daoaml · tagline: check a wallet before you send crypto

Check a wallet before you send crypto

We check the address against known scams, sanctions lists, and stolen crypto. Results in just a few seconds. No signup, 3 free checks per month.

~/check.daoaml

● ready

✓ 25+ networks · ✓ millions of known wallets · ✓ no signup, no card

try:

Never heard these words before? That's fine — there's a short glossary on the FAQ page.

networks we read

25+

BTC · ETH · TRON · SOL · TON · XRP and more

risk types

47

mixer · sanctions · scam · darknet · etc.

known wallets

millions

we compare each address against this list

sanctions lists

5

OFAC · EU · UK · UN · SECO, refreshed every 5 min

// who this is for

P2P SELLERSOTC DESKSFREELANCERS GETTING PAID IN CRYPTOSOMEONE WHOSE DEPOSIT GOT FROZENTAX ADVISORSSMALL EXCHANGESANYONE ABOUT TO SEND CRYPTO TO A STRANGER P2P SELLERSOTC DESKSFREELANCERS GETTING PAID IN CRYPTOSOMEONE WHOSE DEPOSIT GOT FROZENTAX ADVISORSSMALL EXCHANGESANYONE ABOUT TO SEND CRYPTO TO A STRANGER

01 // what_is_aml.md

So what's an AML check?

Before you send crypto to a wallet, we check what that wallet has been up to. If it's a scammer, a sanctioned address, or a wallet linked to stolen funds — you'll see it before you send.

AML = anti-money-laundering. Same check your bank runs on wires. Now for wallets.

You may also see this called KYT — Know Your Transaction. Same idea.

// what we look for ● 4 signal classes

[01]

Sanctions lists

5 government blacklists — OFAC, EU, UK HMT, UN, SECO.
[02]

Scams & stolen funds

Wallets that took money from victims — fake-website scams, drained accounts, ransomware payments.
[03]

Mixers & tumblers

Services that shuffle crypto between thousands of wallets so the trail can't be followed — Tornado Cash, Sinbad, ChipMixer. We flag both the mixer itself and anything coming out of one.
[04]

Darknet markets

Wallets tied to anonymous illegal marketplaces. We flag both direct receivers and wallets one step away.

02 // situations.md

When you actually need this

Six real situations where a 5-second check saves the deal. Find yours.

SITUATION 01

Selling USDT on P2P

Binance, Bybit, OKX. Buyer pays you with USDT they stole via a phishing site — Binance sees it on deposit and freezes your account for 21 days.

SITUATION 02

$50K OTC invoice in BTC

The wallet that paid you looks fine on etherscan. But two wallets back it received funds from a mixer or a sanctioned address. Public explorers don't follow that chain. We do.

SITUATION 03

Your deposit got frozen

The exchange wants proof of where the funds came from. An etherscan screenshot won't do it — they need the full path, with each hop tagged (clean / mixer / sanctioned).

SITUATION 04

Random crypto showed up

Unsolicited USDC. A dust transfer. A weird airdrop. Spending it could mean moving stolen funds.

SITUATION 05

Tax season, paid in crypto

A client sent 5 ETH in March. Your accountant wants the source documented. The tax office will ask next.

SITUATION 06

Small exchange or OTC desk

Enterprise tools cost $5K/month — not realistic for your size. Checking nothing is worse: one round of dirty money through your desk and customers start leaving.

03 // how_to_use.md

How to use it

STEP 1

Paste the address

25+ networks. We detect the network from the address format, so you don't have to pick it.

Example address

0xA3f1…b742

Source: OFAC, EU, UK, UN, SECO and our own database — 47 risk categories.

~/check.daoaml

$ daoaml check

--chain ethereum

--addr 0xA3f1…b742

detected: ethereum

STEP 2

Get the answer

A color (green, yellow, red) and a number from 0 to 100. If anything looks off, we tell you exactly what: mixer, sanctions, scam, stolen funds.

In 8–14 seconds

We look up to 3 hops away and check the address history all the way to the genesis block.

19

LOW

example address

0xA3f1…b742

mixer82

sanctions61

darknet28

STEP 3

Save it or share it

Every check gets a permanent link. Send it to a bank, exchange, or anyone who asked — they open it without signing up.

Permanent link example

daoaml.com/v/9f3a1c

Signed with ed25519. PDF export with a signature any regulator can verify.

✓never expires
✓opens without a login
✓valid for 7 years

RISK SCALE

What the number actually means

0–25

26–60

61–80

81–100

Clean0–25

Most exchanges clear this without asking. The wallet looks routine.

Mid26–60

Something is a little off. The exchange may ask where the funds came from. Usually clears in days.

High61–80

Real links to risky activity. Expect funds to be held for review. Two weeks is normal.

Critical81–100

Sanctions, theft, or worse. Most exchanges refuse and report. Don't send.

Ready to try?

check an address

04 // chains.supported

Blockchains we cover

Major L1s, the main EVM L2s, and BTC-family forks — including their native tokens. Live today, more added as the data lands.

● ~/feed.live · streaming tail -f · all chains

synthetic stream · real engine, same paths

$ daoaml chains --list

05 // what_you_get.txt

What you get

[01] data_sources

30+ data sources

Every major sanctions list (OFAC, EU, UK, UN, SECO), known mixers, darknet markets, ransomware wallets, and threat-intel feeds we pay for so you don’t have to.

