x402.dailyelo.com
API audits ERC-20 approvals for risk and detects address-poisoning look-alikes to prevent token drains and misdirected transfers.
Trust signal
4 of 4 pillars
coverage 100%
Pillars
Signals
Evidence tiers, not an endorsement · trust model v0.1.0 (provisional) · CDP-lane settlement only (D3) · Trust API coming soon
On-chain traction
ERC-8004 agent registry
Not found in the ERC-8004 agent registry. This is the default state — absence is not a negative signal.
Identity & classification
Settlement volume
USDC settled on-chain · monthly
as of Jul 12, 2026
Endpoints(6)
Before sending funds, check if the recipient is an address-poisoning look-alike. Give us the recipient and your known/intended addresses; we flag when the recipient shares the displayed head AND tail of one you know but differs in the middle — the exact signature of a poisoning attack that fools copy-paste. Deterministic, no LLM, no external calls. Answers an agent's question 'is this really the address I mean?'
Audit standing ERC-20/Permit2 approvals for danger. Raw allowance lookups exist elsewhere; this is the risk layer: pass your current approvals and we rank which to revoke — unlimited allowance, unknown (non-registry) spender, or the classic drainer pattern (unlimited AND unknown). Deterministic, no LLM, no external calls. Answers an agent's question 'which of my approvals are dangerous?'
Pre-send safety check: is this recipient a known malicious address (caught live on Base seeding address-poisoning via zero-value transfer sprays), or a look-alike of an address you trust? Checks our continuously-updated threat DB + deterministic look-alike logic. Answers an agent's 'is it safe to send here?' before every transfer.
Decode an EVM signature request (EIP-712 typed data, Permit/Permit2, or ERC-20 approve calldata) into a structured intent: what token, which spender, how much, until when, plus risk_flags and an action_hint. Deterministic, no LLM. Answers an agent's question 'what am I about to sign?'
Live feed of freshly-detected malicious addresses on Base — address-poisoning seeders caught via zero-value transfer sprays, updated continuously by our on-chain collector. Poll ?since=<unix> to ingest only new threats into your agent's blocklist. Deterministic, evidence-backed, machine-readable.
Why is my x402 service not listed in the Bazaar? Give us your endpoint URL; we fetch your 402 envelope, run the exact SDK validation and extraction functions the CDP facilitator runs, check catalog presence, and return per-check pass/fail with concrete fix hints — including the undocumented requirement that a buyer must echo your bazaar extension into the settle payload. Deterministic, no LLM.