One of the hardest open problems in crypto compliance is deceptively simple: What kind of wallet are we dealing with?
- Is it a custodial wallet operated by a VASP?
- Is it a self-hosted wallet controlled by an individual or business?
- Is there a known entity behind it?
- Can we trust the attribution?
- And what should a compliance team do when the answer is not obvious?
Today, we are introducing KYW – Know Your Wallet, a new wallet intelligence feature designed to help compliance teams answer these questions with greater operational confidence.
We believe this is significant because KYW brings together multiple layers of intelligence that are usually fragmented across separate tools, databases, partner ecosystems, and manual workflows. Instead of relying on a single source of truth, KYW combines internal VASP intelligence, partner network data, blockchain analytics, wallet verification status, risk signals, and behavioral heuristics into one structured wallet intelligence response.
As far as we know, wallet intelligence at this level – combining real-time attribution, confidence scoring, deep entity context, risk information, verification status, and fallback behavioral detection – has not yet been brought together in this way for Travel Rule and crypto compliance workflows.
Why This Matters
The distinction between custodial and self-hosted wallets is central to crypto compliance. For Travel Rule frameworks, this answer determines your exact workflow: whether a VASP-to-VASP information exchange must be triggered, whether additional counterparty details must be collected, whether wallet ownership requires cryptographic verification, or whether a transaction should be escalated for immediate risk review.
But in practice, the answer is rarely clear-cut.
A raw wallet address does not reveal who controls it. Even when leveraging third-party blockchain analytics, partner networks, and internal data repositories, compliance teams frequently run into an operational wall where attribution is incomplete, stale, conflicting, or simply unavailable. This leaves compliance officers stuck in a grey area, forcing them to choose between stalling a user’s transfer with manual questionnaires or applying an unverified risk-based fallback policy.
KYW was built to make that pre-transaction routing decision informed, explainable, and consistent.
What KYW Does
KYW analyzes a target wallet address pre-transaction and returns enriched intelligence, including:
- Whether the wallet is likely custodial or non-custodial;
- The confidence level and numerical score behind that classification;
- The precise reasoning and attribution code for the classification;
- Whether the wallet has been verified via internal proof flows;
- Enriched entity profiles for identified VASPs (including in-network status, regulatory registrations, jurisdictions, and MiCA compliance);
- Risk assessment metrics;
- An audit log reference for long-term traceability and regulatory reporting.
The goal is not just to return a generic label. The goal is to explain exactly why a wallet was classified a certain way, what evidence supports that conclusion, and what additional context is available to automate your compliance decision-making.
How It Works: The Layered Intelligence Model
Instead of relying on a single system, KYW runs through a sequential, multi-step cascading validation pipeline to compile the strongest available evidence.
1. Check Known Internal Intelligence
KYW first checks whether the wallet or related entity is actively known within our internal VASP and entity intelligence database. If it is connected to an active platform tenant, it resolves immediately to a high-confidence VASP profile (while keeping internal tenant identifiers strictly masked for privacy).
2. Use Partner and Network Intelligence
If the wallet belongs to a verified counterparty or network participant across our broader ecosystem, KYW can utilize that shared cross-network data to establish attribution.
3. Use Blockchain Analytics Attribution
KYW incorporates multi-vendor blockchain analytics signals to detect whether the address belongs to a known exchange, custodian, or service provider. Our API code automatically maps and filters these responses to distinguish between centralized services and popular non-custodial software providers. This is the same logic that is used in our Travel Rule message identification and routing.
4. Use Wallet Verification Where Available
If a wallet has already been verified on our platform through a self-hosted wallet signature proof or Satoshi test, KYW treats this as authoritative evidence of a non-custodial assignment.
5. Apply Internal Behavioral Heuristics
When no direct database match or analytics tag exists, our internally built, comprehensive heuristic engine takes over. This engine analyzes live blockchain data, evaluating a sophisticated combination of different transactional patterns, activity timeframes, and on-chain data points to determine whether the wallet behaves like custodial infrastructure or a private key holder.
System Limitation Disclaimer: Of course, if a wallet is completely new, possessing zero transaction history, native funding records, or historical links to other addresses on the ledger, no behavioral intelligence can be extracted – a native limitation that our system flags by returning an UNKNOWN type with a LOW confidence score.
What KYW Returns: Enriched Data Examples
Below are a few examples of the structured compliance payloads returned by the api/aml/kyw endpoint:
Example 1: Registered Platform VASP Match
When an address is matched to a known VASP operating within our ecosystem, the API returns a high-confidence custodial identification, providing direct access to the entity’s profile, risk assessment, and platform metadata.
{
"id": "8b8f3fab-de78-45b7-8df9-c92f36a6c0a6",
"address": "0x32Be343B94f860124dC4fEe278FDCBD38C102D88",
"blockchain": "Ethereum",
"walletType": "CUSTODIAL",
"confidenceScore": 90,
"confidence": "HIGH",
"isVerified": false,
"attributionReasonCode": "REGISTERED_PLATFORM_TENANT_WALLET",
"attributionReason": "The wallet address matches a wallet registered by a CryptoSwift platform tenant.",
"riskScore": {
"score": 37,
"severity": "medium"
},
"entityInfo": {
"entityId": "76ce1686-d44f-5d64-b120-afba4bcc5145",
"name": "Poloniex.com",
"type": "exchange",
"isVerified": false,
"inNetwork": true,
"isRiskAssessed": true,
"isMicaCompliant": false,
"belongsToWarningList": true,
"url": "https://poloniex.com/",
"riskAssessment": {
"score": 37,
"severity": "medium"
},
"logo": "https://s2.coinmarketcap.com/static/img/exchanges/64x64/16.png",
"dateLaunched": "2014-01-10T00:00:00.000Z",
"spotVolumeUsd": 831594579.8480098
},
"auditLogId": "8b8f3fab-de78-45b7-8df9-c92f36a6c0a6"
}
Example 2: Enriched VASP Match via Analytics
When a wallet is mapped to an enterprise exchange, the API provides deep regulatory and structural insight – including a comprehensive legal entity registry, jurisdictions, and risk severity.
