NEMESIS
Enterprise API Gateway
Hub
ID
Audit
# NEMESIS Enterprise API Documentation ## OmniChain Blockchain Intelligence & Digital Forensics Platform **Version:** 2.0 Enterprise **API Gateway:** Cloudflare Workers Edge (`nemesis-api`) **Compute Engine:** FastAPI Intelligence Core **Transport:** HTTPS • WebSockets • HTTP/2 • HTTP/3 **Architecture:** Edge-First • Multi-Cloud • Event-Driven • Zero-Trust --- # Overview The **NEMESIS Enterprise API** provides a unified interface for blockchain intelligence, digital forensics, cryptocurrency tracing, OSINT correlation, darknet intelligence, AI-assisted investigations, and cross-chain entity resolution. The platform is composed of two major investigative modules: * **NEMESIS Tracer Engine** — Multi-chain forensic tracing, graph analysis, and transaction intelligence. * **NEMESIS ID Engine** — Universal entity intelligence, wallet profiling, behavioral analytics, attribution, and knowledge graph construction. All client requests terminate at the **Cloudflare Edge API Gateway**, where authentication, authorization, caching, observability, telemetry, and request validation are enforced before secure proxying to the FastAPI Intelligence Engine. --- # System Architecture ```text Client Applications │ ▼ ─────────────────────────────────────────────── Cloudflare Edge ─────────────────────────────────────────────── • API Gateway • WAF • Zero Trust • Rate Limiting • Bot Protection • JWT Validation • Edge Cache • WebSocket Gateway ─────────────────────────────────────────────── │ ▼ FastAPI Intelligence Engine ─────────────────────────────────────────────── • Blockchain Tracer • Entity Resolution • AI Intelligence • Playwright • Graph Engine • Investigation Engine ─────────────────────────────────────────────── │ ▼ Data Layer ─────────────────────────────────────────────── • MongoDB • PostgreSQL • Neo4j • Redis • R2 Storage • D1 • KV ─────────────────────────────────────────────── ``` --- # Core Platform Capabilities The NEMESIS platform provides: * OmniChain blockchain tracing * Cross-chain transaction correlation * Wallet intelligence * Entity resolution * Behavioral analytics * Risk scoring * Exchange attribution * Smart contract analysis * ABI decoding * AI-powered forensic analysis * Darknet intelligence * OSINT aggregation * Threat actor profiling * Graph visualization * Investigation case management * Evidence generation * Real-time event streaming --- # Authentication All API requests must include a valid authentication token. ```http Authorization: Bearer
``` Administrative endpoints additionally require elevated privileges through RBAC policies enforced at the Cloudflare Edge. --- # Content Types ```http Content-Type: application/json Accept: application/json ``` --- # API Versioning **Current Version:** `v1` **Base URL:** `https://api.nemesisintel.com` **Development:** `https://dev-api.nemesisintel.com` --- # NEMESIS Tracer Engine The Tracer Engine performs forensic reconstruction of blockchain activity across multiple blockchain ecosystems. Supported capabilities include: * Bitcoin tracing * Ethereum tracing * BNB Chain * Polygon * Arbitrum * Optimism * Avalanche * Tron * Solana (planned) * Cross-chain bridge analysis * Mixer detection * Exchange attribution * Money flow reconstruction --- ## Start Investigation ### Endpoint ```http POST /api/start_trace ``` Creates a new forensic investigation. ### Request ```json { "seeds": [ "0x123...", "bc1q..." ], "target_amount": 5.5, "target_currency": "USD", "start_date": "2024-01-01", "end_date": "2024-12-31", "chain_override": "AUTO", "max_depth": 12, "max_hops": 1000, "include_internal_transactions": true, "include_token_transfers": true, "include_contract_calls": true, "risk_threshold": 75 } ``` ### Response ```json { "status": "accepted", "trace_id": "TRACE-20260701-9A82FD", "nemesis_id": "NEMESIS-178280000", "queued": true, "estimated_duration": "45 seconds" } ``` ### Investigation Lifecycle ```text CREATED → QUEUED → INITIALIZING → DISCOVERING → ANALYZING → CORRELATING → AI ENRICHMENT → GRAPH BUILDING → REPORT GENERATION → COMPLETED ``` --- # Real-Time Streaming ## Endpoint ```http WS /ws/{trace_id} ``` Maintains a persistent bidirectional connection between the investigation