You can test the API endpoints in this document on our Swagger API page.
To begin using the SkyInsights API, please visit our Contact page to connect with a CertiK representative and obtain access credentials. Once issued, your API Key must be kept secure and never shared in public channels or with unauthorized parties.
Base Information
Base URL
https://api.skyinsights.certik.com/v4Authentication
Required Request Headers
To authenticate a request, include the following two headers with valid credentials:
| Header Field | Description | Example Value |
|---|---|---|
| X-API-Key | Unique identifier for the customer's API access | hubbuxihpvznyrdfpsosmkghgegvdavn |
| X-API-Secret | Secret key paired with the API Key for secure authentication | TTYAVYAZJYABBTLDHHPEBVDPRFRRCDMY |
Authentication Failure Consequences
Missing, invalid, or expired X-API-Key or X-API-Secret will result in a 401 Unauthorized error (see Section Errors for details).
Credentials that have been revoked by CertiK (e.g., due to non-compliance with terms of service) will also trigger a 401 Unauthorized error.
Universal Response Format
All API endpoints follow this top-level response structure. Only the data field varies by endpoint:
| Top-Level Field | Type | Description |
|---|---|---|
| code | Number | Status code:
|
| message | String | Human-readable outcome (e.g., "success", "invalid chain") |
| data | Null/Object/Array | Business-specific response content (only returned on success; structure varies by endpoint) |
Success Response Template
JSON
{
"code": 200,
"message": "success",
"data": {
// Endpoint-specific content
}
}Error Response Template
JSON
{
"code": 400,
"message": "invalid chain",
"data": null
}API Endpoints
kya/labels
Summary
The kya/labels endpoint provides detailed insights into blockchain address labeling. It returns both entity and behavior labels for a given address on a specified chain.
This allows users to:
- Identify the type of entity associated with an address.
- Understand behavioral patterns linked to the address.
- Evaluate the address's risk level based on its assigned labels.
Request
HTTP Method: GET
Endpoint Path: /kya/labels
- Query Parameters:
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
| chain | String | No | Name of the target blockchain (must be a supported chain—see Section Supported Chains) | eth, btc, bsc |
| address | String | Yes | Valid blockchain address to retrieve labels for | 0x1234567890abcdef1234567890abcdef12345678 |
Response (Data Structure)
data is an object type, the specific structure is as follows:
| Field | Type | Presence | Description |
|---|---|---|---|
| chain | String | Always | Matches the chain parameter in the request |
| address | String | Always | Matches the address parameter in the request |
| entity_id | String | Conditional | Only returned if the address is associated with a specific entity |
| labels | Array<Object> | Always | Behavior labels & entity labels |
| -chain | String | Always | |
| -address | String | Always | |
| -category | String | Always | |
| -sub_category | String | Always | |
| -label | String | Always |
Example Code
REQUEST CODE
Shell
curl -X GET "https://api.skyinsights.certik.com/v4/kya/labels?chain=btc&address=bc1q8yja3gw33ngd8aunmfr4hj820adc9nlsv0syvz" \ -H "X-API-Key: YOUR_API_KEY" \ -H "X-API-Secret: YOUR_API_SECRET"RESPONSE DATA
JSON
{
"code": 200,
"message": "success",
"data": {
"chain": "btc",
"address": "bc1q8yja3gw33ngd8aunmfr4hj820adc9nlsv0syvz",
"entity_id": "KuCoin",
"labels": [
{
"chain": "btc",
"address": "bc1q8yja3gw33ngd8aunmfr4hj820adc9nlsv0syvz",
"category": "Cefi",
"sub_category": "CEX",
"label": "KuCoin Hot Wallet",
}
]
}
}REQUEST CODE
Shell
curl -X GET "https://api.skyinsights.certik.com/v4/kya/labels?chain=eth&address=0x0621160a25a17b7735ce7641fce5d24798c0a039" \ -H "X-API-Key: YOUR_API_KEY" \ -H "X-API-Secret: YOUR_API_SECRET"RESPONSE DATA
JSON
{
"code": 200,
"message": "success",
"data": {
"chain": "eth",
"address": "0x0621160a25a17b7735ce7641fce5d24798c0a039",
"labels": [
{
"chain": "eth",
"address": "0x0621160A25A17B7735Ce7641fCe5D24798C0a039",
"category": "Hack",
"sub_category": "Contract Exploit",
"label": "Layer2DAO Exploit",
}
]
}
}kya/risk
Summary
The kya/risk endpoint offers a risk assessment for a specific blockchain address. It analyzes the address's historical activity and associated labels to determine its overall risk level on a given chain.
