π‘οΈ SicariusGuard
Solana Token Safety Oracle for AI Agents & Trading Bots
Real-time token safety analysis combining byte-level on-chain inspection, market intelligence, and wallet reputation scoring. Built for autonomous AI agents, MCP-enabled LLMs, and trading infrastructure.
"Don't trade blind. Query SicariusGuard before every swap."
π Live API: https://sicarius-guard-640545264957.us-east4.run.app
# Try it now β no auth required (100 free calls/day)
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/scan/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263
π What It Does
SicariusGuard performs 7 layers of safety analysis on any Solana SPL token:
| Layer | Source | Detection |
|---|---|---|
| π Mint Authority | Raw SPL mint bytes | Can deployer print infinite tokens? |
| π§ Freeze Authority | SPL layout offset 46 | Can deployer freeze any wallet? |
| β οΈ Token-2022 Extensions | Extension type scan | PermanentDelegate, TransferHook, ConfidentialTransfers |
| π― Honeypot Detection | Jupiter sell simulation | Can you actually sell this token? |
| π Holder Concentration | getTokenLargestAccounts |
Top 5 wallets controlling >50% supply? |
| π Market Intelligence | Birdeye API | Liquidity, volume, wash trading, manipulation |
| π Wallet Reputation | Helius Identity + Funded-By | Is the deployer wallet a known scammer? |
Weighted Risk Scoring (60/25/15 Model)
finalScore = (onChainRisk Γ 0.60) + (marketRisk Γ 0.25) + (reputationRisk Γ 0.15)
0 β SAFE
1-15 β CAUTION
16-50 β HIGH_RISK
51-100 β CRITICAL
| Weight | Source | What It Catches |
|---|---|---|
| 60% | On-chain safety | Mint/freeze authority, honeypots, extensions |
| 25% | Birdeye market data | Low liquidity, wash trading, price manipulation |
| 15% | Helius wallet intel | Scammer wallets, suspicious funding chains |
π Quick Start
# Clone
git clone https://github.com/Chronolapse411/sicarius-guard.git
cd sicarius-guard
# Install
npm install
# Configure
cp .env.example .env
# Add your HELIUS_RPC_URL and optionally BIRDEYE_API_KEY
# Build & Run
npm run build
npm start
π‘ API Endpoints
REST API (Port 3400)
| Method | Endpoint | Description |
|---|---|---|
POST |
/v1/check |
Full on-chain safety analysis |
GET |
/v1/check/:mint |
Convenience GET for safety check |
POST |
/v1/scan |
Full analysis + Birdeye + Helius wallet intel |
GET |
/v1/scan/:mint |
Convenience GET for enriched scan |
POST |
/v1/honeypot |
Honeypot-only check (Jupiter sell sim) |
POST |
/v1/holders |
Holder concentration analysis |
GET |
/v1/pricing |
x402 payment pricing table |
GET |
/x402/stats |
Payment verification stats |
GET |
/health |
Service health check |
Example Request
# Basic safety check (BONK)
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/check/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263
# Full scan with Birdeye + Helius enrichment
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/scan/DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263
Example Response (/v1/scan)
{
"safety": {
"safe": true,
"riskScore": 0,
"verdict": "SAFE",
"reason": "SAFE β mint/freeze revoked, no dangerous extensions, supply OK",
"checks": {
"mintAuthority": { "status": "REVOKED", "safe": true },
"freezeAuthority": { "status": "REVOKED", "safe": true },
"token2022Extensions": { "status": "CLEAN", "safe": true },
"supplyConcentration": { "status": "OK", "safe": true }
}
},
"honeypot": {
"isHoneypot": false,
"sellable": true,
"reason": "Sellable via Raydium β Quantum"
},
"holders": {
"concentrated": false,
"stats": { "top10Pct": 8.2 }
},
"birdeye": {
"overview": {
"price": 0.0000075,
"liquidity": 3511099,
"marketCap": 631226030,
"holder": 999749
},
"marketRisk": { "verdict": "MARKET_SAFE", "flags": [] }
},
"walletIntel": {
"creatorAddress": "DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263",
"reputation": {
"verdict": "TRUSTED",
"riskScore": 0,
"flags": []
}
},
"combined": {
"safe": true,
"riskScore": 0,
"marketRiskScore": 0,
"reputationScore": 0,
"finalScore": 0,
"verdict": "SAFE",
"summary": "All checks passed β token appears safe"
}
}
π€ MCP Server (for AI Agents)
SicariusGuard exposes tools via the Model Context Protocol (MCP), enabling LLMs and agent frameworks to call safety checks natively.
