Search…
Uppsala
This integration enables organizations to make real-time, online queries of Threat Intelligence validated by security experts and then hosted in Uppsala Security’s crowdsourced Threat Reputation Database. The framework enables governments, enterprises of all sizes and types to drastically reduce the time and resources necessary for conducting processes related to anti-money laundering (AML), anti-coin laundering (ACL), Know Your Customer (KYC), and Due Diligence.

Uppsala's Sentinel Protocol

The access to Uppsala's Sentinel Protocol comes free with Pro subscription or higher!
Sentinel Protocol, operated and developed by Uppsala Security, is the world's first crowdsourced Threat Intelligence Platform powered by blockchain technology to protect the cyberspace.
The blockchain-based Threat Reputation Database (TRDB) lies at the core of the Sentinel Protocol. TRDB is the nexus of our decentralized ecosystem that stores information about the latest cyber threats. Uppsala security experts validate and curate crowdsourced data into whitelists and blacklists. All TRDB data is shared with our community in real-time through our Defence Security and Threat Intelligence solutions.
The Interactive Cooperation Framework (ICF) API enables any subscribers to query the TRDB in real time. Using the ICF API, the TRDB can be integrated with any application framework to actively digital protect crypto assets or to retrieve threat intelligence data.
The function getSentinelProtocolData(targetAddress,blockchainSymbol) takes the Blockchain address with the Blockchain symbol it belongs to and returns the structured data from the Sentinel Protocol associated with this address.

Support

Drop us a message at [email protected] if you want to use Sentinel Protocol on not supported blockchains, if the demand is there - we will implement it!
Blockchain
Is supported
Bitcoin (BTC)
Ethereum (ETH)
Algorand (ALGO)
DASH (DASH)
Polygon (MATIC)

Details

Parameters
targetAddress: address; the target Blockchain address to retrieve Sentinel Protocol data for
blockchainSymbol: string; the symbol of the Blockchain, the address belongs to (i.e. "ETH", "BTC")
Output
{
labels: list of string,
securityCategory: string,
annotation: string,
reference: {
source: string,
externalId: string,
url: string
}
}
labels - contains a list of risk indicators (i.e. "#Phishing", "#Fraud", "#Scam", "#Malware" etc)
Labels are yet not standardized and the values returned in a list might vary
securityCategory - the risk category the target address belongs to. Possible values are
  • whitelist - if the address is completely safe according to the Sentinel Protocol
  • greylist - if the address is most probably safe according to the Sentinel Protocol, but the malicious behavior may still happen
  • blacklist - if the address is very suspicious or already has beein involved into malicious behavior
  • none - if the address is not yet labelled; most probably it will not be of blacklist category, since Uppsala prioritizes suspicious addresses and the absence of label means that most probably it is not one of them
annotation - the comma-separated categories that the target address lands under (i.e. "Coinbase, Exchange, Relay"
reference - contain additional information, like source (i.e. "Sentinel Protocol"), externalId (unique id of the entity in the Sentinel Protocol matching this address, i.e. "cde3a9df368040aba1c4aaf36aa14abd"), url (the web link to the Sentinel Protocol's Portal to that address entity for extended research possibilities, i.e. "https://portal.sentinelprotocol.io/indicator/cde3a9df368040aba1c4aaf36aa14abd")

Code samples

This code sample will get data from Sentinel Protocol about the address your Native Ethereum wallet is interacting with.
Code for deposit
Code for withdrawal
Code for both
stream _
from Transfers
where @to == MyAddress
process
let txInfo = { txHash: @tx_hash }
let uppsalaLabelSender = ""
let uppsalaCategorySender = ""
let transfer_type = ""
let symbol = "ETH"
if @to == MyAddress then
transfer_type = "deposit"
uppsalaLabelSender = getSentinelProtocolData("ETH", @from).annotation
uppsalaCategorySender = getSentinelProtocolData("ETH", @from).securityCategory
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
end
end
stream _
from Transfers
where @from == MyAddress
process
let txInfo = { txHash: @tx_hash }
let uppsalaLabelSender = ""
let uppsalaCategorySender = ""
let transfer_type = ""
let symbol = "ETH"
if @from == MyAddress then
transfer_type = "withdrawal"
uppsalaLabelSender = getSentinelProtocolData("ETH", @to).annotation
uppsalaCategorySender = getSentinelProtocolData("ETH", @to).securityCategory
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
end
end
stream _
from Transfers
where @to == MyAddress || @from == MyAddress
process
let txInfo = { txHash: @tx_hash }
let uppsalaLabelSender = ""
let uppsalaCategorySender = ""
let transfer_type = ""
let symbol = "ETH"
if @to == MyAddress then
transfer_type = "deposit"
uppsalaLabelSender = getSentinelProtocolData("ETH", @from).annotation
uppsalaCategorySender = getSentinelProtocolData("ETH", @from).securityCategory
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
end
if @from == MyAddress then
transfer_type = "withdrawal"
uppsalaLabelSender = getSentinelProtocolData("ETH", @to).annotation
uppsalaCategorySender = getSentinelProtocolData("ETH", @to).securityCategory
emit { @from, @to, @value, txInfo, symbol, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
end
end
Since labels are not standartized, we can use securityCategory to filter the transactions.
This next code sample will send you a notification only when your ERC-20 token address is interacting with blacklisted or greylisted addresses (both for deposits and withdrawals)
stream QuickMonitor
from TokenTransfers
where @to == MyAddress || @from == MyAddress
process
let txInfo = { txHash: @tx_hash }
let uppsalaLabelSender = ""
let uppsalaCategorySender = ""
let transfer_type = ""
if @to == MyAddress then
uppsalaLabelSender = getSentinelProtocolData("ETH", @from).annotation
uppsalaCategorySender = getSentinelProtocolData("ETH", @from).securityCategory
end
if @from == MyAddress then
uppsalaLabelSender = getSentinelProtocolData("ETH", @to).annotation
uppsalaCategorySender = getSentinelProtocolData("ETH", @to).securityCategory
end
if @to == MyAddress && (uppsalaCategorySender == "blacklist" || uppsalaCategorySender == "greylist") then
transfer_type = "deposit"
emit { @from, @to, @value, txInfo, symbol: @erc20.symbol, decimals: @erc20.decimals, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
end
if @from == MyAddress && (uppsalaCategorySender == "blacklist" || uppsalaCategorySender == "greylist") then
transfer_type = "withdrawal"
emit { @from, @to, @value, txInfo, symbol: @erc20.symbol, decimals: @erc20.decimals, transfer_type, uppsalaLabelSender, uppsalaCategorySender, @block_timestamp }
end
end