BSBsec

Security co-processor for crypto platforms

BSBsec connects to your existing exchange or wallet infrastructure through specific hooks. Minimal disruption to your flows; strong security guarantees. You configure how to enforce each risk level—we return structured, explainable decisions.

Integration model

Withdrawal protection

Primary enforcement layer for loss prevention.

Hook points

  • UI advisory (optional)When user pastes or edits an address. Warn about poisoning, scams, or suspicious tokens before confirmation.
  • Pre-withdrawal (recommended)Before creating the withdrawal request. Server-authoritative; prevents client-side bypass.
  • Signing gate (strongest)Immediately before transaction signing. Prevents internal misuse or automation from bypassing safeguards.

Detection

  • Address similarity scoring
  • Dust transfer analysis
  • Scam cluster detection
  • Exposure checks to risky entities

Deposit monitoring

Risk-aware crediting.

Hook points

  • On deposit detectionWhen deposit is detected. Assess risk before crediting.
  • Before creditingBefore crediting funds to user balance. Block or route to review if needed.

Detection

  • AML typology detection (layering, peel chains, consolidation)
  • Mixer and risky exchange exposure scoring
  • Risk flags for compliance or manual review

Trading & token safety

Protect investment flows.

Hook points

  • Token selectionWhen a token is selected in trading UI. Warn before user commits.
  • Pre-tradeBefore trade confirmation. Final gate before execution.
  • Post-trade (optional)After trade. Monitoring and alerting.

Detection

  • Honeypot detection via simulation and contract analysis
  • Owner privilege detection (minting, blacklist, upgradeability)
  • Liquidity risk (LP locks, concentration)
  • Pump-and-dump anomaly detection

Risk mitigation: graduated actions

Exchanges and wallets map risk levels to the actions that fit their jurisdiction and product. We return a recommended_action; you enforce it.

ALLOWProceed normallyWARNDisplay risk warningSTEP_UPExtra friction (2FA, cooldown, whitelist delay)MANUAL_REVIEWRoute to compliance queueBLOCKPrevent execution

Step-up examples: Address whitelist delays; Mandatory re-authentication; Cooling-off timers for new addresses; Reduced withdrawal limits for high-risk users.

Transparent, auditable, versioned

Per request

  • Stable reason codes describing why risk was flagged
  • Evidence pointers (tx hashes, exposure paths)
  • Confidence and severity levels

System

  • Public documentation of detection categories
  • Versioned ruleset and model change logs
  • Known limitations and coverage notes

Provenance

  • Label sources by category (internal, partner feeds, public lists, sanctions)
  • Confidence scoring and timestamped label history

Audit

  • Append-only decision logs
  • Deterministic replay via decision_id and version metadata

Minimal data, no PII

BSBsec does not require identity data. User risk tiering is handled by your platform.

Inputs we need

  • Blockchain address and chain
  • Asset and amount
  • Optional user_risk_tier (you define tiers; we don’t need identity)

Security

  • HMAC-signed requests
  • Replay protection (nonce and timestamp)
  • Optional mTLS for enterprise
  • Tenant-isolated configuration and policy storage
DocumentationContact us