Multi-chain deposit and withdrawal monitoring, signed webhooks, a non-custodial HD payment gateway, a real-time stream, and AML screening. All JSON is camelCase; list endpoints return a paged envelope.
Base: https://api.arguspulse.net + /api/v1. Two tenant-scoped schemes: a Keycloak JWT (Authorization: Bearer <token>) for user/admin sessions, or an API key (X-API-Key: <key>) for machine-to-machine. Scoped keys carry read and/or write; a read-only key making a write gets 403.
# list endpoints return a paged envelope (pageSize clamped to 100) { "items": [...], "totalCount": 0, "page": 1, "pageSize": 20, "totalPages": 0, "hasNextPage": false, "hasPreviousPage": false } # errors: 4xx → { "error": "<message>" }, 429 on quota/rate limit. Stack traces never leaked.
/api/v1/wallets - track addresses; detections fire webhooks and the live stream
{ network, address, label?, direction? } - direction: Both | IncomingOnly | OutgoingOnly./api/v1/webhooks - HMAC-SHA256 signed, retried, dead-lettered. Verify every delivery.
{ network?, url, secret, deliveryMode?, channelType?, directionFilter?, assetFilter? }. channelType: 0 Webhook · 1 Slack · 2 Telegram. URLs are SSRF-validated; secrets AES-GCM encrypted at rest.{ success, statusCode, error?, eventId }.?network=). Replay: POST /deliveries/{id}/replay.# headers on every delivery X-ArgusPulse-Event-Id: <event id> X-ArgusPulse-Timestamp: <unix seconds> X-ArgusPulse-Signature: sha256=<hex> hex = lowercase( HMAC_SHA256( secret, `${timestamp}.${rawBody}` ) ) # reject if computed != header, or |now - timestamp| > 300s (replay guard)
/api/v1/payments - non-custodial: xpub once per network, a fresh BIP32 address per session. EVM / TRON / Bitcoin (Solana ed25519 not supported).
{ network, xpub, callbackSecret? } - validated by a test derivation; returns masked xpub.{ network, asset?, expectedAmount?, reference?, callbackUrl? } → session with a unique address. reference makes it idempotent. Lifecycle: Pending → Detected → Confirmed (or Expired).live detections, reconciliation export, on-chain balances
text/event-stream of new detections (event: detection). Use fetch-streaming (not EventSource) for the auth header; optional ?since=<ISO> backfill. The SDK's streamDetections() async generator handles it.400.every counterparty auto-screened against a sanctions / OFAC SDN blocklist, with a 0-100 risk score
?status=Open|Resolved|Dismissed; each alert carries a riskScore (0-100). Badge: /aml/alerts/open-count.{ notes? }. Every counterparty is screened automatically; you triage your own alerts.An interactive OpenAPI / Swagger explorer is served at GET /swagger on a development instance (intentionally disabled in production so the API surface is not exposed). For code samples in TypeScript, Python, and PHP, see the Quickstart.