_serviceDangerServices tied to drug trafficking, terrorism financing or child abuse.
stolen_coinsDangerStolen coins (hacks, thefts from wallets and exchanges).
scamDangerFunds obtained by deception — phishing, Ponzi schemes, fraud.
ransomDangerFunds from extortion and ransomware.
sanctionsDangerSanctioned entities (OFAC and other lists).
illegal_serviceDangerFunds from illegal services and unlawful activity.
gamblingDangerFunds from unlicensed gambling services.
child_exploitationDangerEntities associated with child exploitation.
terrorism_financingDangerEntities associated with terrorism financing.
exchange_fraudulentDangerFraudulent exchanges: exit scams, illegal behavior, confiscated funds.
enforcement_actionDangerEntity subject to law-enforcement proceedings.
malwareDangerFunds associated with malware distribution.
risky_exchangeSuspiciousHigh-risk exchange: no KYC, weak jurisdiction, high darknet exposure.
p2p_exchange_mlrisk_highSuspiciousHigh-risk P2P exchange: no license/KYC, attractive for laundering.
atmSuspiciousFunds obtained via a crypto ATM operator.
unnamed_serviceSuspiciousUnidentified service or counterparty with no established reputation.
exchangeTrustedLicensed exchange — the main legitimate source of funds.
p2p_exchangeTrustedLicensed P2P exchange without an intermediary.
paymentTrustedPayment processor / payment service.
merchant_servicesTrustedPayment gateway (acquiring), business payment acceptance.
marketplaceTrustedLegitimate marketplace — payment for lawful goods and services.
walletTrustedFunds in verified wallets.
minerTrustedCoins mined by miners.
liquidity_poolsTrustedDeFi liquidity pools.
decentralized_exchange_contractTrustedDecentralized exchange (DEX) contracts.
infrastructure_as_a_serviceTrustedInfrastructure-as-a-service providers.
seized_assetsTrustedAssets seized by the government.
otherTrustedOther sources: airdrops, token sales, etc.

Error codes

CodeWhen
401invalid or revoked x-api-key
402insufficient credits — buy a package
404check not found or belongs to another key
422unsupported network or missing txId when kind=tx
429rate limit exceeded

Webhooks

When a check finishes, a POST with the result JSON is sent to webhookUrl. The signature is the X-AmlBridge-Signature header (HMAC-SHA256 of the body, secret from settings). A non-2xx response is retried 8 times with exponential backoff.

POST https://example.com/hook
X-AmlBridge-Signature: <hmac-sha256>
content-type: application/json

{ "id": "5f0c...", "status": "dirty", "riskScore": 0.68, "signals": { ... } }
Start screening Sign up in a minute, pay in crypto.