If you are a wallet integrating scam protection at signing time, you will want both — here is why. GoPlus is the API leader for breadth: 30+ chains, multiple security endpoints (token, address, NFT, approval), a mature developer experience. RektRadar is narrower (Ethereum-only at present) but goes deeper on signals that a generic multi-chain API cannot easily produce: real-time mempool, deployer graphs, factory pattern detection, brand-jack ticker hubs.
This post is for the engineer evaluating an integration, not the end user clicking confirm on a wallet. The comparison focuses on what an API consumer cares about: coverage, latency, signal type, and how the two services compose.
What GoPlus does well
GoPlus has been the de-facto API for chain-agnostic security data for a few years now. The strengths an API consumer notices:
- Chain breadth. Ethereum, BSC, Polygon, Arbitrum, Optimism, Base, Avalanche, Solana, and many more. If you are building a multi-chain wallet, the chain coverage matters more than any single signal.
- Multiple security domains. Token Security (is this contract dangerous), Address Security (is this address sanctioned or scam-tagged), NFT Security (is this NFT contract a scam), Approval Security (is this token approval safe). One vendor, four endpoints, mostly consistent shape.
- Mature API surface. Rate-limited free tier, paid tiers for production, predictable JSON responses. Documentation is solid.
- Audit metadata. GoPlus aggregates audit signals from multiple sources, so a token that has a known audit shows up flagged as audited regardless of where the audit was originally published.
- Address blacklist. Sanctions, mixer addresses, known phishing wallets. Useful for any wallet doing pre-send checks.
- Established usage. Many wallets and aggregators already pipe GoPlus calls into their UX. The signal is recognized.
The product shape is API-first. The dashboard exists but the value lives in the endpoints.
What RektRadar adds for an integrator
RektRadar’s API is narrower. We do one chain (Ethereum mainnet) and we focus on signals that come from running our own infrastructure on that chain:
- Real-time mempool watching. Two of our three Ethereum nodes are dedicated mempool shards. The mempool feed is the input to our pre-rug alerts. A multi-chain API that aggregates from public RPCs cannot replicate this without owning the nodes.
- Deployer graph. Every deployer wallet we touch gets clustered. Funders, related deployers, prolific deployers, factory contracts. The graph is queryable and the signals propagate — a contract deployed by a wallet funded by a known scam cluster inherits a higher prior risk.
- Factory pattern detection. Some scam operations push out hundreds of near-identical tokens through factory contracts. We tag the factory, and every contract spawned by it carries that tag.
- Contract bytecode patterns. The bytecode-pattern matching catches scams that share fingerprints across deployers and across token names. This is one of the highest-precision signals in our pipeline.
- Brand-jack ticker hubs. API consumers can query by ticker (
/scam/USDT,/scam/PEPE) and get every contract that has used that ticker, sorted by risk. We documented the data side of this in the top 10 most brand-jacked tokens on Ethereum. - Public dataset. The aggregate dataset is queryable. You can pull historical risk scores and flag distributions for analytics or backtesting, not just per-contract verdicts.
The trade-off is the same as with our TokenSniffer comparison: breadth versus depth. GoPlus is wider; RektRadar is deeper on Ethereum.
Side-by-side comparison
| Capability | GoPlus | RektRadar |
|---|---|---|
| Chains covered | 30+ (multi-chain) | Ethereum mainnet |
| Free tier | Yes (rate-limited) | Yes |
| API style | REST, JSON | REST, JSON |
| Token Security endpoint | Yes | Yes (per-contract scan) |
| Address Security / blacklist | Yes | Partial (deployer-flagged only) |
| NFT Security | Yes | No |
| Approval Security | Yes | No |
| Real-time mempool signals | No | Yes |
| Deployer graph (funders, related deployers) | No | Yes |
| Contract bytecode pattern matching | Limited | Yes |
| Factory pattern detection | No | Yes |
| Audit metadata aggregation | Yes | No |
| Brand-jack ticker hub queries | No | Yes (200+ tickers) |
| Historical dataset queryable | Limited | Yes |
| Latency profile | Cached, low ms | Cached on repeat scan; first scan 8-25s |
A note on latency: a generic multi-chain API can serve cached responses in single-digit milliseconds because the heavy work was done offline. RektRadar’s first scan on a previously unseen contract takes 8 to 25 seconds because we run a full pipeline (source verification, bytecode patterns, honeypot simulation, deployer lookup, graph clustering). Repeat scans on the same contract are cached and return immediately. This matters for integration design: if you call us at signing time, do it asynchronously and have a fallback path for the first-touch case.
