API documentation
REST API for AML screening of crypto addresses and transactions across 24 networks. The risk score is built from source-of-funds analysis using the AMLBot methodology. All requests are over HTTPS with JSON bodies and responses.
Authentication
Create a key in “API keys” and pass it in the x-api-key header. The key is shown once at creation — store it; only its hash is kept.
Default limit — 600 requests per minute per key. Each check spends 1 credit; on a provider error the credit is refunded automatically.
x-api-key: ab_live_xxxxxxxxxxxxxxxxxxxxxxxx
Endpoints
| Method | Path | Description |
|---|---|---|
| GET | /v1/chains | List of supported networks |
| POST | /v1/checks | Create a check → 202 Accepted |
| GET | /v1/checks/{id} | Check status and result |
| GET | /v1/checks | List your checks with filters |
| GET | /v1/balance | Remaining credits and balance |
Supported networks
curl "https://amlbridge.io/v1/chains" -H "x-api-key: ab_live_..."
{ "chains": ["BTC","ERC20","TRC20","BEP20","SOL","POL", ...] } // всего: 24Creating a check
A check is asynchronous — the response immediately returns an id with status pending; the result is prepared in the background.
Request parameters
| Field | Type | Req. | Description |
|---|---|---|---|
| kind | string | yes | address — screen an address; tx — screen a transaction |
| chain | string | yes | Network code (values from GET /v1/chains) |
| address | string | yes | Address to screen (for kind=tx — the recipient address) |
| txId | string | no | Transaction hash (required when kind=tx) |
| webhookUrl | string | no | URL to notify on completion (optional) |
# Проверка адреса
curl -X POST "https://amlbridge.io/v1/checks" \
-H "x-api-key: ab_live_..." -H "content-type: application/json" \
-d '{"kind":"address","chain":"ERC20","address":"0xabc...def"}'
# Проверка транзакции
curl -X POST "https://amlbridge.io/v1/checks" \
-H "x-api-key: ab_live_..." -H "content-type: application/json" \
-d '{"kind":"tx","chain":"ERC20","address":"0xreceiver...","txId":"0xdeadbeef..."}'
# С вебхуком
curl -X POST "https://amlbridge.io/v1/checks" \
-H "x-api-key: ab_live_..." -H "content-type: application/json" \
-d '{"kind":"address","chain":"BTC","address":"bc1q...","webhookUrl":"https://example.com/hook"}'
# 202 Accepted
{ "id": "5f0c...", "status": "pending", "chain": "ERC20", "address": "0xabc...def" }Lifecycle
Poll GET /v1/checks/{id} until status is final, or provide webhookUrl to receive the result via push.
Getting the result
The /v1/checks list supports page, limit, status and target (search by address/hash) and returns only this key’s checks.
curl "https://amlbridge.io/v1/checks/<id>" -H "x-api-key: ab_live_..."
{
"id": "5f0c...",
"kind": "address",
"chain": "ERC20",
"address": "0xabc...def",
"status": "dirty",
"riskScore": 0.68,
"signals": { "stolen_coins": 0.47, "risky_exchange": 0.14, "exchange": 0.13 },
"createdAt": "2026-07-13T11:45:40.000Z",
"finishedAt": "2026-07-13T11:46:50.000Z"
}
# Список (только проверки этого ключа) и баланс
curl "https://amlbridge.io/v1/checks?page=1&limit=20&status=dirty&target=0xabc" -H "x-api-key: ab_live_..."
curl "https://amlbridge.io/v1/balance" -H "x-api-key: ab_live_..."Risk Score
riskScore (0–1) is the likelihood that an address is tied to illegal activity. It is computed from source-of-funds shares weighted by their danger: danger sources contribute the most, and “heavy” ones (mixer, dark market, stolen coins, sanctions, etc.) raise the score even at a small share.
Risk levels
Signals reference
The signals field holds shares (0–1) of funds from each source. Each source belongs to one of three danger groups:
| Signal | Group | Description |
|---|---|---|
| mixer | Danger | Funds passed through a mixer/tumbler to obscure the trail. A primary laundering tool. |
| dark_market | Danger | Funds from darknet markets — platforms for illegal trade. |
| dark_service | Danger | Services tied to drug trafficking, terrorism financing or child abuse. |
| stolen_coins | Danger | Stolen coins (hacks, thefts from wallets and exchanges). |
| scam | Danger | Funds obtained by deception — phishing, Ponzi schemes, fraud. |
| ransom | Danger | Funds from extortion and ransomware. |
| sanctions | Danger | Sanctioned entities (OFAC and other lists). |
| illegal_service | Danger | Funds from illegal services and unlawful activity. |
| gambling | Danger | Funds from unlicensed gambling services. |
| child_exploitation | Danger | Entities associated with child exploitation. |
| terrorism_financing | Danger | Entities associated with terrorism financing. |
| exchange_fraudulent | Danger | Fraudulent exchanges: exit scams, illegal behavior, confiscated funds. |
| enforcement_action | Danger | Entity subject to law-enforcement proceedings. |
| malware | Danger | Funds associated with malware distribution. |
| risky_exchange | Suspicious | High-risk exchange: no KYC, weak jurisdiction, high darknet exposure. |
| p2p_exchange_mlrisk_high | Suspicious | High-risk P2P exchange: no license/KYC, attractive for laundering. |
| atm | Suspicious | Funds obtained via a crypto ATM operator. |
| unnamed_service | Suspicious | Unidentified service or counterparty with no established reputation. |
| exchange | Trusted | Licensed exchange — the main legitimate source of funds. |
| p2p_exchange | Trusted | Licensed P2P exchange without an intermediary. |
| payment | Trusted | Payment processor / payment service. |
| merchant_services | Trusted | Payment gateway (acquiring), business payment acceptance. |
| marketplace | Trusted | Legitimate marketplace — payment for lawful goods and services. |
| wallet | Trusted | Funds in verified wallets. |
| miner | Trusted | Coins mined by miners. |
| liquidity_pools | Trusted | DeFi liquidity pools. |
| decentralized_exchange_contract | Trusted | Decentralized exchange (DEX) contracts. |
| infrastructure_as_a_service | Trusted | Infrastructure-as-a-service providers. |
| seized_assets | Trusted | Assets seized by the government. |
| other | Trusted | Other sources: airdrops, token sales, etc. |
Error codes
| Code | When |
|---|---|
| 401 | invalid or revoked x-api-key |
| 402 | insufficient credits — buy a package |
| 404 | check not found or belongs to another key |
| 422 | unsupported network or missing txId when kind=tx |
| 429 | rate limit exceeded |
Webhooks
When a check finishes, a POST with the result JSON is sent to webhookUrl. The signature is the X-AmlBridge-Signature header (HMAC-SHA256 of the body, secret from settings). A non-2xx response is retried 8 times with exponential backoff.
POST https://example.com/hook
X-AmlBridge-Signature: <hmac-sha256>
content-type: application/json
{ "id": "5f0c...", "status": "dirty", "riskScore": 0.68, "signals": { ... } }