> ## Documentation Index > Fetch the complete documentation index at: https://docs.nshield.org/llms.txt > Use this file to discover all available pages before exploring further. # Scan Transaction > Analyze a Solana transaction before signing. Returns verdict, score, decoded actions, balance diffs, and explanations. Use this to preflight transactions at sign time. Ideal for wallets, agents, and backends that need human-readable risk. ## OpenAPI ````yaml POST /v1/wallet/tx openapi: 3.0.3 info: title: NovaShield Security Engine description: >- Enterprise-grade security scanning API for Solana. Analyze transactions, tokens, addresses, and dApps before user interaction. version: 3.0.0 contact: name: NovaShield url: https://nshield.org servers: - url: https://api.novashield.so description: Production - url: https://sapi.novashield.so description: Staging security: [] tags: - name: Security Scanning description: >- Core security scanning endpoints for transactions, tokens, addresses, and dApps paths: /v1/wallet/tx: post: tags: - Security Scanning summary: Scan transaction (wallet) description: >- Analyze a transaction before signing. Returns risk assessment with detailed explanations, decoded actions, and balance changes. requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/ScanTransactionRequest' responses: '200': description: Transaction analysis complete content: application/json: schema: $ref: '#/components/schemas/ScanTransactionResponse' '400': $ref: '#/components/responses/BadRequest' '500': $ref: '#/components/responses/InternalError' components: schemas: ScanTransactionRequest: type: object required: - chain - tx_base64 - wallet_address properties: chain: type: string enum: - solana description: Blockchain network (currently only Solana supported) tx_base64: type: string description: Base64-encoded serialized transaction wallet_address: type: string description: User's wallet public key example: 7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAsU context: type: object description: Optional context about the transaction origin properties: source: type: string enum: - wallet - backend - agent description: Transaction source type dapp_domain: type: string description: Originating dApp domain (if applicable) example: app.raydium.io ui_flow_id: type: string description: Optional identifier for tracking example: chain: solana tx_base64: AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA... wallet_address: 7xKXtg2CW87d97TXJSDpbD5jBkheTqA83TZRuJosgAsU context: source: wallet dapp_domain: app.raydium.io ScanTransactionResponse: type: object properties: verdict: type: string enum: - safe - suspicious - malicious description: Overall risk verdict score: type: number minimum: 0 maximum: 1 description: Risk score (0.0 = safe, 1.0 = critical) example: 0.15 summary: type: string description: Human-readable transaction summary example: This transaction swaps 2 SOL for 1000 tokens on Raydium. details: type: object properties: actions: type: array description: Decoded transaction instructions items: type: object properties: type: type: string enum: - TRANSFER - SWAP - APPROVE - SET_AUTHORITY - CLOSE_ACCOUNT - CREATE_ACCOUNT - OTHER programId: type: string programName: type: string from: type: string to: type: string mint: type: string amountUi: type: number balance_diffs: type: array description: Expected balance changes items: type: object properties: address: type: string mint: type: string deltaUi: type: number description: Balance change (negative = outflow) flags: type: array description: Risk flags triggered items: type: string example: - UNLIMITED_APPROVAL_UNKNOWN - NEW_PROGRAM_SENSITIVE_ACTIONS simulation: type: object properties: logs: type: array items: type: string err: type: object nullable: true explanations: type: array description: Human-readable risk explanations items: type: string example: - >- Transaction interacts with an unknown program that performs sensitive operations. ErrorResponse: type: object properties: success: type: boolean example: false error: type: object properties: code: type: string example: INVALID_REQUEST message: type: string example: Invalid request parameters details: type: string timestamp: type: string format: date-time responses: BadRequest: description: Invalid request parameters content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' InternalError: description: Internal server error content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' ````