Crypto API

What Is a Crypto Wallet API? The Complete 2026 Guide

Tigran Mkrtchyan
ByTigran Mkrtchyan

You have a wallet address. You need to know what is inside it. Balances, tokens, past transactions, and open DeFi positions. A crypto wallet API turns that address into structured data. You send the address. You get JSON back.

Doing this by hand is painful. Each blockchain speaks its own language. Each node returns raw, low-level data. A crypto wallet data API hides that work behind one endpoint. It reads the chain, normalizes the result, and returns clean fields.

This guide explains what a crypto wallet API is. It covers how these APIs work and what they return. It also covers how to choose one and what to avoid. Still comparing data providers in general? Start with our best crypto API guide.

Looking for wallet creation, seedless wallets, or signing? That is wallet-as-a-service. This guide covers read-only wallet data APIs.

Who this guide is for
Engineers and product teams adding wallet data to an app. Think portfolio trackers, tax tools, DeFi dashboards, and AI agents. No prior blockchain integration experience is needed.

Read top to bottom for the full picture. In a hurry? Jump to the decision table in section 4. The sidebar on the right tracks your place.

Key takeaways
  • A crypto wallet API returns balances, transactions, and DeFi positions by address.
  • “Wallet API” means two things: reading wallet data, or creating wallets.
  • This guide focuses on the read side. It covers most use cases.
  • Multi-chain coverage matters more than any single feature.
  • Always filter spam tokens and cache wallet data sensibly.
  • CoinStats API is one example. It reads wallets across 120+ chains.

What a crypto wallet API is

A crypto wallet API is an HTTP endpoint that returns wallet data. You pass a public wallet address. The API reads the blockchain for you. It sends back balances, token holdings, and transaction history. Many also return DeFi positions and risk signals. A wallet API is one kind of crypto API.

The address is public. Anyone can see what a wallet holds onchain. A wallet API does not need your private keys. It reads public state only. It never signs or moves funds.

Think of it as a translator. Raw chain data is verbose and chain-specific. A crypto wallet data API normalizes it into clean JSON. Token amounts arrive in human units. Dollar values come attached. Spam tokens can be filtered out.

ONE ADDRESS IN, EVERYTHING OUT WALLET ADDRESS 0x7a2b…9f1c WALLET API resolves across chains Cross-chain balances Transaction history DeFi positions, yield

How a wallet API works

The work happens in a few steps. Your app sends one HTTPS request with the address. An edge layer checks your API key. A backend queries the chains where that address is active. It merges the results and adds prices. Then it returns one JSON response.

REQUEST LIFECYCLE Your app sends address ~0 ms HTTPS TLS handshake ~40 ms Edge auth + cache ~10 ms Index query chains ~120 ms Normalize merge + price ~25 ms JSON ~5 ms Illustrative timings. Real latency varies by chain, cache, and region.

You skip running nodes for every chain. You skip indexing raw logs. You skip mapping token contracts to symbols and decimals. The API does that work and keeps it current.

Two meanings: data vs provisioning

The phrase crypto wallet API is ambiguous. It points to two different products. Mixing them up wastes integration time. Here is the split.

WHAT YOU NEED DECIDES WHICH ONE YOUR GOAL read data, or move funds READ WRITE WALLET DATA API Reads onchain wallet data You send a public address Returns balances and positions For trackers, tax, AI agents WALLET PROVISIONING API Creates and controls wallets You generate and store keys Signs and broadcasts transactions For custody, payments, signers

A wallet data API is read-only. You give it an address. It returns what that wallet holds and did. It never holds keys. This is what most apps need first.

A wallet provisioning API is different. It creates wallets and signs transactions. Some call this wallet-as-a-service. Searches like “no seed phrase” point here. Keys are generated and stored by the provider.

This guide is about the data side. That means reading balances, positions, and history. Need to create wallets or sign? You want provisioning instead. The two are sometimes combined in one product.

What a wallet data API returns

A wallet data API bundles several read endpoints. Each answers a different question about an address. Here are the common ones.

