Detect spam NFTs with Center

Center now flags collections suspected to be spam.

With the increase in popularity of NFTs, there has also been an increase in the prevalence of spam collections. These low-quality NFTs are often airdropped directly to users without their knowledge, which can degrade their experience when using dapps or viewing the NFTs in their wallet. They may even contain malicious links designed to exploit users and drain their wallets.

Builders want to create the best experiences for users, which means identifying spammy collections and, often, filtering them out automatically. This can be difficult to do from scratch – often requiring complex detection models and large datasets. Despite the challenge, with user experience at stake this is increasingly becoming a non-negotiable requirement when building NFT-related applications.

We can help solve this problem. Our getCollection endpoint now contains the following fields:

  • isSpam: Boolean that signifies if the collection is flagged as spam
  • spamReasons: Reasons why the collection has been flagged as spam

Reasons for flagging a collection as spam include:

  • multiple_mints: Tokens in the collection have minted multiple times (ERC721s only)
  • supply_mismatch: Collection total supply (in contract) does not match actual number of tokens
  • manual_review: Manually flagged as spam by Center team (or one of our users)

While the above heuristics help to indicate a collection might be spam, we also employ other checks to make sure that we provide accurate information to our users. Collections with significant trading volume, for example, are more likely to be flagged as legitimate, even if they meet one of our spam criteria.

We will be continuing to refine our spam detection model over the next several weeks and welcome feedback.

Check out an example below:

Call getCollection for 0x795091d2d91717569bbf72f8856b6623a93d9398:

curl --request GET \
     --url https://api.center.dev/v1/ethereum-mainnet/0x795091d2d91717569bbf72f8856b6623a93d9398 \
     --header 'X-API-Key: test' \
     --header 'accept: application/json'

Response:

{
  "address": "0x795091D2d91717569bBF72F8856B6623a93D9398",
  "name": "Possessed",
  "small_preview_image_url": "https://cdn.center.app/1/0x795091D2d91717569bBF72F8856B6623a93D9398/11/64fa60c75f1f3f2ed0f040788c0b85d41ba9c12d62d6c5cbf13199c4baf8170e.gif",
  "smallPreviewImageUrl": "https://cdn.center.app/1/0x795091D2d91717569bBF72F8856B6623a93D9398/11/64fa60c75f1f3f2ed0f040788c0b85d41ba9c12d62d6c5cbf13199c4baf8170e.gif",
  "symbol": "pssssd",
  "url": "https://center.app/collections/0x795091D2d91717569bBF72F8856B6623a93D9398",
  "creator": "0x68df1e57604286895959c6213B3e4a7F8Dc9081a",
  "owner": "0x68df1e57604286895959c6213B3e4a7F8Dc9081a",
  "numAssets": 1439,
  "isSpam": true,
  "spamReasons": ["multiple_mints", "supply_mismatch"]
}

See the last two fields in this response – the API has flagged this collection as spam, because the total supply specified in the contract (25) does not match the actual number of assets (1439) and multiple token IDs have been minted more than once. Possessed is clearly a spam collection.

Other requests or ideas? Please submit a feature request or reach out to our support team.