Time	Status	User Agent
Retrieving recent requests…

Overview

Use this method to perform a standalone wallet attribution lookup.

The endpoint searches for attribution data across multiple sources, including the Sumsub Wallet Address Book, external blockchain analytics providers, and BYOK (Bring Your Own Key) providers, if enabled on your account.

When a match is found, the response returns the attributed entity details, such as the VASP name and type, associated risk tags, and the source that provided the match.

Request example

curl -X POST \
  'https://api.sumsub.com/resources/api/wallet-attribution' \
  -H 'Content-Type: application/json' \
  -H 'X-App-Token: <your-app-token>' \
  -H 'X-App-Access-Sig: <your-signature>' \
  -H 'X-App-Access-Ts: <unix-timestamp>' \
  -d '{
        "walletAddress": "0x1234567890abcdef1234567890abcdef00000000",
        "cryptoChain": "ETH",
        "currencyCode": "USDT",
        "contractAddress": "0xdac17f958d2ee523a0000000000000c13d831ec7"
      }'

Response explained

The response is a JSON object containing the wallet attribution result. If a match is found, the response includes details about the attributed entity.

The following table explains the fields of the response body.

Field	Type	Description
`found`	Boolean	Indicates whether the wallet address was successfully attributed (`true`) or not (`false`). ⚠️ When `"found": false`, the response contains no other fields.
`source`	Enum (string)	The data source that provided the attribution match. Possible values: `walletAddressBook`, `crystal`, `merkle`, `chainalysis`, `code`, `gtr`, `elliptic`, `arkham`, `sygna`.
`vaspId`	String	Unique identifier of the attributed VASP in the Sumsub system.
`name`	String	Name of the attributed entity (for example, VASP or service name).
`url`	String	Official website URL of the attributed entity.
`type`	Enum (string)	Type of the attributed VASP. Possible values are the following: `cexLicensed` — Centralized exchange operating under a regulatory license. `cexUnlicensed` — Centralized exchange operating without a regulatory license. `p2pLicensed` — Licensed peer-to-peer (P2P) exchange platform. `p2pUnlicensed` — Peer-to-peer (P2P) exchange platform without licensing. `wallet` — Wallet service provider (custodial or non-custodial). `payment` — Payment processor or merchant service provider. `atm` — Cryptocurrency ATM or kiosk operator. `cryptoCustodian` — Institutional crypto custodian services. `otc` — Over-the-counter trading desk. `other` — Other type not covered by the categories above.
`riskTags`	Array of enum strings	Risk tags associated with the attributed entity. Possible values are the following: `childExploitation` — Operates via darknets and is suspected of child abuse and exploitation. `darkMarket` — Operates via darknets and is used for trading illegal products for cryptocurrency. `darkService` — Operates via darknets and offers illegal services for cryptocurrency. `enforcementAction` — Subject to legal or regulatory enforcement actions. `fraudulentExchange` — Exchange involved in illegal activity. `gambling` — Associated with gambling activities involving cryptocurrency. `illegalService` — Offers illegal services or engaged in illegal activities. `ransomware` — Entity associated with ransomware attacks or cryptocurrency-based extortion. `sanctions` — Listed on one or more sanctions lists. `scam` — Entity that has scammed the customers and taken possession of their cryptocurrency. `stolenFunds` — Entity that has obtained cryptocurrency through hacking or theft. `terrorismFinancing` — Operates via darknets and involved in terrorism financing with cryptocurrency. If no risk tags are associated, `riskTags` is returned as an empty array.

Response examples

If the request is successfully sent and processed, you will get a response like one of the following:

// In this example, the wallet address was successfully attributed.

{
  "found": true,
  "source": "crystal",
  "vaspId": "65a1b2c3d4e5f60000000000",
  "name": "Attributed_Entity_Name",
  "url": "https://www.attributed_entity.com",
  "type": "cexLicensed",
  "riskTags": []
}

// In this example, the wallet address could not be attributed.

{
  "found": false
}

If the request fails, you will receive an HTTP response containing an error code along with a message explaining the error. For example:

{
  "code": 403,
  "correlationId": "1a102d01f23c15eb0f7a05ce8f556b74",
  "description": "You don't have this feature enabled, please contact us"
}