Stelo's risk engine evaluates the risk of every transaction and signature and surfaces malicious patterns, addresses, and URLs. Even if the transaction isn't obviously malicious, it includes risk factors that a user should be aware of - like when interacting with a newly deployed contract.
Understanding risk analysis results
The transaction and signature endpoints return a RiskResult object (type description here) containing
- A risk score.
HIGHmeans it is highly likely to be maliciousMEDIUMmeans there is some riskLOWmeans it is most likely safe
- A list of
RiskFactorobjects. Each risk factor contains- A
namestring. Based on this field, different risk factors can be handled differently. - A
scorefrom 1-10 where 1 represents the least risky and 10 the most risky. - A
textfield to explain the risk factor to users. - A
subtextfield as optional additional explanation.
- A
Recommended implementation
We recommend adding friction in your product for transactions or signatures with a HIGH risk score to deter users from proceeding. We also recommend showing one or more risk factor explanations so that users understand why they're recommended not to proceed. We return a score with each risk factor so you can sort by score and only show the most severe risk factor.