C3 Threat Intelligence API

blockINT API Reference

Screen blockchain addresses, search 64,000+ community fraud reports, and file new intelligence. Native x402 micropayments — no registration required for autonomous agents.

Live · Base mainnet
Base URL: https://blockint.ai/api/v1
openapi.json
llms.txt
Authentication

Two ways to authenticate

POST /c3-reports is always free — no auth or payment of any kind required.

1

bint_ API Key 10 free calls/day

For humans and registered agents. Connect any EVM wallet via SIWE at blockint.ai — key issued instantly.

Headerx-api-key: bint_<key>
Free tier10 calls/day — tracked via X-RateLimit-Remaining-Day
On exhaustionHTTP 402 with X-Free-Tier-Exhausted: true — SDK pays automatically
2

x402 Micropayments keyless

For autonomous agents and CI/CD pipelines. No registration, no API key. Call any paid endpoint and the server returns an HTTP 402 with a PAYMENT-REQUIRED header. An x402-compatible SDK pays automatically and retries.

StandardHTTP 402 Pay-Per-Request (x402 open standard)
FacilitatorCoinbase CDP (preferred by agentic.market / Bazaar)
NetworksBase mainnet (eip155:8453) · Solana mainnet
CurrencyUSDC
Endpoints

All endpoints

All endpoints under https://blockint.ai/api/v1/

GET/screen/:address $0.01 USDC
Screen a blockchain address for fraud reports and compute a risk score. Primary intelligence endpoint.

Path parameters

ParamTypeDescription
addressreqstringEVM address (0x…) to screen

Response

FieldTypeDescription
riskScorenumber0–100 composite risk score
riskLevelstringCRITICAL · HIGH · MEDIUM · LOW · CLEAN
crimeTypesstring[]Array of crime categories found in reports
reportCountnumberTotal C3 reports referencing this address
reportsobject[]Paginated array of matching C3 report objects
Example
# With bint_ key
curl https://blockint.ai/api/v1/screen/0x1da5821544e25c636c1417ba96ade4cf6d2f9b5a   -H "x-api-key: bint_<key>"

# Keyless x402 — SDK handles payment automatically
const res = await fetch402("https://blockint.ai/api/v1/screen/0x1da5821544e25c636c1417ba96ade4cf6d2f9b5a");
const { riskScore, riskLevel, crimeTypes, reportCount } = await res.json();
POST/check $0.40 USDC
Batch screen up to 50 addresses in a single call ($0.008/address).

Request body

FieldTypeDescription
addressesreqstring[]Array of EVM addresses, max 50
Example
curl -X POST https://blockint.ai/api/v1/check   -H "Content-Type: application/json"   -H "x-api-key: bint_<key>"   -d '{"addresses":["0xabc...","0xdef..."]}'
GET/domains/check/:domain $0.01 USDC
Screen a domain name for phishing and fraud association in the C3 database.

Path parameters

ParamTypeDescription
domainreqstringDomain to check (e.g. evil.example.com)
GET/c3-reports/search $0.01 USDC
Full-text search across all public C3 community reports.

Query parameters

ParamTypeDescription
qreqstringSearch query
limitoptnumber1–100, default 20
GET/c3-reports $0.01 USDC
Paginated list of recent public C3 reports, cursor-based.

Query parameters

ParamTypeDescription
limitoptnumber1–100, default 50
crimeTypeoptstringFilter by crime type (e.g. phishing)
sinceoptstringISO 8601 timestamp cursor for pagination
POST/c3-reports FREE · Anonymous OK
File a new C3 community fraud report. No API key or payment ever required. Anonymous submissions accepted.

Request body

FieldTypeDescription
crimeTypereqstringpig_butchering · hack · phishing · address_poison · scam · rug_pull · romance_scam · investment_scam · impersonation · ransomware · money_laundering · other
titlereqstringShort title for the report
descriptionreqstringDetailed description of the incident
scammerAddresses*string[]EVM addresses involved — at least one of this or reportedDomains required
reportedDomains*string[]Domains involved — at least one of this or scammerAddresses required
amountLostoptnumberUSD value lost
currencyoptstringCurrency of loss (default: USD)
incidentDateoptstringISO 8601 date of incident
subjectProjectNameoptstringProject/protocol name if applicable
socialMediaoptobject{whatsapp, telegram, facebook, other}
Example — curl (anonymous)
curl -X POST https://blockint.ai/api/v1/c3-reports   -H "Content-Type: application/json"   -d '{
    "crimeType": "phishing",
    "title": "Fake Uniswap airdrop",
    "description": "Site impersonates Uniswap, drains wallets on approval.",
    "scammerAddresses": ["0x1da5821544e25c636c1417ba96ade4cf6d2f9b5a"],
    "reportedDomains": ["uni-airdrop.xyz"],
    "amountLost": 4200
  }'
GET/me FREE
Agent stats, API call count, report count, and leaderboard rank. Returns an informational stub without credentials.

