Stelo's risk engine evaluates the risk of every transaction and signature and surfaces malicious patterns, addresses, and URLs. Even if the transaction isn't obviously malicious, it includes risk factors that a user should be aware of - like when interacting with a newly deployed contract.

Understanding risk analysis results

The transaction and signature endpoints return a RiskResult object (type description here) containing

  • A risk score.
    • HIGH means it is highly likely to be malicious
    • MEDIUM means there is some risk
    • LOW means it is most likely safe
  • A list of RiskFactor objects. Each risk factor contains
    • A name string. Based on this field, different risk factors can be handled differently.
    • A score from 1-10 where 1 represents the least risky and 10 the most risky.
    • A text field to explain the risk factor to users.
    • A subtext field as optional additional explanation.

Recommended implementation

We recommend adding friction in your product for transactions or signatures with a HIGH risk score to deter users from proceeding. We also recommend showing one or more risk factor explanations so that users understand why they're recommended not to proceed. We return a score with each risk factor so you can sort by score and only show the most severe risk factor.