




















Deterministic wallet risk scoring built for crypto-native compliance teams. Your first analysis is free. Open the desk →
Explainable onchain risk briefings
CredScore turns raw wallet activity into a structured analyst briefing: risk tier, decision posture, key signals, and entity context in one view. Every score is traceable back to the behavior that drove it. No black box, no hand-waving.
First analysis is free. No credit card.
Deterministic scoring
Full audit trail
5 EVM chains
Free first analysis
Turn raw wallet activity into a usable briefing with clear risk framing and supporting context.
See the rationale, the flags that matter, and the context behind the outcome in one view.
Analyze a wallet, understand what matters, and move forward without drowning in explorer tabs.
Live engine output
Risk tier
Wallet 0x4766...86e2, Lazarus-linked. Sanctions cap enforced.
High
Decision posture
Adverse pressure score 71/100. Multiple high-severity signals co-occurring.
Escalate
Key drivers
OFAC sanctions match, mixer interaction pattern, fan-out distribution.
3 flags
Real engine output on a publicly documented attacker wallet. Open the desk to run your own.
Case studyDPRK / Sanctions$1.5B loss
When Lazarus moved funds from the Bybit exploit, CredScore scored the receiving wallets high-risk with sanctions escalation in under 15 seconds, with the full rationale traceable to specific transaction patterns and entity exposure. Not after the fact. In real time.
Supported chainsEthereumBaseArbitrumOptimismPolygon
100%
Deterministic scoring
Built for
Compliance analystsAML investigatorsOn-chain investigatorsProtocol security teams
Real engine output, no marketing screenshots
The Bybit primary exploiter, scored by CredScore
Higher score means lower risk. The same verdict is live at /v/o6wr--NrABo.
0x4766…86e2eth-mainnet
High riskEscalate62% confidence
Escalate for deeper review
CredScore sees risk or sensitive exposure strong enough to justify escalation before proceeding.
Analyst briefing
Executive Risk Verdict
This address presents elevated counterparty risk based on generalized observable on-chain metrics. The current view contains enough adverse signal composition or sensitive exposure to justify escalation.
Decision Posture
Escalate for deeper review. A specific high-risk signal combination was detected (sanctions self). This pattern is materially more concerning than any individual flag in isolation and requires human context to resolve correctly.
Primary Risk Drivers
High-confidence sanctions attribution This wallet itself is on a sanctions watchlist (per the curated registry or OFAC SDN sync). Sanctions-sensitive attribution materially increases review urgency because legal and compliance context becomes critical.
History capped by fetch limit
Transfers observed: At least 1,201
History cap: observed count may be a lower bound (cap 1,200)
Incomplete transfer coverage reduces confidence because observed totals may be lower bounds.
Source return flow detected
Circular loop count: 1
Source return count: 5
Rapid round-trip count: 1
Observed sources later reappear as return destinations, which reduces legibility and suggests recirculating flow rather than clean one-direction settlement.
Offsetting Factors
Established history Wallet age: 1.3y (observed)
Recognizable protocol attribution
Observed protocol: LINK token contract
Structural Pattern Observations
Fan-out distribution (medium confidence) The observed flow pattern is consistent with fan-out distribution behavior and also carries additional review pressure from thin visibility, limited history, or sensitive exposure. This is not a misconduct finding, but it is not a routine pattern under current coverage.
Behavior Distribution
Exchange-related interactions: 1% of observed activity. Attributed interactions: 0% of observed activity. High-confidence attributed interactions: 0% of observed activity.
Observed Entity / Protocol Context
OFAC Sanctioned: Lazarus Group (Bybit 2025 exploiter) LINK token contract
Observed Protocol Attribution
LINK token contract
Confidence Statement
Overall assessment confidence is moderate (62%), reflecting partial coverage with usable but still incomplete behavioral signal.
For contrast: a legit, low-risk wallet
0xd8da…6045eth-mainnet
Low riskProceed54% confidence
Proceed with normal caution
CredScore sees a 10.7-year-old wallet holding 5.7 ETH with at least 1,201 transfers with observed context including Vitalik Buterin (Public), Null / Burn Address. No dominant adverse drivers under current coverage; this case can proceed with normal caution.
Wallet snapshot
Primary risk drivers
History capped by fetch limit
Transfers observed: At least 1,201 · History cap: observed count may be a lower bound (cap 1,200)
Incomplete transfer coverage reduces confidence because observed totals may be lower bounds.
Bursty activity pattern
Average observed activity: 34.2 tx/day
A compressed activity window can indicate non-routine behavior and deserves added caution.
