Summary: Harpie is a wallet-security platform that pairs a consumer-facing “on-chain firewall” with API and contract surfaces for address screening, transaction scanning, and automated theft-response. Its strongest primary sources show a system that monitors wallets for suspicious activity, moves assets into a noncustodial vault when its detection stack decides intervention is necessary, and exposes a Background Check API for malicious-address and verified-contract lookups. That makes it better cataloged as theft-response and risk-screening infrastructure than as a simple wallet app, browser extension, or generic scam-warning site.
What it does:
Markets an on-chain firewall that watches wallets for suspicious activity and attempts to move assets to a safer destination when theft is detected
Lets users register a recipient address that can later withdraw recovered assets from a noncustodial vault
Publishes contract docs for a Transferer contract and a Vault contract that describe how emergency transfers and later withdrawals are structured
Exposes a Background Check API that screens Ethereum addresses for hacking, phishing, and other cybercrime associations
Maintains a dataset that the docs describe as covering 1.8M+ malicious addresses and 800k+ verified smart contracts with deployer and contract-name metadata
Appears to be developing a broader API/business surface beyond the original consumer product, including address verification and transaction-scanning docs
Key claims:
The homepage calls Harpie “the first on-chain firewall,” says it monitors wallets “hundreds of times a second,” and says it transfers assets “to a safe location as soon as we detect theft”
The verified GitHub organization describes Harpie as protecting a crypto wallet “for life” and says it is “currently developing our API in stealth,” which helps explain why the docs surface looks more enterprise/API-oriented than the homepage alone
The Background Check API introduction says Harpie screens any Ethereum address for hacking, phishing, and other cybercrime, and that it has indexed over 1.8 million malicious addresses plus 800,000 verified smart contracts
The Transferer contract docs say transfer functions are hardcoded to move assets only to the vault address and not to arbitrary destinations, which is a key architectural clue for understanding the rescue flow
The Noncustodial Vault docs say Harpie’s fee controller can withdraw only fee payments and not user tokens, and they describe an emergency fee-removal path controlled by a multisig with majority control by custodians outside the Harpie team
The contracts docs link a 2022 Sherlock audit, and the public contracts repository still exposes the core Transferer / Vault architecture even though some of the docs pages are rough or unfinished
The current docs repo also contains obvious placeholder/stub pages and code samples, so the public documentation should be treated as directionally useful but not as a polished or fully maintained reference set
Whitepaper: No canonical standalone Harpie whitepaper or litepaper surfaced in this pass. The clearest current source of truth is the official site, verified GitHub organization, public docs repo, and open smart-contract docs; see ../whitepapers/harpie-primary-sources-2026-04-28.md.