💰Native balance
The chain’s base asset, like ETH or SOL.
🪙Token balances
Every token an address holds. The crypto token balance API.
📜Transaction history
Past transfers, swaps, and contract calls with timestamps.
🌾DeFi positions
Staked, lent, and LP assets, resolved per protocol.
🖼NFT holdings
Collectibles the address owns, with metadata.
🛡Risk signals
Flags on held tokens: honeypots, hidden fees, blacklists.

Names vary by provider. The holdings view is sometimes called a crypto token positions API. The DeFi view is a crypto wallet DeFi positions API. The mechanics stay the same. You query by address.

Together these endpoints power a full portfolio view. Most apps start with balances and prices. They add transactions and DeFi later.

Spam filtering and risk analysis are different things. Spam filtering hides dust and scam tokens from the view. Risk analysis checks contract behavior. Empty risk data does not mean safe. It can mean the token is not indexed.

Quick decision table

Short on time? Match your need to a starting point. This is often the easiest way in.

I need to… Start with
Show a user’s total portfolioWallet balances plus token prices
List every token in a walletA crypto token balance API
Show DeFi positionsA wallet DeFi positions endpoint
Pull transaction historyA wallet transactions endpoint
Track many wallets at onceBatch wallet reads plus caching
Flag risky tokensA token risk endpoint
Create wallets for usersA provisioning API, not this guide

Multi-chain coverage

A wallet lives on one chain. A user rarely does. People hold assets across many chains at once. A good wallet API reads all of them from one address or key.

EVM chains share an address format. One 0x address can hold assets on Ethereum, Base, and Arbitrum. Some APIs return every EVM chain in a single call. CoinStats API does this across 24+ EVM chains.

ONE CALL, MANY CHAINS ADDRESS OR XPUB 0x7a2b… / zpub… WALLET API resolves across chains EVM chains (24+) Solana Bitcoin (xpub)

Non-EVM chains differ. Solana uses its own address format. Bitcoin uses several. A wallet API should handle each one natively.

Bitcoin and extended public keys

Bitcoin works differently. One wallet derives many addresses. An extended public key covers them all. These are xpub, ypub, and zpub keys. A wallet API can expand them and sum the balances. CoinStats API supports xpub, ypub, and zpub derivation.

One caution. An xpub cannot spend funds. It can still reveal a wallet’s derived addresses and history. Treat extended public keys as sensitive portfolio data.

Real-world use cases

The same endpoints power very different products. Here is how teams combine them. Each card lists the data it needs.

📊Portfolio tracker
Show holdings and value across many wallets. Needs: balances, prices, DeFi positions.
🧾Tax and accounting
Reconstruct gains and losses from history. Needs: full transactions, timestamps, prices.
🌾DeFi dashboard
Show staked, lent, and LP positions. Needs: DeFi positions, protocol metadata.
🤖AI portfolio agent
Answer plain questions about a wallet. Needs: balances, positions, an MCP Server.
🛡Wallet security check
Warn users about risky holdings. Needs: token risk flags, approvals.
🏢Treasury monitor
Watch a company’s onchain funds. Needs: balances, transfers, alerts.

Anatomy of a wallet API call

Every wallet API call has the same parts. Learn them once. They transfer to any provider. Here is a read request, piece by piece.

GET https://api.example.com/v1/wallet/0x7a2b…9f1c/balances?chain=ethereum&currency=usd X-API-KEY: your_key_here

Read that URL from left to right.

  • Base URL and version: https://api.example.com/v1 is the host.
  • Resource path: /wallet/{address}/balances names what you want.
  • Path parameter: the wallet address sits inside the path.
  • Query parameters: chain and currency narrow the result.
  • Headers: X-API-KEY carries your key. Content-Type is JSON.

The response is JSON. It has a predictable shape. You read the fields you need.

{ "address": "0x7a2b…9f1c", "chain": "ethereum", "nativeBalance": "1.42", "tokens": [ { "symbol": "USDC", "amount": "820.0", "valueUsd": "820.0" } ], "totalValueUsd": "48210.55" }

Ignore fields you do not use. Response shapes differ slightly per provider. The pattern stays the same. Address in, structured data out.

Crypto wallet API in practice

Say you want a user’s full portfolio. Native coins, tokens, and DeFi positions. You can build it yourself, or call a wallet API. Here is the contrast.

