🛡️Bot Shield
Bot Shield leverages Wallet Intelligence to protect your application from bot activity by flagging suspicious wallet behavior. By analyzing specific transaction patterns such as high transaction velocity, timed or continuous transactions, and suspicious wallet networks, developers can identify wallets likely to be bots. This allows you to block these flagged wallets from participating in certain events or features, or create friction for them, ensuring a more secure and genuine user experience.
Web3 developers can use Bot Shield in various instances to maintain platform integrity:
- Upon Wallet Login: Immediately analyze the wallet using the botWarning field and transaction patterns to flag any suspicious activity before granting access.
- Before Critical Transactions: Check wallets for bot indicators before allowing high-value or sensitive transactions to ensure they are performed by legitimate users.
- During User Registration: Evaluate new wallets during the registration process to prevent bots from creating accounts or accessing special offers.
- Before Participating in Events: Screen wallets prior to allowing participation in events, contests, or airdrops to ensure only genuine users take part.
- Regular Activity Monitoring: Continuously monitor wallet activities to identify and address suspicious behavior promptly, keeping the platform secure over time.
By leveraging these strategies, Web3 developers can effectively manage and mitigate bot activity, ensuring that real contributors derive the most value from your platform, enhancing security, reducing fraudulent activities, and fostering a more engaged and loyal user base.
Instructions
The bot classification provided by Thirdwave's Wallet Intelligence API functions similarly to a spam filter. While it is a powerful tool designed to identify and flag suspicious activity with high accuracy, it is not infallible. False positives and false negatives may occasionally occur due to the complex and evolving nature of bot behavior.
Guidance:
- False Positives: Some legitimate users may be incorrectly flagged as bots. To mitigate this, rather than outright rejecting these users, consider implementing additional verification steps such as CAPTCHA, email, and phone number verification. This adds a layer of friction that helps to differentiate genuine users from bots without disrupting the user experience.
- Continuous Improvement: Our bot detection algorithms are continually refined and improved based on new data and patterns. Staying updated with the latest API versions and best practices will help you maintain optimal detection accuracy.
By understanding these nuances, you can better leverage the bot detection capabilities of our API, enhancing your platform's security while ensuring a smooth experience for your legitimate users.
Step 0: User connects new wallet (example: 0x828d3fff01cf78c96495ab1bd2c1e1b1b2384a9a) to your application.
Step 1: Obtain API Key
- Before making any requests to our API, ensure you have an API key. If you don't have one, you can obtain it for free by registering on our platform and generating an API key in your account settings.
Step 2: Construct the API Request
- Use the endpoint URL
https://api.thirdwavelabs.com/evm/wallets/{account}, replacing{account}with the blockchain wallet address you want to check. - Set the request method to GET.
Step 3: Set Headers
- Include the
X-Api-Keyheader in your request with your API key as the value.
Step 4: Send the Request
- Execute the request using your preferred method, such as curl or HTTP request library in your programming language of choice.
curl -s
--request GET 'https://api.thirdwavelabs.com/evm/wallets/0x828d3fff01cf78c96495ab1bd2c1e1b1b2384a9a'
--header 'X-Api-Key: YOUR_API_KEY'
Step 5: Receive and Interpret the Response
- Upon receiving the response from the API, parse the data to extract the relevant information.
- Look for the
botWarningfield in the response object. If the value istrue, it indicates that the wallet is classified as a potential bot. If the value isfalse, the wallet is not classified as a potential bot. Atrueresponse is returned when any 1 or more of thetransactionPatterns=true.
{
"data": {
"address": "0x828d3fff01cf78c96495ab1bd2c1e1b1b2384a9a",
"balance": 453.83,
"botWarning": false,
"engagementScore": 95,
"firstSeenAt": "2021-02-11T19:51:10.000Z",
"hodlerScore": 95,
"outboundTransactionCount": "973",
"outboundTransactionValue": 445014.864936489,
"transactionPatterns": [
{
"key": "CONTINUOUS",
"value": false
},
{
"key": "HIGH_VELOCITY",
"value": false
},
{
"key": "SUSPICIOUS_WALLET_NETWORK",
"value": false
},
{
"key": "TIMED",
"value": false
}
]
}
}
If the wallet address provided doesn't exist, wasn't in the correct format, or is not on a supported chain, the response for that entry will be null.
Step 6: Additional Information
- You can also review the transactionPatterns object in the response for more detailed insights into specific transaction patterns detected.
- High Transaction Velocity - Spot bots through analysis of unnaturally high transaction rates.
- Timed Transactions - Detect bots by observing consistent, timed activities.
- Continuous Transactions - Classifies uninterrupted and perpetual engagement, distinguishing genuine user interactions from automated engagements, bolstering platform security against disruptive bot activities.
- Suspicious Funding Network - Identify bots through their initial funding patterns, even with minimal or no transaction history.
- If the wallet address provided doesn't exist, wasn't in the correct format, or is not on a supported chain, the response for that entry will be null.
Outcome
By following these steps, you can easily determine whether a wallet is classified as a potential bot or not using Thirdwave's Wallet Intelligence API. To foster a better community where real contributors to the community harvest the most value, block users identified from bots from participating in certain in-app activities, or simply create friction for suspicious looking wallets with tools like Captcha.