GRAPH-NATIVE AML.
ZERO FALSE
NEGATIVES.
Real-time taint propagation across EVM and TRON. Sanctions screening, cashout detection, and wallet risk scoring — built for compliance teams that cannot afford a miss.
Beyond blacklists.
Graph-native AML.
Most tools check a static list. TrustSniffer traces the full money flow — scoring every wallet by how much tainted value reached it, through how many hops, and at what dilution. The result is a bounded, auditable probability, not a binary flag.
- 1 Sanctions mirror — Real-time USDT/USDC freeze event ingestion from EVM and TRON contracts.
- 2 Taint propagation — Forward BFS from sanctioned roots. Each hop decays by γ=0.55; value share haircut prevents dust poisoning.
- 3 Cash-out detection — CEX deposit alerts, DEX commingling flags, mixer exposure — all emitted as structured, auditable signals.
score = 1 − Π(1 − cᵢ) · cᵢ = decay(γ,hop) · share(v,u) ▌
The Risk Band
Every wallet resolves to one of five bands. Bands are derived from the noisy-OR probability score (0–100) and the presence of hard sanctions hits.
No taint above noise floor
Indirect exposure, low share
Significant taint path
High-confidence exposure
Funds frozen on-chain
Taint stops where it should
The engine classifies every node before propagating through it. Fungibility venues never poison their counterparties.
Built for enterprise compliance
Single endpoint.
Sub-millisecond response.
Integrate wallet risk screening into your compliance pipeline in minutes. Known addresses resolve from LMDB in under 1ms. Unknown addresses trigger a non-blocking cold-lookup and return a provisional verdict immediately.
- Structured JSON — band, score, signals, taint paths
- Webhook delivery for cashout alerts
- JWT multi-tenant auth with per-tenant quotas
- EVM and TRON address formats supported
How the scoring works
Scoring model — contribution() and noisy-OR
Each tainted predecessor contributes cᵢ = (T(u)/100) · decay(hop) · valueShare(v,u) · temporal(age).
Multi-path aggregation uses noisy-OR: P(v) = 1 − Π(1 − cᵢ) — bounded in [0,1], monotonic, order-independent, and auditable.
Contributions below C_MIN=0.02 are pruned (noise floor). This prevents dust-poisoning attacks where an attacker sends tiny amounts from a sanctioned wallet to inflate clean wallet scores.
Hop decay and value-share haircut
decay(hop) = γ^(hop−1) where γ=0.55. At hop 1: 1.0. At hop 2: 0.55. At hop 3: 0.30. Hard cut at hop 4.
Value share: share = receivedFromSource / totalReceived. Shares below 0.5% (SHARE_FLOOR) are treated as dust and contribute zero — defeating dust-poisoning attacks.
Storage architecture — LMDB + Bloom filter
Verdicts are stored in an off-heap LMDB memory-mapped store — microsecond reads, GC-immune, crash-safe. A Bloom filter (5M capacity, 1% FP rate) acts as a negative cache: if an address is not in the filter, it is provably CLEAR with zero LMDB access.
CLEAR addresses are never stored. Absence equals CLEAR. The store grows proportional to fraud, not chain volume.
Durability: wallet_risk.jsonl and edges.jsonl provide append-only restart replay. The full index can be rebuilt from these files at any time.
Chain coverage and freshness guarantees
Mirrored (authoritative): Ethereum, TRON — live event ingestion from USDT/USDC freeze contracts.
Live-verified on miss: Polygon, Arbitrum, Optimism, Base, Avalanche — cold-lookup RPC verification with a non-blocking queue.
Worker liveness is tracked via heartbeat. When workers are stale, the API degrades gracefully: cache misses trigger live RPC verification rather than returning a false CLEAR.
Global Blacklist & Sanctions Tracker
Real-time visibility into USDT and USDC freezes, burns, and unbans across EVM and TRON — powered by our sub-millisecond sync engine and dedicated compliance workers.
Screen your first wallet in seconds.
No setup required. Enter any EVM or TRON address and receive a full risk verdict with taint path provenance.