Rabus Security Scanner
/

Overview

Rabus Security Scanner is a professional security analysis service for the Solana ecosystem, designed to evaluate transactions, addresses, and programs for risks and misconfigurations.

Base URL

https://api.rabus.security

API Version: v1. All endpoints below are prefixed with /v1.

Use this API to submit scans, retrieve structured reports, and automate security checks in your pipelines.

Quickstart

  1. Create an account and generate an API key in the Rabus dashboard.
  2. Send a test request to verify connectivity.
  3. Submit a scan and poll for completion or use webhooks.

Ping

Confirm the API is reachable.

curl -s https://api.rabus.security/v1/ping

First scan (transaction)

curl -X POST https://api.rabus.security/v1/solana/scan/transaction \ 
  -H "Authorization: Bearer <API_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "signature": "5pJj...yKcG",
    "network": "mainnet-beta",
    "options": { "ruleset": "default", "severityThreshold": "medium" }
  }'

Authentication

Authenticate using the Authorization header with a Bearer token.

Authorization: Bearer <API_KEY>

Keys are scoped and rate-limited. Rotate keys regularly and store them securely.

Endpoints

Scan Transaction

POST /v1/solana/scan/transaction

Request 
{
  "signature": "5pJj...yKcG",
  "network": "mainnet-beta", // or "devnet"
  "options": {
    "ruleset": "default",
    "severityThreshold": "medium"
  }
}
Response (202 Accepted) 
{
  "scanId": "scn_01J1ZKX6Q1X3M6C0C0X6",
  "status": "queued",
  "resource": "transaction",
  "submittedAt": "2025-06-20T12:34:56Z"
}

Scan Address

POST /v1/solana/scan/address

Request 
{
  "address": "8fj1...KxVZ",
  "network": "mainnet-beta",
  "options": {
    "depth": 100,              // analyze recent N transactions
    "ruleset": "wallet-hardening"
  }
}
Response (202 Accepted) 
{
  "scanId": "scn_01J1ZL3S6K6PB6N8K7ZQ",
  "status": "queued",
  "resource": "address"
}

Scan Program

POST /v1/solana/scan/program

Request 
{
  "programId": "BPFLoaderUpgradeab1e11111111111111111111111",
  "network": "mainnet-beta",
  "options": {
    "sourceHint": "on-chain",
    "ruleset": "program-secure"
  }
}
Response (202 Accepted) 
{
  "scanId": "scn_01J1ZL9V9YV1J6T8Q4R5",
  "status": "queued",
  "resource": "program"
}

Get Scan

GET /v1/scans/{scanId}

Response (200 OK) 
{
  "scanId": "scn_01J1ZKX6Q1X3M6C0C0X6",
  "status": "completed", // queued | running | completed | failed
  "resource": "transaction",
  "summary": {
    "riskScore": 72,
    "severity": "high",
    "issues": 4
  },
  "links": {
    "report": "/v1/scans/scn_01J1ZKX6Q1X3M6C0C0X6/report"
  }
}

Get Report

GET /v1/scans/{scanId}/report

Use Accept to select format: application/json or application/pdf.

curl -H "Authorization: Bearer <API_KEY>" \
  -H "Accept: application/json" \
  https://api.rabus.security/v1/scans/<scanId>/report

List Scans

GET /v1/scans?status=completed&limit=20

Response (200 OK) 
{
  "items": [
    { "scanId": "scn_...", "status": "completed", "resource": "transaction" },
    { "scanId": "scn_...", "status": "failed", "resource": "program" }
  ],
  "nextCursor": null
}

Webhooks

Receive notifications when scans complete or fail.

POST /v1/webhooks

Register 
{
  "url": "https://example.com/webhooks/rabus",
  "events": ["scan.completed", "scan.failed"],
  "secret": "whsec_9U..."
}
Delivery example 
{
  "id": "evt_01J1ZNK8...",
  "type": "scan.completed",
  "createdAt": "2025-06-20T12:35:30Z",
  "data": {
    "scanId": "scn_01J1ZKX6...",
    "resource": "transaction",
    "summary": { "riskScore": 12, "severity": "low", "issues": 0 }
  }
}
Security

Verify the Rabus-Signature header using your webhook secret. Reject unsigned or invalid requests.

Errors

Standardized error structure:

{
  "error": {
    "code": "invalid_request",
    "message": "Signature is required",
    "details": [{ "path": "signature", "reason": "missing" }]
  }
}
  • 400: Invalid request
  • 401: Unauthorized
  • 403: Forbidden
  • 404: Not found
  • 409: Conflict
  • 422: Unprocessable entity
  • 429: Too many requests
  • 500: Server error

Rate Limits

Default: 120 requests/min per API key. Headers:

Rabus-RateLimit-Limit: 120
Rabus-RateLimit-Remaining: 87
Rabus-RateLimit-Reset: 1718205600

Idempotency

Provide Idempotency-Key for safely retrying POST requests.

Idempotency-Key: 2c5bb3c6-1f75-4b4b-8a0c-ef3a0e7d7a41

SDK Examples

JavaScript (fetch)

const BASE_URL = "https://api.rabus.security/v1";
const API_KEY = process.env.RABUS_API_KEY;

async function scanTransaction(signature) {
  const res = await fetch(`${BASE_URL}/solana/scan/transaction`, {
    method: "POST",
    headers: {
      Authorization: `Bearer ${API_KEY}`,
      "Content-Type": "application/json",
      "Idempotency-Key": crypto.randomUUID(),
    },
    body: JSON.stringify({ signature, network: "mainnet-beta", options: { ruleset: "default" } }),
  });
  if (!res.ok) throw new Error(`Request failed: ${res.status}`);
  return res.json();
}

async function getScan(scanId) {
  const res = await fetch(`${BASE_URL}/scans/${scanId}`, {
    headers: { Authorization: `Bearer ${API_KEY}` },
  });
  if (!res.ok) throw new Error(`Request failed: ${res.status}`);
  return res.json();
}

Glossary

  • Ruleset: A predefined set of checks applied during scanning.
  • Risk Score: 0–100; higher means more risk.
  • Severity: low | medium | high | critical

Changelog

  • v1.0: Initial public API and docs.