Stelo's risk engine evaluates the risk of every transaction and signature and surfaces malicious patterns, addresses, and URLs. Even if the transaction isn't obviously malicious, it includes risk factors that a user should be aware of - like when interacting with a newly deployed contract.
Understanding risk analysis results
The transaction and signature endpoints return a RiskResult
object (type description here) containing
- A risk score.
HIGH
means it is highly likely to be maliciousMEDIUM
means there is some riskLOW
means it is most likely safe
- A list of
RiskFactor
objects. Each risk factor contains- A
name
string. Based on this field, different risk factors can be handled differently. - A
score
from 1-10 where 1 represents the least risky and 10 the most risky. - A
text
field to explain the risk factor to users. - A
subtext
field as optional additional explanation.
- A
Recommended implementation
We recommend adding friction in your product for transactions or signatures with a HIGH
risk score to deter users from proceeding. We also recommend showing one or more risk factor explanations so that users understand why they're recommended not to proceed. We return a score with each risk factor so you can sort by score and only show the most severe risk factor.