Before initiating a withdrawal, register the destination address for pre-screening: POST https://api.chainalysis.com/api/kyt/v2/users/{userId}/withdrawaladdresses with body: {"network": "BITCOIN", "asset": "BTC", "address": "<destination_address>"}
Retrieve the address risk rating: GET /api/kyt/v2/users/{userId}/withdrawaladdresses/{address}?network=BITCOIN; check the rating (LOW/MEDIUM/HIGH/SEVERE) and cluster.name fields
Apply your withdrawal policy: block SEVERE and HIGH-rated addresses; queue MEDIUM for enhanced review; allow LOW with audit logging
If allowed, proceed with the withdrawal and register the completed transfer as a sent transfer: POST /api/kyt/v2/users/{userId}/transfers with {"direction": "SENT", "transferReference": "<txHash>:0", "network": "BITCOIN", "asset": "BTC", "amount": <amount>}
KYT updates risk for sent transfers on an ongoing basis but does not retroactively update withdrawal address records — use the sent transfer API to track post-broadcast risk changes
Store Chainalysis rating and timestamp with each withdrawal record; most AML programs require a pre-send screening log retained for 5+ years
Known gotchas
Withdrawal address screening assesses the address cluster's historical exposure; it cannot predict future exposure — a clean address today may receive tainted funds tomorrow, so post-broadcast monitoring via the sent transfer API is also needed
Chainalysis KYT does not block transactions; it provides risk data that your system must act upon — ensure your withdrawal pipeline enforces the hold/block decision before calling the transfer execution API
Rate limits on the withdrawaladdresses endpoint are lower than transfer endpoints; batching multiple addresses in a single operation is not supported — each address must be screened individually
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp