7 min read
Overview
As cryptocurrencies continue to evolve, so does the craftiness of those who seek to exploit them. For Bitcoin, BNB Smart Chain, and Ethereum users, one of the biggest threats comes from malicious addresses that attempt to steal assets or carry out fraudulent transactions. How can you ensure that you don't fall prey to these schemes? MistTrack's QuickNode add-on can increase the security of your users in just a few clicks.
In this guide, you will learn how to analyze blockchain addresses on Ethereum, Bitcoin, BNB Smart Chain (BSC) and TRON networks using MistTrack, a QuickNode Marketplace add-on.
What You Will Need
- Basic understanding of programming and blockchain concepts
- A QuickNode account (create one for free here)
What You Will Do
- Learn about MistTrack
- Add the Address Risk Scores add-on by MistTrack to your QuickNode Endpoint
- Use the Address Risk Scores add-on to detect malicous addresses on Ethereum, Binance Smart Chain (BSC) and Tron
Dependencies Used in this Guide
Dependency | Version |
---|---|
node.js | 18.4 |
ethers.js | 6.4 |
What is MistTrack?
MistTrack, developed by SlowMist, is a dedicated anti-money laundering (AML) tracking tool designed specifically for mitigating cryptocurrency money laundering risks. Its primary goal is to democratize access to a crypto tracking and compliance platform, making these critical features available to all. You may be wondering how you can determine malicious addresses without the use of MistTrack, however, to gather, clean, test and analyze large amounts of blockchain data is no easy task. That's why MistTrack's system capabilities are impressive. It has gathered over 200 million addresses from various wallets on major global trading platforms, offering comprehensive intelligence data assistance for rigorous AML analysis and research. This data collection includes thousands of addresses associated with diverse entities, 100K Threat Intelligence addresses, and more than 90M addresses linked with malicious activities. Presently, MistTrack supports address investigation on Ethereum, BNB Smart Chain (BSC), and TRON networks. However, the list is set to expand, with additional networks in the pipeline.
The main features of MistTrack include:
AML Risk Score
The AML Risk Score feature is a tool that estimates the risk level of an address holder by scrutinizing its transaction history and comparing it with SlowMist's rogue wallet database. Addresses linked to high-risk entities or those that have transacted with them are given elevated risk scores. This empowers you to scrutinize the risk profile of each wallet address, much like an expert compliance officer would, and assess if the wallet potentially harbors unlawful funds.
Address Labels
The Address Labels feature serve as an identification tool, helping to recognize entities like Coinbase or Binance associated with an address. They can also discern various labels both on-chain and off-chain such as ENS, MEV Bots, and DeFi Whales, as well as pinpoint the wallet type such as MetaMask.
Transaction Analysis
Blockchain explorers can be a tedious process. MistTrack makes things easier by analyzing and compiling all past transactions of an address into an easily understood format.
Favorites & Monitoring
The Favorites & Monitoring feature allows users to bookmark and collect data from addresses. The information is kept private and only accessible by the user.
Investigations
The system displays a comprehensive graph of all transactions associated with an address. This graph can be filtered and sorted for important information, enabling users to visualize and monitor transaction connections effectively.
For the purpose of this guide, we'll be covering the Address Labels and AML Risk Score features which are apart of the Address Risk Scores add-on by MistTrack.
Enable the MistTrack Add-on on Your QuickNode Endpoint
Now that we know more about MistTrack, let's get into the technical demonstration.
First, we'll need a QuickNode endpoint that has access to either Ethereum mainnet, Bitcoin or Binance Smart Chain (mainnet). For the purpose of this tutorial, we'll show you how by using an Ethereum mainnet endpoint, however, the same steps are applicable to other supported chains as well.
Then, we'll need to add the MistTrack add-on to our endpoint. You can do this during the endpoint creation process or after by going to the Add-ons tab on your Endpoint's page and clicking Explore on the Address Risk Scores add-on.
Once your add-on is enabled, you will see it on the Add-ons tab:
You'll notice that the add-on shows "2 / 2 Active RPC Methods" this is referring to the mt_addressRiskScore
and mt_addressLabel
methods which we will get into in the next section.
Also note that with the add-on enabled, you will also have access to MistTrack's dashboard. Just click on the ellipses on the right side of the add-on and click Dashboard.
Analyzing Addresses with MistTrack
As mentioned above, QuickNode supports the mt_addressRiskScore
and mt_addressLabel
Address Risk Scores RPC methods. Let's learn more about them before writing code.
