The GoldRush Security API is designed to help secure web3 wallets by providing detailed information about token and NFT contract approvals. This API offers a complete list of all token and NFT contracts that have been granted approval to spend assets on a wallet’s behalf, allowing developers to integrate essential revoke and risk analysis features into their wallets.

The API calculates the value-at-risk, which represents the total amount a wallet could lose if an approved spender account is compromised or hacked. In addition to value-at-risk calculations, a risk assessment is provided to help wallet owners better understand their exposure and make informed decisions on which approvals to revoke.

Market Coverage
Supports all token contracts across 100+ chains, providing comprehensive wallet security coverage for developers building on any major blockchain network.

Data Richness
Offers a full list of token and NFT contract approvals, categorized by spender, with detailed allowances and value-at-risk calculations, enabling developers to integrate robust revoke features and perform thorough onchain risk analysis.

Reliability and Performance
Trusted by development teams such as Rainbow, CoinLedger and Revoke.cash for its broad multichain support, fast integrations of new and emerging blockchains, enterprise-grade reliability and high-performance, ensuring developers can scale their applications without performance bottlenecks.

Developer-Friendly Design
Offered through TypeScript, Python and Go SDKs, UI Kits with React components, and as a standard REST API.

Dedicated Support
Available on select plans and includes a dedicated Slack channel.

There are 3 primary developer tools for using the Security API:
 
1. Unified API - enterprise-grade endpoints to use with any programming language. Switch blockchains with one path parameter.

curl -X GET https://api.covalenthq.com/v1/eth-mainnet/nft/approvals/demo.eth/\? \
    -H 'Content-Type: application/json' \
    -u YOUR_API_KEY:

 
2. Client SDKs - official client libraries for TypeScript, Go and Python.
 

import { CovalentClient } from "@covalenthq/client-sdk";

(async () => {
   const client = new CovalentClient("YOUR_API_KEY");
   try {
    const approvals = client.SecurityService.getNftApprovals("eth-mainnet", "demo.eth");
    console.log(approvals.data);
} catch (error) {
    console.log(error.message);
}
})();

 
3. GoldRush Kit - beautifully designed React components for your dApp frontend

See the following links to our API Docs and Guides:
- API Docs: comprehensive knowledge base for all things Covalent
- Guides: learn how to build for various use cases and expand your onchain knowledge