Request
HTTP Method: GET
Endpoint Path: /kya/risk
- Query Parameters:
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
| chain | String | Yes | Name of the target blockchain (must be a supported chain—see Section Supported Chains) | eth, btc, bsc, multi-chain |
| address | String | Yes | Valid blockchain address | 0x1234567890abcdef1234567890abcdef12345678 |
Response (Data Structure)
The data type of the top-level data field varies based on the chain parameter in the request:
- data is an object that contains risk details of the address on that single chain.
- When multi-chain is specified in the request: data is an array, where each element represents the risk details of the address on one supported chain.
| Field | Type | Presence | Description |
|---|---|---|---|
| chain | String | Always | Matches the chain parameter in the request |
| address | String | Always | Matches the address parameter in the request |
| risk_level | String | Always | High, Medium, Low, None |
| risk_score | Number | Always | 0-5 |
| risk_reasons | Array<String> | Always |
Example Code
REQUEST CODE
Shell
curl -X GET "https://api.skyinsights.certik.com/v4/kya/risk?chain=eth&address=0x0621160a25a17b7735ce7641fce5d24798c0a039" \ -H "X-API-Key: YOUR_API_KEY" \ -H "X-API-Secret: YOUR_API_SECRET"RESPONSE DATA
JSON
{
"code": 200,
"message": "success",
"data": {
"chain": "eth",
"address": "0x0621160a25a17b7735ce7641fce5d24798c0a039",
"risk_level": "High",
"risk_score": 5,
"risk_reasons": [
"label: Hack/Contract Exploit"
]
}
}Example Code - Multi-Chain
REQUEST CODE
Shell
curl -X GET "https://api.skyinsights.certik.com/v4/kya/risk?chain=multi-chain&address=0x0621160a25a17b7735ce7641fce5d24798c0a039" \ -H "X-API-Key: YOUR_API_KEY" \ -H "X-API-Secret: YOUR_API_SECRET"RESPONSE DATA
JSON
{
"code": 200,
"message": "success",
"data": [
{
"chain": "eth",
"address": "0x0621160a25a17b7735ce7641fce5d24798c0a039",
"risk_level": "High",
"risk_score": 5,
"risk_reasons": [
"label: Hack/Contract Exploit"
]
},
{
"chain": "arb",
"address": "0x0621160a25a17b7735ce7641fce5d24798c0a039",
"risk_level": "High",
"risk_score": 5,
"risk_reasons": [
"label: Hack/Contract Exploit"
]
},
...
]
}kya/screening
Summary
The kya/screening endpoint lets you retrieve all transactions involving risky counterparties for a given chain and address, including both token transfers and native-coin transfers.
Request
HTTP Method: GET
Endpoint Path: /kya/screening
- Query Parameters:
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
| chain | String | Yes | Name of the target blockchain | eth, btc, bsc |
| address | String | Yes | Valid blockchain address | 0x1234567890abcdef1234567890abcdef12345678 |
| exposure | String | No | Optional parameter
| |
| direction | String | No | Optional parameter
| |
| type | String | No | Optional parameter
|
Response (Data Structure)
The data type of the top-level data field varies based on the chain parameter in the request:
- data is an object that contains screening results of the address on that single chain.
