{"schema_version":"2.0.0","metric":"Activity Score","scale":"0-100","window_days":90,"interpretation":"Describes how automated/high-frequency the wallet's on-ledger behavior appears within the last 90 days. This is NOT a risk, compliance, or sanctions score.","levels":{"Low":"Low-frequency, human-paced activity","Medium":"Mixed or moderate automation","High":"High-frequency automation typical of services, exchanges, bots, or market makers","Dormant":"Wallet exists on-ledger but has had no activity in the last 90 days","Unknown":"Node returned no history for this address (likely unactivated)"},"confidence":{"low":"<10 in-window txs, or Unknown classification. Do not branch on this alone","medium":"10-49 in-window txs, or Dormant classification","high":"50+ in-window txs"},"signals":{"DUST_ONLY_ON_QUIET_WALLET":"All in-window payments are dust (<$0.01 USD at current XRP spot) on a Low or Dormant wallet. Possible address-poisoning or beacon attempts.","NET_OUTBOUND_SWEEP":"OUT/IN ratio > 1.5 on a High-activity wallet, consistent with a hot wallet distributing funds.","NET_INBOUND_ACCUMULATION":"IN/OUT ratio > 1.5 on a Medium or High wallet, consistent with accumulation or aggregation.","OFFER_HEAVY_BOT":"Offer churn ratio > 0.5: majority of activity is order placement/cancellation, typical of DEX market-making bots.","MULTI_CURRENCY_GATEWAY":"4+ unique currencies touched, typical of gateways, issuers, or multi-asset services.","BURST_ACTIVITY":"20+ transactions packed into less than 1 hour. Dense short-window cluster typical of automated bursts.","TRUSTLINE_ONLY":"More than half of in-window txs are TrustSet, typical of issuer setup, token-registration, or trustline-management wallets.","HIGH_DUST_RATIO":"Dust payments exceed 20% of 10+ in-window payments. Beacon/poisoning amid otherwise active usage.","DUST_ON_FRESH_WALLET":"Low-activity wallet (5 or fewer in-window payments) has at least one dust payment (<$0.01 USD at current XRP spot). Common pattern of address-poisoning bots targeting newly-activated wallets.","LABELED_EXCHANGE_COUNTERPARTY":"Wallet transacts with a counterparty labeled as a known exchange (via XRPScan). Descriptive flag; does not imply any compliance status.","COUNTERPARTY_ADVISORY":"A top counterparty has a public advisory on XRPScan (e.g., community-flagged as hacked/scam/sanctioned). Always worth surfacing to a human reviewer.","COUNTERPARTY_ADVISORY_TRUSTED":"A top counterparty has a XRPScan advisory whose underlying report is marked trusted by the provider. High-confidence subset of COUNTERPARTY_ADVISORY. Note: as of the latest XRPScan data sweep, no advisories carry trusted: true — this signal is kept for forward compatibility and would only fire if XRPScan begins issuing trusted advisories.","TARGET_ADVISORY":"The scanned address itself has a public advisory on XRPScan. Higher-priority signal than COUNTERPARTY_ADVISORY since it concerns the wallet under review directly.","TARGET_ADVISORY_TRUSTED":"The scanned address has a XRPScan advisory whose underlying report is marked trusted by the provider. High-confidence subset of TARGET_ADVISORY. Note: as of the latest XRPScan data sweep, no advisories carry trusted: true — this signal is kept for forward compatibility and would only fire if XRPScan begins issuing trusted advisories.","SINGLE_COUNTERPARTY_HEAVY":"At least 80% of in-window Payments (10+ minimum) are with the same counterparty, typical of broker/dealer relationships, dedicated settlement wallets, or merchant-to-acquirer flows.","DORMANT_REAWAKENING":"Wallet was silent for 30+ days before the oldest in-window transaction. Activity has resumed after a significant gap.","PASSIVE_COUNTERPARTY":"Target is acting as a passive counterparty rather than an active actor — issuer, AMM pool, or gateway. NET_INBOUND_ACCUMULATION (and, for AMMs, MULTI_CURRENCY_GATEWAY) are suppressed when this signal fires because they describe behavior that doesn't apply to passive roles."},"features":{"tx_types":"Map of TransactionType -> count within the window","direction_in_out":"String 'IN/OUT' count of transactions (target account perspective)","unique_currencies":"Sorted list of currency codes touched","dust_payments_under_usd_0p01":"Count of XRP Payment txs whose value is below $0.01 USD at current XRP/USD spot. USD-anchored so address-poisoning detection stays calibrated as XRP price moves.","offer_churn_ratio":"(OfferCreate + OfferCancel) / total in-window txs, rounded to 0.01","approx_time_span_hours":"Elapsed hours between oldest and newest in-window tx","total_txs_fetched":"Raw txs returned by the node before window filtering","top_counterparties":"List (top-20 by total interaction count) of {address, count, payment_count, direction IN|OUT|MIXED, label | null}. 'count' includes both Payments and OfferCreate fills; 'payment_count' is Payment-only interactions. Labels sourced from XRPScan when available.","target_label":"XRPScan label for the scanned address itself (name, domain, verified, twitter, advisory) when available; null otherwise.","pre_window_gap_days":"Days of silence between the most-recent pre-window transaction and the oldest in-window transaction. null if there are no pre-window transactions (no prior history fetched) or no in-window ones."}}