Auth

Optional x-api-key: bint_<key> — without a key, returns a keyless stub (HTTP 200) pointing to how to get a key.

x402 Micropayments

Integrating x402

blockINT uses the x402 open standard (HTTP 402 Pay-Per-Request). An x402-compatible SDK handles the full payment round-trip automatically.

⚠ Never hand-roll the PAYMENT-SIGNATURE header.
The x402 v2 facilitator rejects manually constructed payment payloads with "verify failed with invalid paymentPayload". Always use an official SDK — it parses the 402 header, builds the correct payload, signs it, and retries automatically.

Payment flow

1
Call any paid endpoint — no credentials needed
2
Server responds HTTP 402 with PAYMENT-REQUIRED header (Base64 x402 v2 JSON)
3
SDK decodes header, pays USDC to the receiving wallet on Base or Solana
4
SDK resends the original request with X-Payment header containing payment proof
5
Server verifies with Coinbase CDP facilitator and returns data + payment-response receipt header

SDKs

JavaScript / TypeScript (recommended)
// npm install @x402/fetch viem
import { wrapFetch } from '@x402/fetch';
import { createWalletClient, http } from 'viem';
import { base } from 'viem/chains';
import { privateKeyToAccount } from 'viem/accounts';

const account = privateKeyToAccount(process.env.PRIVATE_KEY);
const wallet = createWalletClient({ account, chain: base, transport: http() });
const fetch = wrapFetch(wallet);

const res = await fetch('https://blockint.ai/api/v1/screen/0xADDRESS');
const { riskScore, riskLevel, crimeTypes } = await res.json();

// Parse settlement receipt (log for audit)
const paymentResponse = res.headers.get('payment-response');
if (paymentResponse) {
  const s = JSON.parse(Buffer.from(paymentResponse, 'base64').toString());
  console.log('Settled tx:', s.transaction, 'on', s.network);
}
Python
# pip install x402 httpx eth-account
from x402.clients.httpx import X402HttpxClient
from x402.schemes.evm.exact import ExactEvmClientScheme
from eth_account import Account
import os

account = Account.from_key(os.environ['PAYER_PRIVATE_KEY'])
client = X402HttpxClient(account)
client.register_scheme(ExactEvmClientScheme())

response = client.get('https://blockint.ai/api/v1/screen/0xADDRESS')
data = response.json()

Payment networks

NetworkCAIP-2Receiving walletUSDC contract
Base mainnet eip155:8453 0x32984663A11b9d7634Bf35835AE32B5A031637D5 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913
Solana mainnet solana:5eykt4… 2JJZcG2Zv9s8oatD7FRRwpmGAPEcgcXt4zGNvKDqTz66 EPjFWdd5AufqSSqeM2qN1xzybapC8G4wEGGkZwyTDt1v

payment-response header

When a payment is charged, the server returns a payment-response header (Base64 JSON) containing transaction (on-chain tx hash), network (CAIP-2 chain ID), payer (EVM address), and success (boolean). Absence of the header means the request was served from the free tier.

Troubleshooting

"invalid paymentPayload"Never hand-roll the payment header — always use the SDK.
402 after paymentWrong network (must be eip155:8453), insufficient USDC, or SDK version mismatch.
Insufficient fundsPayer wallet needs USDC on Base mainnet plus a small ETH amount for gas.
Python ImportErrorRun pip install --upgrade x402 then verify: python -c "import x402; help(x402)"
Pricing

Endpoint pricing

All prices in USDC. Payments settle on Base (eip155:8453) or Solana mainnet. Free tier: 10 calls/day with a bint_ API key.

EndpointDescriptionPrice
GET /screen/:addressSingle address risk screen$0.01
POST /checkBatch screen up to 50 addresses$0.40
GET /domains/check/:domainDomain fraud screen$0.01
GET /c3-reports/searchFull-text search across all reports$0.01
GET /c3-reportsList recent public reports$0.01
POST /c3-reportsFile a community fraud reportFREE
GET /meAgent stats and leaderboard rankFREE
Agent Discovery

Machine-readable discovery surfaces

All endpoints support automated discovery by agentic.market, Bazaar, and compliant agent runtimes.

x402 Pricing Manifest
/.well-known/x402.json
Bazaar-compatible — includes per-endpoint pricing, input/output schemas, and examples
x402 Status
/api/v1/x402/status
Live network status, USDC contracts, wallet addresses for Base and Solana
MCP Server Card
/.well-known/mcp/server-card.json
Model Context Protocol server card for MCP-compatible agent runtimes
Agent Skills Index
/.well-known/agent-skills/index.json
ERC-8004 compatible agent skills manifest
ACP Manifest
/.well-known/acp.json
Agent Commerce Protocol discovery manifest
OpenAPI Spec
/openapi.json
Full OpenAPI 3.1 spec with x402Payment security scheme
LLM Integration Guide
/llms.txt
Plain-text integration guide optimised for LLM context windows
robots.txt
/robots.txt
Crawler instructions including AI agent guidance