Search…
Uppsala
This integration enables organizations to make real-time, online queries of Threat Intelligence validated by security experts and then hosted in Uppsala Security’s crowdsourced Threat Reputation Database. The framework enables governments, enterprises of all sizes and types to drastically reduce the time and resources necessary for conducting processes related to anti-money laundering (AML), anti-coin laundering (ACL), Know Your Customer (KYC), and Due Diligence.

Uppsala's Sentinel Protocol

The access to Uppsala's Sentinel Protocol comes free with Pro subscription or higher!
Sentinel Protocol, operated and developed by Uppsala Security, is the world's first crowdsourced Threat Intelligence Platform powered by blockchain technology to protect the cyberspace.
The blockchain-based Threat Reputation Database (TRDB) lies at the core of the Sentinel Protocol. TRDB is the nexus of our decentralized ecosystem that stores information about the latest cyber threats. Uppsala security experts validate and curate crowdsourced data into whitelists and blacklists. All TRDB data is shared with our community in real-time through our Defence Security and Threat Intelligence solutions.
The Interactive Cooperation Framework (ICF) API enables any subscribers to query the TRDB in real time. Using the ICF API, the TRDB can be integrated with any application framework to actively digital protect crypto assets or to retrieve threat intelligence data.
The function getSentinelProtocolData(targetAddress,blockchainSymbol) takes the Blockchain address with the Blockchain symbol it belongs to and returns the structured data from the Sentinel Protocol associated with this address.

Support

Drop us a message at [email protected] if you want to use Sentinel Protocol on not supported blockchains, if the demand is there - we will implement it!
Blockchain
Is supported
Bitcoin (BTC)
Ethereum (ETH)
Algorand (ALGO)
DASH (DASH)
Polygon (MATIC)

Details

Parameters
targetAddress: address; the target Blockchain address to retrieve Sentinel Protocol data for
blockchainSymbol: string; the symbol of the Blockchain, the address belongs to (i.e. "ETH", "BTC")
Output
1
{
2
labels: list of string,
3
securityCategory: string,
4
annotation: string,
5
reference: {
6
source: string,
7
externalId: string,
8
url: string
9
}
10
}
Copied!
labels - contains a list of risk indicators (i.e. "#Phishing", "#Fraud", "#Scam", "#Malware" etc)
Labels are yet not standardized and the values returned in a list might vary
securityCategory - the risk category the target address belongs to. Possible values are
  • whitelist - if the address is completely safe according to the Sentinel Protocol
  • greylist - if the address is most probably safe according to the Sentinel Protocol, but the malicious behavior may still happen
  • blacklist - if the address is very suspicious or already has beein involved into malicious behavior
  • none - if the address is not yet labelled; most probably it will not be of blacklist category, since Uppsala prioritizes suspicious addresses and the absence of label means that most probably it is not one of them
annotation - the comma-separated categories that the target address lands under (i.e. "Coinbase, Exchange, Relay"
reference - contain additional information, like source (i.e. "Sentinel Protocol"), externalId (unique id of the entity in the Sentinel Protocol matching this address, i.e. "cde3a9df368040aba1c4aaf36aa14abd"), url (the web link to the Sentinel Protocol's Portal to that address entity for extended research possibilities, i.e. "https://portal.sentinelprotocol.io/indicator/cde3a9df368040aba1c4aaf36aa14abd")

Code samples

This code sample will get data from Sentinel Protocol about the address your Native Ethereum wallet is interacting with.
Code for deposit
Code for withdrawal
Code for both
1
stream _
2
from Transfers
3
where @to == MyAddress
4
5
process
6
7
let txInfo = { txHash: @tx_hash }
8
let uppsalaLabelSender = ""
9
let uppsalaCategorySender = ""
10
let transfer_type = ""
11
let symbol = "ETH"
12
13
if @to == MyAddress then
14
transfer_type = "deposit"
15
uppsalaLabelSender = getSentinelProtocolData("ETH", @from).annotation
16
uppsalaCategorySender = getSentinelProtocolData("ETH", @from).securityCategory
17
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
18
end
19
20
end
Copied!
1
stream _
2
from Transfers
3
where @from == MyAddress
4
5
process
6
7
let txInfo = { txHash: @tx_hash }
8
let uppsalaLabelSender = ""
9
let uppsalaCategorySender = ""
10
let transfer_type = ""
11
let symbol = "ETH"
12
13
if @from == MyAddress then
14
transfer_type = "withdrawal"
15
uppsalaLabelSender = getSentinelProtocolData("ETH", @to).annotation
16
uppsalaCategorySender = getSentinelProtocolData("ETH", @to).securityCategory
17
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
18
end
19
20
end
Copied!
1
stream _
2
from Transfers
3
where @to == MyAddress || @from == MyAddress
4
5
process
6
7
let txInfo = { txHash: @tx_hash }
8
let uppsalaLabelSender = ""
9
let uppsalaCategorySender = ""
10
let transfer_type = ""
11
let symbol = "ETH"
12
13
if @to == MyAddress then
14
transfer_type = "deposit"
15
uppsalaLabelSender = getSentinelProtocolData("ETH", @from).annotation
16
uppsalaCategorySender = getSentinelProtocolData("ETH", @from).securityCategory
17
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
18
end
19
20
if @from == MyAddress then
21
transfer_type = "withdrawal"
22
uppsalaLabelSender = getSentinelProtocolData("ETH", @to).annotation
23
uppsalaCategorySender = getSentinelProtocolData("ETH", @to).securityCategory
24
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
25
end
26
27
end
Copied!
Since labels are not standartized, we can use securityCategory to filter the transactions.
This next code sample will send you a notification only when your ERC-20 token address is interacting with blacklisted or greylisted addresses (both for deposits and withdrawals)
1
stream QuickMonitor
2
from TokenTransfers
3
where @to == MyAddress || @from == MyAddress
4
5
process
6
7
let txInfo = { txHash: @tx_hash }
8
let uppsalaLabelSender = ""
9
let uppsalaCategorySender = ""
10
let transfer_type = ""
11
12
if @to == MyAddress then
13
uppsalaLabelSender = getSentinelProtocolData("ETH", @from).annotation
14
uppsalaCategorySender = getSentinelProtocolData("ETH", @from).securityCategory
15
end
16
17
if @from == MyAddress then
18
uppsalaLabelSender = getSentinelProtocolData("ETH", @to).annotation
19
uppsalaCategorySender = getSentinelProtocolData("ETH", @to).securityCategory
20
end
21
22
if @to == MyAddress && (uppsalaCategorySender == "blacklist" || uppsalaCategorySender == "greylist") then
23
transfer_type = "deposit"
24
emit { @from, @to, @value, txInfo, symbol: @erc20.symbol, decimals: @erc20.decimals, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
25
end
26
27
if @from == MyAddress && (uppsalaCategorySender == "blacklist" || uppsalaCategorySender == "greylist") then
28
transfer_type = "withdrawal"
29
emit { @from, @to, @value, txInfo, symbol: @erc20.symbol, decimals: @erc20.decimals, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
30
end
31
32
end
Copied!