Developer & Agent API
Everything the scanner shows - crisis behaviour, security, scores, Safe checks - as clean HTTP endpoints. Read-only, Ethereum mainnet. Facts (approvals, exposure, distribution) for any wallet; ratings only for wallets you own, proven by a free ownership signature (personal_sign, no transaction). Free reads; deep scans are paid per-use via x402.
Fastest path: add the MCP server to your AI host and ask it about a wallet. No API key needed for the free tools.
{
"mcpServers": {
"reputa": {
"command": "npx",
"args": ["-y", "reputa-mcp"],
"env": {
"REPUTA_PAYER_PRIVATE_KEY": "0x… (USDC on Polygon, optional)"
}
}
}
}Analyze the wallet 0xd8dA…6045 with Reputa.The payer key is optional - only needed to auto-pay the paid tools. Use a dedicated hot wallet with a small USDC balance on polygon, never your main key.
No auth, no payment. Rate-limited per IP. Without ownership headers, crisis-check returns
facts only (no verdict, no scores). To receive ratings, add X-OWNER-TS + X-OWNER-SIG -
a free personal_sign of this message, signed by the wallet being scored (30-minute validity):
Reputa ownership proof
wallet: <0xyourwallet lowercase>
issued: <unix ms>
I confirm this wallet is mine. Scores are only computed for wallets you own.
This signature is free and only proves ownership. It does not move any funds. /api/crisis-checkCrisis-behaviour verdict + security snapshot (approvals, flagged-address contact, protocol usage, concentration) incl. the CURRENT cross-chain ETH distribution.
/api/safe-ownerTeaser: Ethereum-only count of Safes this address co-controls. (details:true is paid.)
/api/resolve?name=Resolve an ENS name (e.g. vitalik.eth) to its address.
/api/healthService + paywall status: network, price, bundle price, rate-limit mode.
/api/cover/v1/analysesCatalog of all DeFi cover analyses: Assecura score, band, covered protocol, coverage gaps, red flags, asOf. Free discovery for agents.
Per-use each, USDC on polygon. Unpaid request → HTTP 402 with PaymentRequirements → sign an EIP-3009 authorization → retry with the X-PAYMENT header. Settle-before-deliver.
/api/scoresSecurity + Risk + Reputation scores, reason codes, profile traits, staking & governance.
/api/safe-checkGnosis Safe: on-chain version, transaction guard, and enabled modules.
/api/safe-ownerdetails:true - full multichain Safe breakdown incl. the Safe addresses.
/api/approvalsDeep ERC-20 approval history (full, chunked).
/api/chain-historyHistorical chain distribution, months = 3 / 6 / 12 / 24 (current state is free via crisis-check).
/api/cover/v1/analyses/{provider}/{product}Full structured DeFi cover analysis (coverage clause by clause, claims, capital, red flags, sources). Free teaser in the 402 body, full via x402. The receipt is shared with the web unlock.
/api/full-report bundleEverything above in one paid call: scores + traits, Safe config, Safe co-control (all
chains), deep approvals, and the 2-year history - one payment instead of five.
Single-scan price × 5 by default, set via X402_FULL_REPORT_PRICE_USD.
Three ways to pay, easiest first. Browser: open reputa.xyz and it signs in your wallet
(MetaMask / WalletConnect) - nothing to code. Agent: the MCP server below signs and pays
autonomously once you set a funded payer key. Direct integration: produce the X-PAYMENT header with an x402 client library. The payer needs USDC on polygon - there
is no auto-swap, so bring the right asset on the right network.
Free read
# facts for any wallet (no verdict/scores without ownership):
curl -s https://reputa.xyz/api/crisis-check \
-H 'content-type: application/json' \
-d '{"wallet":"0xabc…"}'
# ratings for YOUR wallet: add the ownership signature headers
curl -s https://reputa.xyz/api/crisis-check \
-H 'content-type: application/json' \
-H 'X-OWNER-TS: <unix ms>' \
-H 'X-OWNER-SIG: 0x<signature>' \
-d '{"wallet":"0xyourwallet"}'Paid scan (402 → sign → retry)
# 1) unpaid request -> HTTP 402 with PaymentRequirements
curl -i -X POST https://reputa.xyz/api/scores \
-H 'content-type: application/json' \
-d '{"wallet":"0xabc…"}'
# 2) sign the EIP-3009 USDC authorization from the 402 body,
# then retry with the base64 X-PAYMENT header (+ ownership proof)
curl -s -X POST https://reputa.xyz/api/scores \
-H 'content-type: application/json' \
-H 'X-OWNER-TS: <unix ms>' \
-H 'X-OWNER-SIG: 0x<signature>' \
-H 'X-PAYMENT: <base64 payload>' \
-d '{"wallet":"0xyourwallet"}'The X-PAYMENT value is a base64 EIP-3009 USDC authorization - you don't hand-roll it.
An x402 client library (e.g. Coinbase's x402) or the MCP server produces it
from your payer key. Prefer not to write signing code? Use the MCP - it does exactly this.
The per-call x402 pricing above is the self-serve tier. If you need wallet risk data at volume - underwriting, OTC counterparty checks, community gating - there are three ways in:
Pay-per-use (x402)No contract, no key, no minimum. Your agent or backend pays per call in USDC. Live today.
VolumePrepaid call bundles at volume rates, priority rate limits, usage dashboard. Talk to us.
Enterprise feedCustom risk feeds (webhooks, batch exports), SLA, co-designed signals. Talk to us.
Badge gating needs no API at all: the certificate is a verified contract on Base.
One eth_call to certs(uint256(uint160(wallet))) at 0x5e425f840a449a30f0a3a48d2fd6b694e227e623 returns score, level, date and minted-flag -
gate a Discord, whitelist or lending tier directly on-chain. Or server-side via GET /api/badge-verify?address=0x…. Scores are published by the wallet owners
themselves (consent built in), so counterparty checks stay GDPR-clean: they show, you verify.
Consented score sharing (design partners wanted): a wallet owner grants access to their score for one recipient with a free signature and hands over a link. Redeeming that link returns a signed, offline-verifiable score attestation - so you can risk-tier an applicant without ever scoring a wallet yourself. The primitive is live today via manual link exchange; a native "paste your Reputa link" flow needs a small integration on your side - that is exactly the kind of partnership we are looking for.
# 1) the wallet owner signs a share grant in your UI (or on reputa.xyz)
# and POSTs it to /api/score-share -> returns a share link.
# 2) your backend redeems that link:
curl -s "https://reputa.xyz/api/score-attestation?token=<share-token>"
# -> { payload: { wallet, sharedWith, security, risk, reputation, consent, ... },
# attestation: { signer, digest, signature } }
# verify attestation.signature against the published Reputa signer offline. Integrations & volume: DM @0xreputa or reputa.eth on Farcaster.
An MCP server exposes every endpoint as a tool for Claude Desktop, Cursor, or any MCP host. Set REPUTA_PAYER_PRIVATE_KEY and the paid tools pay autonomously (EIP-3009); otherwise
they return the payment requirements.
reputa_analyze_walletreputa_wallet_scoresreputa_deep_approval_scanreputa_safe_checkreputa_safe_ownerreputa_chain_historyreputa_full_report{
"mcpServers": {
"reputa": {
"command": "npx",
"args": ["-y", "reputa-mcp"],
"env": {
"REPUTA_PAYER_PRIVATE_KEY": "0x… (USDC on Polygon, optional)"
}
}
}
}