Every time a major crypto hack happens — Bybit ($1.5B), Ronin ($625M), WazirX ($235M) — the funds move on-chain in plain sight. The entire trail is public. Anyone can see it on Etherscan.
But following that trail across multiple hops, multiple chains, through mixers and bridges? That requires tools that cost $30K+/year.
So I built ChainHint.
What it does
- Multi-hop BFS fund tracing across 11 EVM chains + Bitcoin, Solana, TON
- Real-time OFAC sanctions screening via Chainalysis integration
- Mixer & Tornado Cash detection
- Entity resolution across 3.9M+ labeled addresses (CEX, DEX, bridges, known exploiters)
- AI-powered incident reports with MITRE ATT&CK threat mapping
- Wallet monitoring with automated alerts
The stack
- Frontend: Lovable (React)
- Backend: Supabase (PostgreSQL + Edge Functions + pg_cron)
- Tracing: Moralis BFS + Bitquery GraphQL V2
- Entity data: Arkham Intel API + Dune Analytics + dawsbot/eth-labels
- AI reports: Claude API (Haiku) with MITRE ATT&CK prompting
- Payments: NOWPayments (no Stripe in Ukraine)
The hard parts
The trickiest problem was entity resolution at scale. We ingest labeled addresses from multiple sources, normalize them (BTC addresses can't be lowercased — learned that the hard way), and resolve them in real-time during tracing.
The second hard part: Arkham's API has aggressive rate limits. We ended up with a 3s timeout per request, max 10 concurrent lookups, and careful error distinction between timeouts and network errors.
Try it
Free tier available at https://chainhint.com
Happy to answer questions about the forensics approach, the BFS algorithm, or the Supabase edge function architecture.
Top comments (0)