Skip to main content
Glama
Chronolapse411

SicariusGuard

by Chronolapse411
OverviewSchemaRelated ServersScoreDiscussions
TypeScript
Hybrid

get_wallet_reputation

Evaluate a Solana wallet's trustworthiness by analyzing deployer age, funding source, and known entity classification. Use this to assess counterparty risk before transacting.

Instructions

Analyze a Solana wallet's reputation using Helius DAS identity data and funding chain analysis. Checks deployer/wallet age, funding source identity, and known entity classification. Use this to evaluate whether a token deployer or counterparty is trustworthy before transacting.

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
addressYesSolana wallet address to investigate (base58)

Implementation Reference

  • src/core/helius_wallet.ts:221-256 (handler)
    Main handler function that fetches wallet identity and funding from Helius API in parallel, then assesses reputation scoring.
    export async function enrichCreatorReputation(
    creatorAddress: string | null,
    heliusApiKey: string,
): Promise<WalletIntelligence> {
    if (!creatorAddress) {
        return {
            creatorAddress: null,
            reputation: null,
            fetchedAt: new Date().toISOString(),
            error: 'No creator address available',
        };
    }

    if (!heliusApiKey) {
        return {
            creatorAddress,
            reputation: null,
            fetchedAt: new Date().toISOString(),
            error: 'HELIUS_API_KEY not configured',
        };
    }

    // Fetch identity and funding in parallel (both cost 100 credits each)
    const [identity, funding] = await Promise.all([
        fetchWalletIdentity(creatorAddress, heliusApiKey),
        fetchWalletFunding(creatorAddress, heliusApiKey),
    ]);

    const reputation = assessCreatorReputation(identity, funding);

    return {
        creatorAddress,
        reputation,
        fetchedAt: new Date().toISOString(),
    };
}
  • src/core/helius_wallet.ts:130-210 (helper)
    Helper function that evaluates wallet identity and funding data, producing a risk score (0-100), flags, and verdict (TRUSTED/NEUTRAL/SUSPICIOUS/DANGEROUS).
    function assessCreatorReputation(
    identity: WalletIdentity | null,
    funding: WalletFunding | null,
): CreatorReputation {
    const flags: string[] = [];
    let score = 0;

    // ── Identity-based scoring ──
    if (identity) {
        const typeLower = (identity.type ?? '').toLowerCase();
        const categoryLower = (identity.category ?? '').toLowerCase();
        const allTags = identity.tags?.map(t => t.toLowerCase()) ?? [];

        // Check for known dangerous actors
        if (DANGEROUS_TYPES.has(typeLower) || DANGEROUS_TYPES.has(categoryLower)) {
            flags.push(`KNOWN_${typeLower.toUpperCase()}: ${identity.name ?? identity.address}`);
            score += 50;
        }

        // Check tags for danger signals
        for (const tag of allTags) {
            if (tag.includes('rug') || tag.includes('scam') || tag.includes('exploit') || tag.includes('hack')) {
                flags.push(`TAGGED_${tag.toUpperCase()}`);
                score += 30;
            }
        }

        // Suspicious but not definitively malicious
        if (SUSPICIOUS_TYPES.has(typeLower) || SUSPICIOUS_TYPES.has(categoryLower)) {
            flags.push(`SUSPICIOUS_CATEGORY: ${identity.category ?? identity.type}`);
            score += 15;
        }

        // Trusted entities reduce risk
        if (TRUSTED_TYPES.has(typeLower) || TRUSTED_TYPES.has(categoryLower)) {
            flags.push(`TRUSTED_ENTITY: ${identity.name ?? identity.type}`);
            score -= 15;
        }
    }

    // ── Funding source analysis ──
    if (funding) {
        // Funded by known exchange = likely legitimate user
        if (funding.funderType === 'exchange') {
            flags.push(`EXCHANGE_FUNDED: ${funding.funderName ?? 'unknown exchange'}`);
            score -= 10;
        }

        // Check wallet age
        const ageInDays = (Date.now() / 1000 - funding.timestamp) / 86_400;

        if (ageInDays < 1) {
            flags.push('WALLET_AGE_<1_DAY');
            score += 25;
        } else if (ageInDays < 7) {
            flags.push('WALLET_AGE_<7_DAYS');
            score += 15;
        } else if (ageInDays < 30) {
            flags.push('WALLET_AGE_<30_DAYS');
            score += 5;
        }
    } else {
        // No funding data — unknown origin
        flags.push('UNKNOWN_FUNDING_SOURCE');
        score += 5;
    }

