Wallet Analysis
Wallet Analysis provides a comprehensive breakdown of any XRP wallet: its risk profile, transaction history, signals, fund flows, and network connections.
Risk Summary
The top panel shows the wallet's overall risk profile:
| Field | Description |
|---|---|
| Risk Score | 0–100 score (higher = more suspicious) |
| Confidence | How confident the system is in the score (0–1.0) |
| Classification | Category label (e.g. Scam, Fraud, Suspicious, Benign) |
| First Seen | When the wallet first appeared in the system |
| Last Active | Most recent on-chain transaction timestamp |
| XRP Balance | Current on-chain balance |
| Total Sent / Received | Lifetime volume in XRP |
Reading the Risk Summary
A flagged wallet might show, for example:
- Risk: HIGH: 0.80 confidence
- A fraud classification such as "Fake giveaway scam" or "Investment scam"
- Transaction totals showing the scale of XRP moved through the wallet
- Links to associated fraud reports and phishing domains
Risk Score Color Coding
| Score Range | Color | Meaning |
|---|---|---|
| 0–24 | 🟢 Green | Safe: likely benign |
| 25–49 | 🟡 Yellow | Low risk: monitor |
| 50–74 | 🟠 Orange | Medium risk: likely suspicious |
| 75–89 | 🔴 Red | High risk: flag for review |
| 90–99 | 🔴 Red | Critical: confirmed or near-confirmed fraud |
Signals Tab
The Signals tab lists all fraud indicators associated with this wallet:
- Each signal has a type, description, and weight contributing to the score
- Signals are aggregated from fraud reports, domain associations, and behavioral patterns
Heuristic Signal Types
| Signal | Description |
|---|---|
rapid_tx | Unusually high transaction frequency in short time window |
round_amount | Suspiciously round XRP amounts (common in scam payouts) |
unusual_size | Transaction size significantly outside the wallet's normal pattern |
blacklisted_dest | Sent XRP to a known blacklisted wallet |
low_fee | Consistently uses minimum fees (automated bot behavior) |
reported_fraud | One or more fraud reports reference this address |
linked_to_phishing_domain | Domain associated with this wallet is flagged as phishing |
scam_keywords_in_memo | Transaction memo contains known scam keywords |
new_wallet_high_value | Recently created wallet with unusually high transaction volume |
Fund Flow Tab
The Fund Flow tab shows a timeline visualization of XRP moving into and out of the wallet:
- Inbound and outbound flows are color-coded
- Each bar represents a transaction batch grouped by time
- Hover over bars to see amounts, counterparties, and timestamps
- Useful for identifying burst patterns (large sends after receiving), which are common in scam operations
Network Graph Tab
The Network Graph renders an interactive node graph of the wallet's connections:
- Nodes = wallets; Edges = transactions between them
- Node color indicates risk level (red = high risk, yellow = medium, green = low)
- Click any node to navigate to that wallet's analysis
- Zoom, pan, and drag to explore the full cluster
- Useful for finding hub wallets that funnel funds from many scam wallets
Actions
From the wallet analysis page you can:
- Flag this wallet: add it to the Flagged Wallets list
- Submit a fraud report: pre-fills the report with this wallet's address
- Export data: download wallet data as JSON or CSV