Task Build it yourself With a wallet API
Read native balancesOne node call per chainOne API call
Read token balancesScan logs, call balanceOfIn the response
Add USD pricesWire a price feedIncluded
Cover many chainsRun a node per chainOne endpoint
Filter spam tokensBuild your own filterBuilt in
Keep it runningYou maintain itProvider maintains it
Time to shipWeeksHours

Both paths work. One takes weeks. The other takes an afternoon. CoinStats API returns this across 120+ chains. A wallet API removes the heavy lifting.

Authentication and security

Most wallet data APIs use an API key. You send it in a header. The server checks it on every request. Keep it on your server. Never ship it in frontend code.

AUTH PATTERNS METHOD HOW IT WORKS SECURITY API KEY simplest Send a static key in the X-API-KEY header. Server-side only. Never in frontend. OAUTH 2.0 user-delegated Exchange a code for a short-lived token. Tokens rotate. Scope per integration. HMAC signed request Hash the request with a shared secret. Used for write APIs on exchanges.

Some providers add OAuth for user-linked data. Exchanges often require HMAC for writes. Reading public wallet data rarely needs more than a key.

Security checklist

  • Keep API keys server-side. Proxy requests through your backend.
  • Rotate keys on a schedule. Revoke leaked keys fast.
  • Scope keys to least privilege. Stay read-only where you can.
  • Restrict by IP or domain when the provider supports it.
  • Log usage. Watch for spikes and odd patterns.

Rate limits and pricing

Wallet APIs are not free to run. Reading many chains costs the provider. So providers cap usage and charge for volume. Three pricing models are common.

  • Request-based: you pay per call. Simple to reason about.
  • Credit-based: each endpoint costs credits. Heavy calls cost more.
  • Tier-based: a flat monthly plan with set limits.

No model is best. Each one fits different usage. CoinStats API uses credit-based pricing with a free tier.

Rate limits cap requests per second. Watch for 429 responses. Respect the Retry-After header. Back off and retry instead of hammering.

Do the math before you commit. Say you refresh 500 wallets every 5 minutes. That is 500 × 12 × 24 = 144,000 reads per day. Model that against any plan first.

Is there a free tier?

Often yes. Most providers offer a free tier for testing. The limits are lower. It is enough to build and validate. CoinStats API includes a free tier to start.

When a wallet API is the wrong tool

A wallet data API is not always the right fit. Sometimes you need something lower or higher level. Here is where it falls short.

  • You need raw mempool data. Use a node or RPC provider.
  • You need to sign or send funds. Use a provisioning API.
  • You need millisecond trade fills. Use an exchange API.
  • You need custom contract events. Use an indexer.
  • You need one chain in deep detail. A dedicated node may fit.

A wallet API is for reading portfolio state. It is not a node. It is not a broker. It is not a signer.

How to choose a wallet API

Most wallet APIs look similar on the homepage. The differences show up in production. Weigh these factors before you commit.

🔗Chain coverage
Does it read every chain you need today and next quarter?
🌾DeFi protocol depth
How many protocols does it resolve positions for?
🧹Spam filtering
Does it hide scam and dust tokens by default?
Latency
How fast are the endpoints you will call most?
💳Pricing model
Can you model your monthly cost cleanly?
🔄Freshness
How current are balances, positions, and prices?
📚Docs quality
Are there working examples for your stack?
🤖AI readiness
Is there an MCP Server for agent access?

Common mistakes to avoid

These mistakes cost teams the most time. Most are easy to avoid once named.

  1. Picking on price before testing latency.
  2. Assuming a chain works because the logo appears.
  3. Storing API keys in frontend code.
  4. Skipping the rate-limit math for production load.
  5. Trusting token symbols to be unique across chains.
  6. Showing spam tokens as real holdings.
  7. Caching live prices for too long.
  8. Ignoring pagination on long transaction histories.

Provider types and when they fit

Wallet data is served by a few kinds of providers. Each sits at a different layer. Match the type to your job.

Provider type Common fit Not ideal for What to verify
Wallet data API Portfolio reads across chains Order execution and custody Chain list, free-tier limits
RPC / node provider Raw chain access and calls Clean portfolio views Chains, throughput, pricing
Onchain indexer Custom queries on events Fast time to ship Schema, freshness, limits
Wallet-as-a-service Creating and signing wallets Read-only analytics Custody model, security

CoinStats API is a wallet data API. It reads portfolios across chains. RPC and indexer tools sit lower in the stack. Many teams combine a data API with a node. For a shortlist, see our best crypto wallet APIs guide.

