Summary: HashDit is a docs-first web3 threat-intelligence platform best cataloged as wallet-security and transaction-risk control-plane infrastructure rather than as a simple scam list. Its official API docs expose domain-security, address classification, address poisoning detection, transaction security, transaction simulation, and token-security endpoints across EVM and Solana, which suggests the product is built to sit inside wallet flows, dapp security checks, and pre-signing review layers.
What it does:
Classifies blockchain addresses and identifies EOAs vs contracts plus verification and contract-metadata details
Detects address-poisoning and token-spoofing attacks in user-and-asset context
Scores domains and URLs for phishing or other security risks
Analyzes transactions before or after execution for dangerous patterns, dapp/domain reputation, and approval-risk signals
Simulates EVM transactions and provides token-security analysis for both EVM and Solana assets
Key claims:
The docs homepage says the HashDit API provides threat intelligence for domain security analysis and uses the base URL https://service.hashdit.io with API-key authentication
The official docs index enumerates endpoints for address classification, address poisoning, address security v2, domain security, EVM token security, Solana token security, transaction security, and transaction simulation
The Transaction Security endpoint says it is designed for wallets, signing flows, and transaction-confirmation screens
The Domain Security endpoint says it analyzes domains and URLs and returns risk levels with detailed indicators
The Address Poisoning Detection endpoint says it evaluates whether an address or token is dangerous in the context of a specific user and asset
Whitepaper: No canonical HashDit whitepaper or litepaper surfaced in this pass. The clearest current sources of truth were the official API docs and documentation index; see ../whitepapers/hashdit-primary-sources-2026-04-30.md.