{
"id": "3ee2c0bc-aef6-4568-a484-3454175cb15a",
"address": "0x05ff6964D21e5dAE3b1010D5AE0465b3c450F381",
"blockchain": "Ethereum",
"walletType": "CUSTODIAL",
"confidenceScore": 50,
"confidence": "MEDIUM",
"isVerified": false,
"attributionReasonCode": "DETECTED_VIA_BLOCKCHAIN_ANALYTICS",
"attributionReason": "Blockchain analytics identified the wallet owner as Kraken.com.",
"riskScore": 11,
"entityInfo": {
"entityId": "e51453ff-f0ed-52be-997c-e1c64cfdf615",
"name": "Kraken.com",
"type": "exchange",
"inNetwork": true,
"isRiskAssessed": true,
"isMicaCompliant": true,
"belongsToWarningList": false,
"countries": ["Ireland", "United States", "United Kingdom", "Canada"],
"url": "https://www.kraken.com/",
"riskAssessment": {
"score": 11,
"severity": "low"
},
"legalEntities": [
{
"country": "United Kingdom",
"regulator": "Financial Conduct Authority (FCA)",
"entityName": "PAYWARD LTD.",
"referenceNo": "928768"
},
{
"country": "Ireland",
"regulator": "Central Bank of Ireland (CBI)",
"entityName": "Payward Europe Solutions Limited",
"referenceNo": "C468360"
}
]
},
"auditLogId": "3ee2c0bc-aef6-4568-a484-3454175cb15a"
}
Example 3: Unlabeled Custodial Infrastructure Caught by Heuristics
If a VASP uses a new unindexed deposit wallet, traditional static lookups fail. Our internal behavioral engine catches it by evaluating machine-driven transaction patterns, allowing your system to maintain an automated Travel Rule routing flow.
{
"id": "bda11a17-4a50-40d2-a2b3-10662d293bb1",
"address": "0x05ff6964D21e5dAE3b1010D5AE0465b3c450F381",
"blockchain": "Ethereum",
"walletType": "CUSTODIAL",
"confidenceScore": 90,
"confidence": "HIGH",
"isVerified": false,
"attributionReasonCode": "HEURISTIC_AUTOMATED_PATTERNS",
"attributionReason": "Behavioral heuristics indicate automated custodial wallet patterns: automated_sweeping.",
"riskScore": null,
"entityInfo": null,
"auditLogId": "bda11a17-4a50-40d2-a2b3-10662d293bb1"
}
Example 4: Non-Custodial Identification via Behavioral Footprint
When an address exhibits signatures consistent with private-key control (such as standard decentralized Web3 contract executions or specific genesis funding patterns), the engine isolates it as non-custodial, even if it has never explicitly interacted with your platform before.
{
"id": "ef739c24-7b06-4320-baa1-8fa4ef71228a",
"address": "0x3e069aeac00a0b098fcf1310eea3ea9a940325d3",
"blockchain": "Ethereum",
"walletType": "NON_CUSTODIAL",
"confidenceScore": 50,
"confidence": "MEDIUM",
"isVerified": false,
"attributionReasonCode": "HEURISTIC_WEB3_AND_GENESIS_SIGNATURES",
"attributionReason": "Behavioral heuristics indicate private-key ownership through Web3 activity or genesis funding patterns.",
"riskScore": null,
"entityInfo": null,
"auditLogId": "ef739c24-7b06-4320-baa1-8fa4ef71228a"
}
These are just a few examples of how the endpoint delivers clarity. Our internal heuristic engine possesses a wide array of underlying pattern-detection capabilities, and we are continuously expanding and refining its analytical models over the coming months to keep pace with changing on-chain behaviors.
Why Confidence Scores Matter in Practice
Crypto compliance is rarely binary, and treating it as such creates immense operational friction.
Some attributions are backed by verified corporate cryptography; others are inferred via live behavioral data. By returning both a discrete confidenceScore and a structured confidence tier (HIGH, MEDIUM, LOW), KYW allows compliance teams to build highly nuanced, risk-based automation rules within their transaction systems:
- High-Confidence Custodial Result: Automatically triggers a Travel Rule counterparty lookup and queues the transaction payload for messaging.
- Medium-Confidence Non-Custodial Result: Seamlessly serves the user a digital wallet ownership declaration screen in the frontend UI, minimizing drop-offs.
- Low-Confidence / Heuristic Result: Routes the transaction for enhanced monitoring or a quick internal review without outright rejecting the user’s request.
The purpose is not to replace human compliance judgment, but to provide compliance teams with the structured, auditable evidence required to defend their decisions to regulators.
A New Layer of Wallet Intelligence
By combining multiple fragmented intelligence sources with real-time confidence scoring, rigorous attribution reasoning, and an internal behavioral fallback engine, KYW gives compliance operations a complete, clear, and actionable view of the wallets interacting with their platform.
We built KYW because modern crypto enterprises need an explicit, explainable answer to one of the industry’s most critical compliance questions: Who controls this wallet, and how confident are we?
Find out more in our Compliance Workflows documentation page.
If you are interested in our KYW solution, feel free to reach out to us!