engine and the visualization interface. ## Stream Events The WebSocket streams structured investigation events including: * Investigation initialization * Wallet discovery * Transaction discovery * Entity correlation * Balance updates * Smart contract interactions * AI observations * Risk alerts * Graph node creation * Graph edge creation * Investigation completion ### Example Event ```json { "event": "wallet_discovered", "timestamp": "2026-07-01T12:32:44Z", "wallet": "0x123...", "risk_score": 82, "label": "Possible Exchange Hot Wallet" } ``` --- # Deep Evidence Analysis ## Endpoint ```http POST /api/deep_evidence ``` Performs advanced forensic analysis using multiple intelligence providers and AI. Capabilities include: ABI decoding, Contract analysis, Function signature identification, Transaction explanation, Cross-chain correlation, Risk scoring, Behavioral interpretation, AI-generated forensic narrative. ### Example Response ```json { "summary": "...", "risk_score": 84, "confidence": 97, "decoded_abi": {}, "entity_matches": [], "related_transactions": [], "recommendations": [] } ``` --- # NEMESIS ID Engine The NEMESIS ID Engine constructs a unified digital identity for blockchain entities. It correlates: Wallet addresses, Smart contracts, Exchanges, Bridges, Mixers, ENS domains, Darknet identities, OSINT artifacts, Investigation history. ## Search ```http GET /api/nemesis_id/search ``` Supported query types: Nemesis ID, Wallet Address, Transaction Hash, Trace ID, ENS Domain, Entity Name. ### Example Response ```json { "nemesis_id": "...", "entity_type": "Wallet", "risk_score": 73, "confidence": 96, "wallets": [], "labels": [], "aliases": [], "investigations": [], "relationships": [] } ``` --- # Wallet Intelligence ```http GET /api/wallet_profile/{address} ``` Returns comprehensive wallet intelligence including: Native balance, Token balances, NFT holdings, Portfolio valuation, Chain activity, Labels, Risk score, Exchange exposure, AML indicators, Sanctions screening, Historical activity. --- # Deep Blockchain Scraping ```http GET /api/deep_scrape/{address} ``` Launches the Playwright Intelligence Engine for browser-based acquisition of blockchain explorer data. Collected data includes: Complete transaction history, Internal transactions, ERC-20/721/1155 transfers, Contract interactions, Gas statistics, Address labels, Explorer metadata. --- # Darknet Intelligence ```http GET /api/darknet/search ``` Queries the NEMESIS Darknet Intelligence Repository. Searches include: Onion services, Threat actor aliases, Cryptocurrency addresses, Email addresses, Usernames, Market listings, Data leaks, Credential dumps, Intelligence reports. --- # Administrative APIs Administrative endpoints expose operational capabilities including: ```http POST /api/login GET /admin/health GET /admin/traces GET /api/admin/cases POST /api/admin/cases GET /api/admin/db_stats GET /api/admin/config POST /api/admin/config ``` These endpoints require administrative authentication and are intended for internal operational use. --- # Error Model All errors follow a consistent schema. ```json { "success": false, "error": { "code": "TRACE_NOT_FOUND", "message": "Investigation could not be located.", "details": {} } } ``` Common HTTP status codes include: | Code | Meaning | |---|---| | 200 | Success | | 201 | Created | | 202 | Accepted | | 400 | Bad Request | | 401 | Unauthorized | | 403 | Forbidden | | 404 | Not Found | | 409 | Conflict | | 422 | Validation Error | | 429 | Rate Limited | | 500 | Internal Server Error | | 503 | Service Unavailable | --- # Cloudflare Edge Services The API is deployed behind Cloudflare Enterprise and integrates with: Workers, KV, D1, R2, Durable Objects, Queues, Browser Rendering, AI Gateway, Analytics Engine, Zero Trust, WAF, API Shield, Rate Limiting, Smart Placement, Logpush, Observability, Vectorize (planned), Hyperdrive (planned). --- # Security The platform follows a defense-in-depth model incorporating: Zero Trust Architecture, TLS 1.3, JWT Authentication, Role-Based Access Control (RBAC), API Shield, Schema Validation, WAF Protection, DDoS Mitigation, Bot Detection, Request Signing, Audit Logging, End-to-End Encryption, Secret Management, Principle of Least Privilege.