Crypto wallet API providers

Here are a few providers as examples. Treat it as a starting point. Verify the details for your own case.

Provider Common fit Not ideal for What to verify
CoinStats API Multi-chain portfolio data and risk Order execution and custody Chain list, free-tier limits
Alchemy EVM RPC and enhanced APIs Broad non-EVM coverage Supported chains, pricing tiers
Covalent Multichain wallet data, 100+ chains Deep per-protocol DeFi Chain list, pricing
Allium Enterprise onchain data at scale Quick self-serve start Access model, pricing

No single provider wins for everything. Match the provider to your chains and your budget. Test latency before you commit.

Your first wallet API call

Time to read a real wallet. Sign up and grab a free key. Then call the balance endpoint. Here it is in three languages.

First, the shell version.

# Shell: read token balances for one address on one chain # 0xd8dA...6045 is a public example address curl -G "https://openapiv1.coinstats.app/wallet/balance" \ --data-urlencode "address=0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045" \ --data-urlencode "connectionId=ethereum" \ -H "X-API-KEY: $COINSTATS_API_KEY" \ -w "\nHTTP %{http_code}\n"

Same call from JavaScript.

// JavaScript: fetch with error handling const address = "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045"; // public example const url = `https://openapiv1.coinstats.app/wallet/balance?address=${address}&connectionId=ethereum`; try { const res = await fetch(url, { headers: { "X-API-KEY": process.env.COINSTATS_API_KEY } }); if (!res.ok) throw new Error(`HTTP ${res.status}`); const data = await res.json(); console.log(data); } catch (err) { console.error("Wallet API call failed:", err.message); }

And from Python.

# Python: requests with timeout and error handling import os, requests try: res = requests.get( "https://openapiv1.coinstats.app/wallet/balance", params={"address": "0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045", "connectionId": "ethereum"}, headers={"X-API-KEY": os.environ["COINSTATS_API_KEY"]}, timeout=10, ) res.raise_for_status() print(res.json()) except requests.exceptions.RequestException as e: print(f"Wallet API call failed: {e}")

In production, also handle timeouts, retries, and rate limits. Watch for invalid keys, empty responses, and partial data.

A successful call returns an array of token objects. Each one looks like this.

[ { "coinId": "ethereum", "name": "Ethereum", "symbol": "ETH", "amount": 1.42, "price": 3120.55, "chain": "ethereum", "connectionId": "ethereum", "decimals": 18, "contractAddress": null } ]

This reads Ethereum balances only. A single-chain request costs 40 credits. For many chains, pass comma-separated chains or all. Model the cost before production. See the Ethereum and EVM wallet docs for every field. Reading Solana instead? Use the Solana wallet docs.

Do not
  • Put API keys in frontend code.
  • Poll wallet balances every few seconds.
  • Assume token symbols are unique across chains.
  • Assume every chain is supported by every provider.
  • Let AI agents move funds without explicit user confirmation.
  • Treat responses as always complete or always fresh.

Crypto wallet API examples

Here are common crypto wallet API calls. Each uses one address and a chain. Swap connectionId to change the chain.

# Replace 0x... with a wallet address. Every call needs your X-API-KEY header. # Token balances on Ethereum GET https://openapiv1.coinstats.app/wallet/balance?address=0x...&connectionId=ethereum # Balances across all chains in one call GET https://openapiv1.coinstats.app/wallet/balances?address=0x...&blockchain=all # A Bitcoin wallet from an extended public key GET https://openapiv1.coinstats.app/wallet/balance?address=zpub...&connectionId=bitcoin # Transaction history, 50 per page GET https://openapiv1.coinstats.app/wallet/transactions?address=0x...&connectionId=ethereum&limit=50 # DeFi positions for a wallet GET https://openapiv1.coinstats.app/wallet/defi?address=0x...&connectionId=ethereum

Each endpoint costs 40 credits per chain. The all-chains call costs more. See the API docs for parameters and limits.

Best practices

A few habits keep a wallet integration fast and cheap.