    // Clamp score
    score = Math.max(0, Math.min(score, 100));

    const verdict = score >= 40 ? 'DANGEROUS'
        : score >= 20 ? 'SUSPICIOUS'
        : score > 0 ? 'NEUTRAL'
        : 'TRUSTED';

    const creatorAge = funding
        ? Math.floor((Date.now() / 1000 - funding.timestamp) / 86_400)
        : null;

    return { identity, funding, riskScore: score, flags, verdict, creatorAge };
}
  • src/core/helius_wallet.ts:19-50 (schema)
    Type definitions for wallet identity, funding data, creator reputation, and overall wallet intelligence response.
    export interface WalletIdentity {
    address:    string;
    name:       string | null;
    type:       string;   // "exchange", "defi", "rugger", "scammer", "kol", etc.
    category:   string | null;
    tags:       string[];
}

export interface WalletFunding {
    funder:      string;
    funderName:  string | null;
    funderType:  string | null;   // "exchange" | null
    amount:      number;
    timestamp:   number;
    signature:   string;
}

export interface CreatorReputation {
    identity:     WalletIdentity | null;
    funding:      WalletFunding | null;
    riskScore:    number;           // 0-100
    flags:        string[];
    verdict:      string;           // TRUSTED | NEUTRAL | SUSPICIOUS | DANGEROUS
    creatorAge:   number | null;    // days since wallet was funded
}

export interface WalletIntelligence {
    creatorAddress:    string | null;
    reputation:        CreatorReputation | null;
    fetchedAt:         string;
    error?:            string;
}
  • src/mcp/server.ts:256-280 (registration)
    MCP tool registration — defines the tool name, description, Zod schema (address required), and handler that calls enrichCreatorReputation.
    // ── Tool: get_wallet_reputation ────────────────────────────────────────
server.tool(
    'get_wallet_reputation',
    `Analyze a Solana wallet's reputation using Helius DAS identity data and funding chain analysis. Checks deployer/wallet age, funding source identity, and known entity classification. Use this to evaluate whether a token deployer or counterparty is trustworthy before transacting.`,
    {
        address: z.string().describe('Solana wallet address to investigate (base58)'),
    },
    async ({ address }) => {
        try {
            const result = await enrichCreatorReputation(address, HELIUS_API_KEY);
            return {
                content: [{
                    type: 'text' as const,
                    text: JSON.stringify(result, null, 2),
                }],
            };
        } catch (e: unknown) {
            const msg = e instanceof Error ? e.message : String(e);
            return {
                content: [{ type: 'text' as const, text: JSON.stringify({ error: msg }) }],
                isError: true,
            };
        }
    },
);
  • src/api/server.ts:121-131 (registration)
    Tool listing in the MCP server card endpoint (Smithery/registry discovery) and the Express REST API's well-known endpoint.
            tools: [
            { name: 'check_token_safety', description: 'Analyze a Solana SPL token for rug pull, honeypot, and safety risks.' },
            { name: 'check_honeypot', description: 'Simulate a sell via Jupiter to detect honeypot tokens.' },
            { name: 'check_holder_concentration', description: 'Analyze token holder distribution for rug pull indicators.' },
            { name: 'full_token_scan', description: 'Comprehensive 7-layer safety analysis with Birdeye market intelligence.' },
            { name: 'get_wallet_reputation', description: 'Investigate wallet reputation via Helius DAS identity data.' },
            { name: 'get_market_intel', description: 'Real-time market data from Birdeye (price, volume, liquidity).' },
            { name: 'batch_scan', description: 'Scan up to 10 tokens in parallel for portfolio-level risk assessment.' },
        ],
    });
});

Tool Definition Quality

A4/5.0
Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries full burden. It discloses the data sources (Helius DAS identity, funding chain analysis) and what is checked, but does not mention behavioral aspects like external API calls, rate limits, or error handling. This is adequate but not rich.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is two sentences with no wasted words. The first sentence defines the main purpose and methods, the second provides usage context. All content is value-adding and front-loaded.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness4/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a simple one-parameter tool with no output schema, the description sufficiently covers purpose, usage, and key checks. It mentions Helius DAS identity data, which adds important context. The lack of output description is acceptable given the tool's straightforward nature.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 100% with the parameter description already specifying 'base58' format. The description adds no additional meaning beyond the schema, so baseline score 3 is appropriate.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool analyzes a Solana wallet's reputation using specific methods (Helius DAS identity data, funding chain analysis) and checks deployer/wallet age, funding source, and entity classification. It distinguishes itself from sibling token-focused tools by focusing on wallet trustworthiness.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description explicitly advises using this tool to evaluate trustworthiness before transacting, providing clear context. It lacks explicit 'when not to use' or alternative tools, but the guidance is sufficiently directive for an AI agent.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Chronolapse411/sicarius-guard'

If you have feedback or need assistance with the MCP directory API, please join our Discord server