v4.2.0 — Production-grade smart contract security audit API.
Multi-chain AI-powered analysis · Solidity, Vyper, Rust, Move, Cairo
16+ chains supported · Sub-second static scans
OpenAPI Spec (JSON) Audit Endpoints
POST/audit
Audit
Full smart contract audit.
POST/audit/address
Audit Address
Fetch verified source code from Etherscan/Sourcify and audit it.
POST/audit/basic
Audit Basic
Free basic scan.
POST/audit/counterfactual
Audit Counterfactual
Counterfactual perturbation analysis — what-if scenarios.
POST/audit/file
Audit File
Upload a .
GET/audit/history/{wallet}
Audit History
Get all past audits for a wallet address.
POST/audit/paid
Audit Paid
Full audit unlocked by payment.
POST/audit/paid/retry
Audit Paid Retry
Retry a failed paid audit.
POST/audit/quick
Quick Scan
Fast 3-layer triage scan (~50ms).
POST/audit/token
Audit Token
Memecoin / token audit: bytecode-level rug signals + holder
distribution.
GET/audit/token/history
Audit Token History By Ids
List token audits by explicit audit_id set.
GET/audit/token/history/{wallet}
Audit Token History
List token audits bound to a wallet address.
POST/audit/token/report
Audit Token Report Inline
Render a memecoin audit PDF from an inline JSON result.
GET/audit/token/report/{audit_id}
Audit Token Report By Id
Re-render the PDF for a persisted token audit.
GET/audit/token/{audit_id}
Audit Token Fetch
Fetch the persisted JSON result for a previously-run token audit.
POST/badge
Generate Badge
Run a quick audit and return a shareable SVG badge.
POST/certificate
Generate Certificate
Generate a 1-page audit certificate (HTML or PDF).
POST/export/from-results
Export From Results
Export pre-computed audit findings to a bounty platform format.
POST/export/{platform}
Export Findings
Export audit findings in platform-specific format.
POST/report
Generate Report
Generate a full multi-page audit report (PDF or HTML).
GET/report/download/{payment_id}
Download Report
Re-download a previously generated audit report by payment_id.
POST/score
Score Contract
Run a full audit and return a 0-100 security score with letter grade.
Payment Endpoints
GET/payment/config
Payment Config
Public: returns payment wallet, supported chains, tiers, and prices.
POST/payment/submit
Payment Submit
Submit a transaction hash for payment verification.
GET/payment/{payment_id}/status
Payment Status
Check payment status and retry eligibility.
Monitoring Endpoints
POST/monitor
Monitoring Plan
Run audit and return a post-deployment monitoring plan:
alerts, recommended tools (Forta, Tenderly, Defender),
invariants to watch, and Forta agent template code.
GET/monitor/alerts
Monitor Alerts
Get alert history, optionally filtered by monitor ID.
GET/monitor/list
Monitor List
List active monitors.
POST/monitor/register
Monitor Register
Register a contract for continuous monitoring.
GET/monitor/stats
Monitor Stats
Get monitoring statistics.
System Endpoints
GET/api/changelog
Api Changelog
Machine-readable API changelog and versioning policy.
POST/api/v1/audit/async
Audit Async
Submit audit for async processing.
POST/api/v1/audit/diff
Audit Diff
Compare audit results between two versions of a contract.
POST/api/v1/audit/{audit_id}/feedback
Submit Finding Feedback
Submit per-finding feedback (confirmed/false_positive/not_applicable) for a completed audit.
GET/api/v1/audit/{job_id}/status
Audit Job Status
Poll async audit job status.
POST/api/v1/corpus/contribute
Contribute To Corpus
Opt-in corpus contribution — add a contract to the training data set.
POST/api/v1/partner/register
Register Partner
Register a white-label partner configuration.
POST/api/v1/partner/{partner_id}/audit
Partner Audit
White-label audit — same engine, partner branding in response.
GET/api/v1/partner/{partner_id}/stats
Partner Stats
Partner usage stats placeholder.
POST/api/v1/subscription
Create Subscription
Create a recurring monitoring subscription for a contract.
GET/api/v1/subscription/{sub_id}
Get Subscription
Get subscription status.
DELETE/api/v1/subscription/{sub_id}
Cancel Subscription
Cancel a subscription.
GET/api/v1/subscriptions/{wallet}
List Subscriptions
List all subscriptions for a wallet.
GET/api/v1/token-check
Token security check for DEX integrations
Lightweight token security check optimized for DEX platform integrations.
POST/api/v1/token-check
Token security check (POST)
POST variant of token-check for batch integrations.
POST/api/v1/verify-source
Verify Source Against Bytecode
Compare submitted source code against deployed on-chain bytecode.
GET/api/version
Api Version
Returns current API version, supported versions, and deprecation status.
POST/auth/challenge
Auth Challenge
Generate a signing challenge for wallet authentication.
POST/auth/verify
Auth Verify
Verify signed message and issue JWT token.
GET/cve-database
Cve Database
List all 56 CVE mappings in SENTINEL's database.
GET/families
Families
Endpoint removed — proprietary detection data.
GET/health
Health
Deep health check — engine version, rule coverage, corpus stats, uptime.
GET/leaderboard
Leaderboard
Public leaderboard — top audit scores from all scans on the platform.
GET/metrics
Metrics
Detailed engine performance metrics.
GET/metrics/prometheus
Metrics Prometheus
Prometheus-compatible metrics in text exposition format.
GET/status
Status
Engine health check and version info.
GET/user/audits
User Audit History
List all audits for the authenticated user.
GET/user/profile
User Profile
Get authenticated user profile and stats.