  • Cache cold data hard. Token metadata rarely changes. Cache it for hours.
  • Never cache hot data long. Prices and balances move. Use short TTLs.
  • Use canonical IDs. Match tokens by contract address, not symbol.
  • Set TTL by data type. Metadata for hours. Balances for seconds.
  • Monitor the basics. Track error rate, p95 latency, and rate-limit headroom.
  • Handle pagination. Long transaction histories arrive in pages.
  • Batch where you can. Group wallet reads to cut overhead.

Wallet APIs and AI agents

AI agents now read wallets too. They need tools, not raw HTTP. MCP is the emerging pattern for this. It exposes API endpoints as agent tools.

AI AGENT ACCESS AI agent plain language MCP Server tool layer Wallet data balances, positions asks returns An agent calls wallet endpoints as tools.

An agent asks a question in plain language. An MCP Server maps it to a wallet endpoint. The data comes back as a tool result. CoinStats API exposes a REST API and an MCP Server.

For production agents, keep wallet tools read-only by default. Require explicit user confirmation for any write.

Integration checklist

Use this before you commit to a provider. Answer these ten questions first.

  1. Does it read every chain I need today?
  2. Does it cover the next chains I will add?
  3. How fresh are balances and prices?
  4. How does it resolve DeFi positions?
  5. Does it filter spam and scam tokens?
  6. What is the rate-limit shape: RPS, burst, daily?
  7. What happens on a 429? Is there Retry-After?
  8. What is the pricing model? Can I model cost?
  9. Does it support xpub keys for Bitcoin?
  10. Is there an MCP Server for agents?

Putting it together

A crypto wallet API turns an address into clean data. Start on the read side. Cover the chains your users hold. Filter spam, cache wisely, and watch your limits. The right provider fades into the background.

Frequently Asked Questions

Quick answers to common questions about crypto wallet APIs.

What is a crypto wallet API in plain English?

It is an HTTP endpoint that returns wallet data. You send a public address. You get balances, transactions, and positions back.

Wallet data API vs provisioning API: what is the difference?

A data API reads onchain wallet state. A provisioning API creates wallets and signs transactions. This guide covers the data side.

Does a wallet API need my private keys?

No. A wallet data API reads public state. It never needs keys. It cannot move funds.

What is a crypto token balance API?

It is the endpoint that lists every token an address holds. It returns amounts, symbols, and values.

What is a crypto wallet DeFi positions API?

It resolves staked, lent, and LP holdings per protocol. It turns opaque receipts into readable positions.

Can a wallet API show wrong data?

Yes. Data can be stale or incomplete. Cache carefully. Verify critical numbers against another source.

Is there a free crypto wallet API?

Many providers offer a free tier. The limits are lower. It is enough to build and test. CoinStats API has a free tier.

How do I read a wallet across many chains?

Use an API that covers them. Some return all EVM chains in one call. CoinStats API reads 24+ EVM chains.

Does a wallet API support Bitcoin xpub keys?

Some do. An xpub covers many derived addresses. CoinStats API supports xpub, ypub, and zpub.

How do I authenticate with a wallet API?

Usually with an API key in a header. Keep it server-side. Never ship it in frontend code.

What is rate limiting?

It is a cap on requests over time. Exceed it and you get a 429. Back off and retry.

How do I filter spam tokens?

Use a provider that flags them. Then hide flagged tokens. Do not show dust as real holdings.

Wallet API vs RPC node: which do I need?

A wallet API gives clean portfolio data. An RPC node gives raw chain access. Most apps want the wallet API.

Can AI agents use a wallet API?

Yes, through an MCP Server. It exposes endpoints as tools. Keep agents read-only by default.

How current is the data?

It depends on the provider. Balances update fast. Metadata updates slowly. Check freshness before you rely on it.

Should I build my own wallet indexer?

Rarely. Running nodes and indexers is costly. An API is faster to ship and maintain.

Start building with CoinStats Wallet API
Wallet balances, transactions, DeFi positions, and token risk. 120+ chains, 10,000+ DeFi protocols, Bitcoin xpub. REST and MCP. Free tier.
Get your API key →
This article is for informational and educational purposes only. It is not financial or legal advice. APIs evolve fast. Pricing, features, and chain coverage change. Verify each provider’s docs before integrating.