OFAC SDNlive
EU Consolidatedlive
UK HMTlive
UNlive
Switzerland SECOlive

[02] result_links

Results you can forward

Every check saves to a link anyone can open. Send it to whoever's asking — they open the link and read the result themselves.

// the saved link

https://daoaml.com/v/8e19fa…b742

→ opens in any browser, no login

[03] api

API for developers

Plug DAOAML into your service. One HTTPS request per check, plain JSON back. Works from a shell, Python, JS — anywhere you can make an HTTP call.

$ curl -X POST https://daoaml.com/api/v1/check \

-H "X-API-Key: $KEY" \

-d '{"chain":"ethereum","address":"0x…"}'

→ returns: { score, color, reasons, link }

→ see docs.html for the full reference

06 // for developers and AI agents — skip if not relevant

Built so an agent can use it too

Your Claude / ChatGPT / Cursor calls check_wallet, the MCP server bills $0.10 in USDC over x402, and the result streams back. Pay per request — no signup, no keys to rotate.

▸MCP tool — `check_wallet`, `verdict_lookup`, `categories_list`
▸x402 payments — USDC on Base, per-call settlement
▸Streaming JSON — graph nodes flushed as walked
▸Ready in — ChatGPT, Claude Desktop, Cursor, Cline

▸ install mcp read /llms.txt

~/.config/claude/mcp.json

x402 · USDC@base

1
2
3
4
5
6
7
8
9
10
11
12
13
14

// add daoaml to claude / chatgpt / cursor
{
  "mcpServers": {
    "daoaml": {
      "command": "npx",
      "args": ["-y", "@daoaml/mcp"],
      "env": {
        "X402_WALLET": "0x…",
        "X402_NETWORK": "base",
        "X402_MAX_USDC": "5.00"
      }
    }
  }
}

● tool registered, 3 actions $0.40 per call, settles in a few seconds

→ tool

check_wallet

{ chain, address }

→ payment

$0.10 USDC

x402 on Base, ~2s

→ response

streamed JSON

score, categories, permalink

07 // pricing.json

Pay for what you check

One check or five thousand — pay only for what you use.

free try it out

$0 / 3 checks a month

no signup, no card — every month

full risk score with reasons✓
all 25+ networks✓
saved link to share✓
opens in any browser, no login✓

▸ run a free check

most used

pack 10 one-time

$5 / 10 checks

$0.50 per check, valid 12 months

everything in free✓
10 checks instead of 3✓
history saved in your account✓
PDF + JSON export✓
email reply within a day✓

▸ buy 10 for $5

pack 100 active retail

$30 / 100 checks

$0.30 per check, valid 12 months

everything in pack 10✓
100 checks✓
bulk CSV upload✓
monitoring alerts✓
best per-check rate in Start tab✓

▸ buy 100 for $30

// 3 tabs on the full page: Start (1–100), Pro (500–5 000), Max (10 000–200 000) — see every plan on /pricing

// last_command.sh

$ ./check_a_wallet
--paste --send --done

Send a link instead of a screenshot. The person on the other end opens it and reads the result themselves. 3 free checks every month, no signup, no card.

check a wallet↵ or wire it to an agent

08 // faq.man

FAQ

Didn't find the answer to your question? Get in touch!

[01] Is it legal to look up someone else’s wallet? ▸

On-chain data is public. We don’t hand back private identifiers — just the risk profile of the address. What you do with the verdict downstream is on you (e.g. running a KYC program means you still need consent).

[02] Will my exchange accept this report? ▸

We can't promise acceptance — every exchange has its own policy, and the decision sits with their compliance team. What we give you: a report at a permanent link showing the address history and risk sources. You paste that link into your support ticket as proof you did the check. Their support opens the link and reads it themselves.

[03] What does "risk 75/100" mean? ▸

A weighted score across 47 risk types — mixer activity, sanctions hits, darknet links, ransomware feeds, scam clusters. 0–25 is LOW (green), 26–60 MID (yellow), 61–80 HIGH (red), 81+ CRITICAL (red).

[04] Pricing — is there a free tier? ▸

Yes — 3 free checks every month, no signup, no card. Beyond that: $0.99 for a single check, $5 for a Pack 10 ($0.50/check), $30 for a Pack 100 ($0.30/check), and bigger packs up to 200 000 checks. AI agents pay $0.40 per call via MCP/x402.

[05] My exchange froze my deposit — can you help? ▸

Run a Defrost report. It walks the deposit back to its origin and bundles the trail into a link the exchange's compliance team can open and read. Review times vary by exchange — anywhere from a few days to a month. The exchange decides — we can't promise acceptance.

[06] Which blockchains? ▸

Live today: ETH, BTC, TRX, SOL, TON, XRP, BNB, MATIC — plus the EVM L2s (Arbitrum, Optimism, Base) and BTC forks. SUI, APT and NEAR are next.

[07] What do you do with my email? ▸

We use it for the receipt and the verdict link, full stop. No newsletter, no third parties. Addresses are hashed at the edge; raw values don’t outlive the request.