Create a value list with item_type: ip_address via POST /v1/radar/value_lists with alias (e.g., blocked-ips) and name.
Add high-risk IP addresses to the list via POST /v1/radar/value_list_items with value_list and value (the IP address string).
In Radar Rules (Dashboard or POST /v1/radar/rules), create a rule: block if ::ip_address:: in @blocked-ips — this evaluates the card holder's checkout IP against the list at payment attempt time.
To block entire CIDR ranges, you cannot use the value list directly; instead, use the ::ip_address:: attribute with comparison operators in a rule predicate such as: block if starts_with(::ip_address::, '192.168.1.').
Monitor rule trigger counts and revenue impact in the Radar Dashboard before enabling block rules; consider setting to review mode first to observe matches without blocking.
Known gotchas
IP address value lists store individual IP strings — CIDR range blocking requires rule predicate logic, not list membership, because value lists perform exact string matching.
IPv4 and IPv6 addresses are treated as distinct strings; if your risk signals include both formats for the same host, add both representations.
Radar only has access to the IP address passed at payment intent confirmation time by Stripe.js or the server-side ip_address parameter; server-side integrations must explicitly pass ip_address or it will be null and the rule will not fire.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp