The results page for a completed EVM wallet forensics run. The page
has 11 tabs: Timeline, Findings, Dust, Fund Flow, Counterparties,
Approvals, Attacks, Post-Mortem, Reconstruction, Compliance, and
Evidence. A risk score summarises the wallet across the forensic
components.
Why it exists
Wallet investigation needs more than a transaction list — it needs
timeline correlation, approval risk, counterparty profiles,
post-mortem narrative, and an evidence package for reporting. Each
of those is a distinct view, so the page exposes them as a consistent
tab set instead of one scrolling dump.
Who uses it
Forensics analyst — investigates a suspect wallet from
multiple angles.
Compliance officer — reviews the Compliance tab and exports
the Evidence package.
How to open it
From /evm-eoa-analyze after a successful run.
From the Wallets inventory — click a wallet card.
Direct URL — /evm-eoa?network=<chain>&address=<0x…>.
Using the page
Risk score — summary score with per-component breakdown.
Timeline — chronological list of wallet events.
Findings — detector hits for this wallet.
Dust — dust-attack indicators.
Fund Flow — canvas-rendered flow graph of inbound and
outbound value.
Counterparties — profiled interaction partners with risk
signals.
Approvals — outstanding ERC-20 / ERC-721 approvals and their
risk.
Attacks — attack patterns matched against the wallet’s
activity.
Post-Mortem — narrative reconstruction of a security event.