High transfer activity
Transfers observed: At least 1,201 · History cap: observed count may be a lower bound (cap 1,200)
Higher activity increases interpretive complexity, but should not be treated as adverse on its own unless paired with suspicious concentration, rapid routing, or sensitive exposure.
Observed entity context
Labels
Vitalik Buterin (Public)Null / Burn AddressCoinbase Hot Wallet 2USDC contractUniswap V2 Router
Protocols
Null / Burn AddressUSDC contractUniswap V2 Router
Offsetting factors
Established history
Wallet age: 10.7y (observed)
Recognizable exchange or protocol context
Observed label: Vitalik Buterin (Public) · Observed label: Null / Burn Address · Observed label: Coinbase Hot Wallet 2
Recognizable protocol attribution
Observed protocol: Null / Burn Address · Observed protocol: USDC contract · Observed protocol: Uniswap V2 Router
Analyst briefing
Executive Risk Verdict
This 10.7-year-old address presents lower relative counterparty risk. The observable behavior is consistent with stable usage and no dominant adverse drivers were detected, though it should still be contextualized with broader exposure intelligence when available.
Decision Posture
Proceed with normal caution. No dominant adverse drivers were identified under the current coverage, and the signal quality is strong enough to support a lower-risk routine posture.
Primary Risk Drivers
History capped by fetch limit Transfers observed: At least 1,201 History cap: observed count may be a lower bound (cap 1,200) Incomplete transfer coverage reduces confidence because observed totals may be lower bounds.
Bursty activity pattern
Average observed activity: 34.2 tx/day
A compressed activity window can indicate non-routine behavior and deserves added caution.
High transfer activity
Transfers observed: At least 1,201
History cap: observed count may be a lower bound (cap 1,200)
Higher activity increases interpretive complexity, but should not be treated as adverse on its own unless paired with suspicious concentration, rapid routing, or sensitive exposure.
Offsetting Factors
Established history Wallet age: 10.7y (observed)
Recognizable exchange or protocol context
Observed label: Vitalik Buterin (Public)
Observed label: Null / Burn Address
Observed label: Coinbase Hot Wallet 2
Recognizable protocol attribution
Observed protocol: Null / Burn Address
Observed protocol: USDC contract
Observed protocol: Uniswap V2 Router
Behavior Distribution
Exchange-related interactions: 0% of observed activity. DEX-related interactions: 0% of observed activity. Attributed interactions: 11% of observed activity. High-confidence attributed interactions: 5% of observed activity.
Observed Entity / Protocol Context
Vitalik Buterin (Public) Null / Burn Address Coinbase Hot Wallet 2 USDC contract Uniswap V2 Router
Observed Protocol Attribution
Null / Burn Address USDC contract Uniswap V2 Router
Confidence Statement
Overall assessment confidence is moderate (54%), reflecting partial coverage with usable but still incomplete behavioral signal.
Sensitivity notes
Improved transaction coverage could materially change activity-based interpretation and increase confidence.
Stronger counterparty attribution coverage could materially improve interpretability and sharpen the current score.
CredScore is built for teams and operators who need a faster, clearer way to assess wallets. Instead of manually piecing together activity across explorers, you get a focused output designed for real review workflows.
1
Start an analysis from the Analyst Desk using a public wallet address.
2
Read a structured summary with risk tier, decision posture, key drivers, and notable flags.
3
Apply the output to onboarding, counterparty review, investigations, research, or internal risk checks.
Your first wallet analysis is free, no credit card. Solo Analyst is $99 a month for unlimited wallet risk briefings across five EVM chains. Teams that need shared workspaces, higher throughput, or a tailored setup can talk with us directly.
Straight answers to the questions people ask before relying on a wallet risk tool.
Block explorers show raw activity. CredScore is built to help you interpret that activity faster by turning it into a structured briefing with risk tier, posture, supporting rationale, and key flags.
CredScore is built for analysts, investigators, researchers, compliance teams, and operators who need a faster way to assess wallet risk and document what they are seeing.
The output is meant to support review, prioritization, and internal decision-making. It is a decision-support layer, not a substitute for human judgment or a legal conclusion.
CredScore is designed to be structured, explainable, and useful in practice, but no risk system is perfect. The point is to make wallet review faster and clearer, not to pretend uncertainty does not exist.
No. CredScore evaluates public wallet activity and produces an explainable risk briefing without asking for identity data.
Ethereum, Base, Arbitrum, Optimism, and Polygon are all fully supported. Chain selection is a dropdown in the desk. Support expands carefully so the quality of the signal stays strong on each chain we add.
Yes. Business access is available for teams that need broader usage, more volume, or a setup that fits a larger workflow.
About us
Built in Denver. CredScore exists because analysts were tired of stitching together explorer tabs and getting handed black-box risk scores they couldn't defend in a review.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。