The mt_addressRiskScore
method returns an Anti-Money Laundering (AML) risk score for a wallet address. It is a value that’s assigned to an address based on their interactions on the blockchain utilizing our partner’s intelligence database. It provides users with an insight into the level of suspicious activity of that wallet. It can help determine if an address is managed by crypto exchanges, sanctioned entities, darknet markets, or mixers, as well as whether the address was engaged in illicit activities.
The mt_addressLabel
method helps customers fetch labels associated with a wallet address. Addresses are labeled to assist users to distinguish between different types of addresses on the blockchain. These labels help users distinguish between exchanges, MEV bots, crypto whales, smart contracts, and more.
Now, let's test the methods to see their responses. We'll demonstrate using cURL and a popular web3 library such as Ethers.js.
- cURL
- Ethers.js
Navigate to your terminal window and paste one of the following commands below. You'll need to update the YOUR_QUICKNODE_HTTP_PROVIDER_URL
placeholder with your actual QuickNode credentials. If you want to test on your own Ethereum address (mainnet), update it now.
- mt_addressRiskScore
- mt_addressLabel
curl YOUR_QUICKNODE_HTTP_PROVIDER_URL \
--header 'Content-Type: application/json' \
--data '{
"jsonrpc": "2.0",
"id": 1,
"method": "mt_addressRiskScore",
"params": [
{
"chain": "ETH",
"address": "0x9225ce4129f21ae0369a21f8c056c70a7d31e831"
}
]
}'
Make the request and you'll see a response similar to:
{
"jsonrpc": "2.0",
"result": {
"score": 52,
"hacking_event": "",
"detail_list": [
"Interact With Suspected Malicious Address",
"Interact With High-risk Tag Address",
"Interact With Medium-risk Tag Addresses"
],
"risk_level": "Moderate"
},
"id": 1
}
curl YOUR_QUICKNODE_HTTP_PROVIDER_URL \
--header 'Content-Type: application/json' \
--data '{
"jsonrpc": "2.0",
"id": 1,
"method": "mt_addressLabel",
"params": [
{
"chain": "ETH",
"address": "0xd551234ae421e3bcba99a0da6d736074f22192ff"
}
]
}'
Make the request and you'll see a response similiar to:
{"jsonrpc": "2.0", "result": {"label_list": ["Binance", "hot"], "label_type": "exchange"}, "id": 1}
To do the same process with JavaScript and Ethers.js, follow the steps below:
Step 1: Create and initialize an npm project with a blank index.js
file:
mkdir addressScores && cd addressScores && npm init --y && echo > index.js
Step 2: Install required dependencies such as Ethers.js (v6):
npm i ethers
Step 3: Open the index.js
file and input one of the following code examples:
- mt_addressRiskScore
- mt_addressLabel
const ethers = require("ethers");
(async () => {
const provider = new ethers.JsonRpcProvider("YOUR_QUICKNODE_HTTP_PROVIDER_URL");
const response = await provider.send("mt_addressRiskScore", [{"chain": "ETH", "address": "0x9225ce4129f21ae0369a21f8c056c70a7d31e831"}]);
console.log(response);
})();
const ethers = require("ethers");
(async () => {
const provider = new ethers.JsonRpcProvider("YOUR_QUICKNODE_HTTP_PROVIDER_URL");
const response = await provider.send("mt_addressLabel", [{"chain": "ETH", "address": "0xd551234ae421e3bcba99a0da6d736074f22192ff"}]);
console.log(response);
})();
Update the placeholder YOUR_QUICKNODE_HTTP_PROVIDER_URL
with your actual QuickNode credentials. If you want to inspect a different address, update it also.
Step 4: Run the code with the following command:
node index.js
You'll see a similiar output to the cURL response.
mt_addressLabel response:
mt_addressRiskScore response:
For more insight into risk scores or what each description within the detail_list
response field, check out these resources: Risk Descriptions for detail_list
and Risk Levels Explained. You can also take a look at the full QuickNode Add-on Docs.
Now that you know how to make requests with cURL and Node.js, you are equipped with skills to build something like a React dashboard for investigating addresses.
Final Thoughts
That's it! You now know how to use the Address Risk Scores add-on by MistTrack to detect malicous addresses on several blockchain networks. If you're stuck, have questions, or just want to talk shop, drop us a line on Discord or Twitter!
We ❤️ Feedback!
Let us know if you have any feedback or requests for new topics. We'd love to hear from you.