| Field | Type | Presence | Description |
|---|---|---|---|
| chain | String | Always | Matches the chain parameter in the request |
| address | String | Always | Matches the address parameter in the request |
| risk_level | String | Always | High, Medium, Low, None |
| risk_score | Number | Always | 0-5 |
| risk_reasons | Array<String> | Always | |
| counterparties | Array<Object> | Always | Address of the risky counterparties |
| -counterparty | String | Always | |
| -risk | Object | Always | Risk details |
| - -risk_level | String | Always | High, Medium, Low, None |
| - -risk_score | Number | Always | 0-5 |
| - -risk_reasons | Array<String> | Always | |
| -transactions | Array<Object> | Always | |
| - -tx_hash | String | Always | |
| - -block_number | Number | Always | |
| - -timestamp | Number | Always | |
| - -from | String | Always | |
| - -to | String | Always | |
| - -amount | Number | Always | |
| - -usd_value | Number | Conditional | Only EVM chains and BTC chain |
| - -symbol | String | Always | |
| - -type | String | Always | |
| - -fund_direction | String | Always | |
| - -exposure_type | String | Always |
Example Code - Single Chain
REQUEST CODE
Shell
curl -X GET "https://api.skyinsights.certik.com/v4/kya/screening?chain=eth&address=0x2782b70De7B99cEc2AD56Ff67b14fA269945Ce4b" \ -H "X-API-Key: YOUR_API_KEY" \ -H "X-API-Secret: YOUR_API_SECRET"RESPONSE DATA
JSON
{
"code": 200,
"message": "success",
"data": {
"chain": "eth",
"address": "0x2782b70De7B99cEc2AD56Ff67b14fA269945Ce4b",
"risk_level": "None",
"risk_score": 0,
"risk_reasons": [],
"counterparties": [
{
"counterparty": "0x2260fac5e5542a773aa44fbcfedf7c193bc2c599",
"risk": {
"risk_level": "Medium",
"risk_score": 4,
"risk_reasons": [
"label: Scam/Phishing"
]
},
"transactions": [
{
"tx_hash": "0x35afb3a16bab2b58d1505ce065e11be1f321f8dbb2ee782457a857379d59ab38",
"block_number": 23295644,
"timestamp": 1757060063,
"from": "0x19c3d81f77b3adea8235e874857752971cfbf6f4",
"to": "0x2260fac5e5542a773aa44fbcfedf7c193bc2c599",
"amount": 0,
"usd_value": 0,
"symbol": "ETH",
"type": "native",
"fund_direction": "outgoing",
"exposure_type": "indirect"
}
]
}
]
}
}kyt/risk
Request
HTTP Method: GET
Endpoint Path: /kyt/risk
- Query Parameters:
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
| chain | String | Yes | Name of the target blockchain (must be a supported chain—see Section Supported Chains) | eth, btc, bsc |
| txnHash | String | Yes | Valid blockchain txnHash |
Response (Data Structure)
data is an object type, the specific structure is as follows:
| Field | Type | Presence | Description |
|---|---|---|---|
| chain | String | Always | Matches the chain parameter in the request |
| txnHash | String | Always | Matches the txnHash parameter in the request |
| risk_level | String | Always | High, Medium, Low, None |
| risk_score | Number | Always | 0-5 |
| risk_reasons | Array<String> | Always |
Example Code
REQUEST CODE
Shell
curl -X GET "https://api.skyinsights.certik.com/v4/kyt/risk?chain=eth&txnHash=0xb0e50563d9f1b97065617fed560ed6553ba9667e81cc07e996023af473aad464" \ -H "X-API-Key: YOUR_API_KEY" \ -H "X-API-Secret: YOUR_API_SECRET"RESPONSE DATA
JSON
{
"code": 200,
"message": "success",
"data": {
"chain": "eth",
"txn_hash": "0xb0e50563d9f1b97065617fed560ed6553ba9667e81cc07e996023af473aad464"
"risk_level": "High",
"risk_score": 5,
"risk_reasons": [
"label: Mixer/Contract Mixer",
"label: Sanction/OFAC",
"label: Sanction/US:OFAC"
]
}
}Supported Chains
| Chain | Value in API | kya/labels | kya/risk | kya/screening | kyt/risk |
|---|---|---|---|---|---|
| Bitcoin | btc | Y | Y | Y | Y |
| Bitcoin Cash | bch | Y | Y | Y | |
| Litecoin | ltc | Y | Y | Y | Y |
| Solana | sol | Y | Y | Y | Y |
| Ethereum | eth | Y | Y | Y | Y |
| Polygon | polygon | Y | Y | Y | Y |
| Optimism | op | Y | Y | Y | Y |
| Arbitrum | arb | Y | Y | Y | Y |
| Avalanche | avax | Y | Y | Y | Y |
| Binance Smart Chain | bsc | Y | Y | Y | Y |
| Fantom | ftm | Y | Y | Y | Y |
| Tron | tron | Y | Y | Y | Y |
| Base | base | Y | Y | Y | |
| Blast | blast | Y | Y | Y | |
| Scroll | scroll | Y | Y | Y | |
| Linea | linea | Y | Y | Y | |
| Sonic | sonic | Y | Y | Y | |
| Kaia | kaia | Y | Y | Y | |
| World Chain | world_chain | Y | Y | Y | |
| Unichain | unichain | Y | Y | Y | |
| Polygon zkEVM | polygon_zkevm | Y | Y | Y |
Errors
When an error is encountered, you will receive an HTTP status code along with a message and error code in the body of your query response. We use the following status codes for errors:
| Code | Meaning |
|---|---|
| 200 | Information is found and returned properly |
| 400 | Invalid request |
| 401 | Unauthorized error |
| 402 | Payment Required |
| 403 | Server Forbidden |
| 429 | API Rate-limited |
| 500 | Internal server error |