Available MCP Tools
| Tool | Description |
|---|---|
check_token_safety |
Full SPL mint safety analysis |
check_honeypot |
Jupiter sell simulation |
check_holder_concentration |
Top holder analysis |
full_token_scan |
Complete scan with Birdeye + Helius intel |
Usage with Claude/Cursor
{
"mcpServers": {
"sicarius-guard": {
"command": "node",
"args": ["dist/mcp-server.js"],
"cwd": "/path/to/sicarius-guard"
}
}
}
ποΈ Architecture
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β SicariusGuard β
β β
β βββββββββββββββ βββββββββββββββ ββββββββββββββββββββββββ β
β β REST API β β MCP Server β β x402 Payment Gate β β
β β Express 5 β β stdio β β SOL Micropayments β β
β ββββββββ¬βββββββ ββββββββ¬βββββββ ββββββββββββ¬ββββββββββββ β
β β β β β
β ββββββββΌβββββββββββββββββΌββββββββββββββββββββββΌββββββββββββ β
β β Core Safety Engine β β
β β β β
β β ββββββββββββββ ββββββββββββ βββββββββββββββββββββββββ β β
β β β token_ β βhoneypot_ β β holder_ β β β
β β β safety.ts β βsim.ts β β analysis.ts β β β
β β ββββββββββββββ ββββββββββββ βββββββββββββββββββββββββ β β
β β β β
β β ββββββββββββββββββββββ ββββββββββββββββββββββββββββββ β β
β β β birdeye.ts β β helius_wallet.ts β β β
β β β Market Intelligenceβ β Wallet Reputation (15%) β β β
β β β β’ Price/Volume β β β’ Identity API β β β
β β β β’ Liquidity β β β’ Funded-By chain β β β
β β β β’ Wash trading β β β’ Scammer detection β β β
β β ββββββββββββββββββββββ ββββββββββββββββββββββββββββββ β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βββββββββββββββββΌββββββββββββββββ β
β βΌ βΌ βΌ β
β βββββββββββββββ βββββββββββββββ βββββββββββββββ β
β β Solana RPC β β Birdeye API β β Helius DAS β β
β β (Helius) β β (Market) β β (Wallet) β β
β βββββββββββββββ βββββββββββββββ βββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
π° x402 Payment Protocol
SicariusGuard implements the x402 HTTP Payment Required protocol for machine-native micropayments. AI agents can pay per API call with SOL β no registration, no API keys, no accounts.
How It Works
1. Agent hits /v1/scan β gets 402 + payment instructions
2. Agent sends SOL to treasury wallet
3. Agent retries with X-PAYMENT: <tx_signature>
4. Server verifies on-chain β returns safety data
Pricing
| Endpoint | Price (SOL) |
|---|---|
/v1/check |
0.001 |
/v1/scan |
0.002 |
/v1/honeypot |
0.0005 |
/v1/holders |
0.0005 |
Example (Paid Request)
# Step 1: Get pricing + treasury address
curl https://sicarius-guard-640545264957.us-east4.run.app/v1/pricing
# Step 2: Send SOL to treasury address (returned in pricing response)
solana transfer <TREASURY_ADDRESS> 0.002
# Step 3: Use tx signature as payment proof
curl -X POST https://sicarius-guard-640545264957.us-east4.run.app/v1/scan \
-H "Content-Type: application/json" \
-H "X-PAYMENT: <your_tx_signature>" \
-d '{"mint": "DezXAZ8z7PnrnRJjz3wXBoRgixCa6xjnB7YaB1pPB263"}'
Security
- On-chain verification β Every payment is verified against Solana mainnet
- Replay protection β Each tx signature can only be used once
- Amount validation β Exact SOL amount must match endpoint pricing
- Freshness check β Transactions older than 10 minutes are rejected
- Verified live on mainnet β Tested with real SOL transfers
Access Tiers
| Tier | Auth Method | Rate Limit |
|---|---|---|
| Free | None | 100 calls/day per IP |
| x402 Pay-Per-Call | X-PAYMENT header (SOL tx sig) |
Unlimited |
π§ Configuration
| Variable | Description | Default |
|---|---|---|
HELIUS_RPC_URL |
Solana RPC endpoint (Helius recommended) | https://api.mainnet-beta.solana.com |
PORT |
API server port | 3400 |
HOST |
Bind address | 0.0.0.0 |
BIRDEYE_API_KEY |
Birdeye API key (optional, enriches scans) | β |
TREASURY_WALLET |
SOL payment recipient (x402) | β |
CACHE_TTL_SECONDS |
Cache duration | 300 |
FREE_TIER_CALLS_PER_DAY |
Free tier rate limit | 100 |
π Performance
Tested with 50-token bulk scan on Solana mainnet:
| Metric | Value |
|---|---|
| Success rate | 50/50 (100%) |
| Avg response time | 5.4s |
| x402 payment verification | Verified live on mainnet |
π¦ Tech Stack
- Runtime: Node.js 22+ (ESM)
- Language: TypeScript 5.9
- Blockchain: @solana/web3.js (direct RPC, no wrapper SDKs)
- API: Express 5
- MCP: @modelcontextprotocol/sdk
- Market Data: Birdeye API v3
- Wallet Intel: Helius DAS / Identity / Funded-By APIs
π‘οΈ Why SicariusGuard?
Most token safety tools rely on third-party APIs that can be gamed. SicariusGuard reads raw mint account bytes directly from the blockchain β the same data the Solana runtime uses to execute transactions. No middleman, no stale data, no API that can be fooled.
| Feature | SicariusGuard | RugCheck | GoPlus |
|---|---|---|---|
| Byte-level SPL analysis | β | β | β |
| Token-2022 extension scanning | β | β | Partial |
| Jupiter honeypot simulation | β | β | β |
| Helius wallet reputation | β | β | β |
| Weighted multi-source scoring | β | β | β |
| MCP server for AI agents | β | β | β |
| x402 pay-per-call (SOL) | β | β | β |
| Self-hosted (no vendor lock-in) | β | β | β |
| Birdeye market enrichment | β | β | β |
| Sub-6s full scan | β | β | β |
π License
MIT β Built by Chronolapse411
π Links
- Live API: sicarius-guard-640545264957.us-east4.run.app
- GitHub: github.com/Chronolapse411/sicarius-guard
- Author: @Chronolapse411