Integration patterns
Two patterns have emerged from how integrators actually use both APIs together.
Pattern A: GoPlus first-pass at signing time, RektRadar second-pass for deeper context
A wallet that wants to block obvious scams at the signing step calls GoPlus on every signing event. The latency is sub-second and the chain coverage matches the wallet’s coverage. If GoPlus returns a clear scam verdict, the wallet shows the warning and the user sees it before signing.
When the user clicks “show me why” or navigates to a token detail view, the wallet calls RektRadar in the background to populate the richer view: deployer cluster, related contracts, mempool activity, brand-jack history. The deeper view does not block the signing flow; it enriches the post-signing or pre-buy review.
This pattern matches the latency profiles. Fast-path uses GoPlus, slow-path uses RektRadar.
Pattern B: RektRadar as the Ethereum specialist, GoPlus everywhere else
A more aggressive integrator routes Ethereum traffic to RektRadar (because the deployer graph and mempool signals catch scams that pass a generic audit) and routes all other chains to GoPlus. Each chain gets its best-fit signal source.
This pattern is more work to build because the integration has to handle two API shapes, but the per-chain signal quality is higher. Wallets with significant Ethereum traffic and a security-focused brand position tend to land here.
Pattern C: Both APIs, fused score
Some integrators call both on every Ethereum scan and combine the verdicts into a single score. The fusion logic is product-specific: take the maximum risk, take a weighted average, surface both with a “two of two flagged this” note when they agree. This is the highest-confidence integration but it doubles the API call cost and the maintenance surface.
We see all three patterns in production. Pattern A is the most common because it minimizes risk to the signing UX. Pattern B is favored by Ethereum-heavy products. Pattern C shows up in compliance-sensitive contexts where false negatives are very expensive.
When to use GoPlus only
If you support many chains and your priority is a single integration that covers all of them, GoPlus is the right starting point. The breadth is a real advantage, the API is mature, and the documentation reduces integration time.
If your product needs NFT or approval security signals, GoPlus has those endpoints and we do not. The token-only scope of RektRadar is intentional but it is a scope.
When to use RektRadar only
If you are Ethereum-only and you care about catching repeat-offender deployers, factory-spawned scam batches, and pre-rug mempool activity, RektRadar’s signals are built for that case. Our ticker hub pages also let your users discover related scams from a single query, which a per-contract API cannot easily reproduce.
If you want a public, shareable report URL on every scan — something your users can send to friends — RektRadar produces those automatically.
When to use both
For any production integration of meaningful scale on Ethereum, both. The signals are independent enough that running both is genuinely additive, and the cost (one extra API call, one extra integration) is low compared to the cost of a missed honeypot.
The seven concrete pre-buy checks in How to detect an Ethereum scam token are the manual version of what these APIs automate. If you are designing the wallet flow, that post is a useful reference for which signals matter and in what order to surface them.
Honest verdict
GoPlus is breadth. RektRadar is depth on Ethereum specifically. The two tools are not in serious competition for the same integrator slot — they are most useful when composed.
If your team is integrating scam protection from scratch and you support more than two chains, start with GoPlus and add RektRadar as the Ethereum specialist when you want stronger pre-rug coverage. If you are Ethereum-only and your users are exposed to brand-jacks and repeat-deployer scams, RektRadar carries more of the load and GoPlus becomes the cross-check.
For the broader product context, see Why we built RektRadar and the comparison with the canonical block explorer in RektRadar vs Etherscan.