Starkscan

Launch Matrix

Production-readiness status for Starkscan REST, RPC, SDK, CLI, and MCP surfaces.

Launch matrix

Use this page when deciding which Starkscan surface an agent or client should use today.

Machine-readable source: public-client-surface-matrix.json

Public client 1.0 semver and conformance contract: Public client 1.0 contract

Package trust surface: Package trust

Current public labels

SurfacePublic labelCurrent useMain blocker
REST core APIcertifiedProduction-safe for named clients on status, block, timestamp-to-block, tx, token total supply, and token balance-of.None for the certified route set.
Starkscan RPC providerauthenticated HTTP betaHosted production is open to Starkscan API-key holders for read, call, event, fee, and simulation-envelope workflows through Starkscan auth, rate limits, and request IDs; preview/self-hosted deployments may require batch or utility scope unless configured open. Signed transaction submission requires a write-scoped key.No-key public RPC, WebSockets, broad tracing, archive/history certification, method-level production dashboards, and public unrestricted provider promotion.
TypeScript SDKstable0.1.2 is published on latest and imports under Node ESM from a clean package install.npm provenance is pending and will be enabled at public-source promotion.
Agent CLIstable0.1.2 is published on latest with bundled native artifacts, manifest/checksum verification, and unauthenticated request IDs with the starkscan-cli- prefix.npm provenance is pending and will be enabled at public-source promotion.
Hosted MCP HTTPbetaUsable with API-key auth on the hosted MCP endpoint; protected-resource discovery is live.None for the hosted HTTP transport; package launcher promotion is tracked separately.
Official MCP launcherstable0.1.2 is published on latest, delegates to the exact matching CLI version, and has packaged launcher/request-ID smoke proof.npm provenance is pending and will be enabled at public-source promotion.
Address intelligence utilitiesbetaNamed wallet/paymaster/migration clients can classify bounded address lists with address/summaries, address/intelligence, and single-address attribution.Route-level certification sampling and coverage metric publication before promotion beyond beta.

The machine-readable matrix uses stable for the published 0.1.2 package surfaces and includes onePointZeroContract for the future 1.0 semver/conformance bar. latest should point at the real packages after promotion. Legacy placeholder releases are fail-closed rollback artifacts, not supported public install guidance.

Route certification

Route-level certification is surfaced in starkscan-openapi.yaml from the checked-in correctness manifest. The current certified launch set is intentionally narrow:

  • GET /v1/{chain}/status
  • GET /v1/{chain}/block/{number_or_hash}
  • GET /v1/{chain}/block-at-timestamp
  • GET /v1/{chain}/tx/{tx_hash}
  • GET /v1/{chain}/token/{token}/total-supply
  • GET /v1/{chain}/token/{token}/balance-of/{address}

GET /v1/{chain}/block-at-timestamp is certified for turning a calendar-close instant into the concrete block number used by the certified balance-of route. The certified accounting workflow is one known token contract, one account, and one timestamp; portfolio-wide historical holdings stay outside this certification.

The Starkscan RPC provider at POST https://api.starkscan.co/v1/{chain}/rpc is separate from the certified REST launch set. Hosted production is open to Starkscan API-key holders for read, call, event, fee, and simulation-envelope workflows after mainnet wallet-app read and simulation evidence; preview/self-hosted deployments may require batch or utility scope unless configured open. Write-scoped keys may also forward already-signed starknet_addInvokeTransaction, starknet_addDeclareTransaction, and starknet_addDeployAccountTransaction payloads within the signed-write boundary. Server clients should use X-Starkscan-Api-Key; SDKs/tools that cannot attach headers can use https://starkscan.co/rpc/v0_10/{chain}/{token} as a compatibility nodeUrl with a dedicated key per app or environment. Preview and self-hosted deployments must use their own app host. App-host header-auth compatibility is POST https://starkscan.co/api/v1/{chain}/rpc. Treat URL-token values as secrets; they can appear in server access logs, browser history, proxy/CDN logs, and shared telemetry. Prefer header auth for server clients. No-key public RPC, broad tracing, archive/history, unrestricted public writes, and full-provider replacement still need separate certification. starknet_getStorageProof is served as a bounded proof beta method with per-request target caps and a proof response-size cap; it is not an unrestricted archive-proof surface. A separate WSS proxy route exists for named-client beta certification, but subscription methods remain outside the default HTTP nodeUrl tier and should not replace an existing WSS provider without named-client proof.

Indexed lists, holder analytics, address intelligence utilities, privacy-pool routes, markets, and protocol routes stay beta unless the OpenAPI operation and current evidence say otherwise.

Address intelligence utilities are the documented batch lane for wallet, paymaster, and migration backends:

  • GET /v1/{chain}/address/{address}/attribution
  • POST /v1/{chain}/address/summaries
  • POST /v1/{chain}/address/intelligence

They use indexed facts only and do not perform risk scoring, sanctions screening, or heuristic mixer-proximity analysis. Use Classify addresses in bulk for the field contract and null semantics.

How agents should choose

  • Start with REST when you need the exact wire contract.
  • Use Starkscan RPC only for the authenticated HTTP beta scope; keep your existing Starknet RPC provider for WebSockets, broad tracing, and full archive/history migrations.
  • Use the TypeScript SDK when your app wants typed request construction and response shapes.
  • Use the CLI for shell workflows and local exports.
  • Use MCP only when the caller is already an MCP client.

Correctness is the hard launch gate. If a route is slow but certified, use backoff, caching, or lower concurrency. If a route is fast but still beta, do not put it in unattended production workflows without an explicit client agreement.

Package trust is a separate gate. A package can wrap certified routes while still being experimental if its tokenless publish path, public-source metadata, or external risk signals are incomplete. npm provenance is pending and will be enabled at public-source promotion. See Package trust.

For certified token reads, latest and pending remain live moving-state shortcuts. Agents that need reproducible correctness should pass an explicit block number or block hash as block_tag; the launch gate compares the route and Starknet RPC at that same exact block.

On this page