What data is needed for predict exchange wallet compromise?

Kumo connects directly to your existing relational tables: Wallets, Approval Events, On-Chain Transfers. No ETL or feature engineering required. Write a PQL query and get explainable predictions in minutes.

15Backward Binary · Wallet CompromiseCrypto

Predict Exchange Wallet Compromise

“Which exchange wallets will experience abnormally large outflows following unusual approval patterns?”

Book a demo and get a free trial of the full platform: data science agent, fine-tune capabilities, and forward-deployed engineer support.

By submitting, you accept the Terms and Privacy Policy.

Loved by data scientists, ML engineers & CXOs at

A real-world example

Which exchange wallets will experience abnormally large outflows following unusual approval patterns?

Bybit heist ($1.5B, Feb 2025) — a spoofed signing interface tricked employees into approving malicious transactions. The pattern: unusual IPs or devices in approval events, followed by massive outflows. A 6-hour verification delay costs nothing; a missed compromise costs $100M+.

How KumoRFM solves this

Graph-powered fraud intelligence

Kumo filters by recent approval anomalies (IP changes, unusual signers), then predicts massive outflows. It correlates approval metadata — IP changes, signer identity, timing gaps — with historical compromise patterns across the exchange network. Wallet W002 shows a new-IP approval event 3 days ago, leading to a predicted $10K+ outflow with 91% probability.

From data to predictions

See the full pipeline in action

Connect your tables, write a PQL query, and get predictions with built-in explainability — all in minutes, not months.

Your data

The relational tables Kumo learns from

Wallets

wallet_id	exchange	wallet_type	balance	last_audit
W001	ExchA	hot	45M	2025-01-01
W002	ExchB	cold	200M	2025-01-05

Approval Events

approval_id	wallet_id	signer_id	ip_changed	timestamp
AP01	W001	S01	0	2025-01-10
AP02	W002	S03	1	2025-01-14

On-Chain Transfers

txn_hash	from_wallet	to_address	amount	timestamp
0xa1...	W001	0x7f...	120	2025-01-10
0xb2...	W002	0xd4...	48,000	2025-01-15

Write your PQL query

Describe what to predict in 2-3 lines — Kumo handles the rest

PQL

PREDICT SUM(ON_CHAIN_TRANSFERS.AMOUNT, 0, 7, days) > 10000
FOR EACH WALLETS.WALLET_ID
WHERE COUNT(APPROVAL_EVENTS.* WHERE APPROVAL_EVENTS.IP_CHANGED = 1, -3, 0, days) > 0

Prediction output

Every entity gets a score, updated continuously

WALLET_ID	TIMESTAMP	TARGET_PRED	True_PROB
W001	2025-02-01	False	0.03
W002	2025-02-01	True	0.91
W003	2025-02-01	False	0.12

Understand why

Every prediction includes feature attributions — no black boxes

Wallet W002 (ExchB cold)

Predicted: 91% compromise probability

Top contributing features

Approval IP changed (3d)

1 event

42% attribution

On-chain transfer amount

48,000

26% attribution

Wallet type

cold

15% attribution

Wallet balance

$200M

10% attribution

Days since last_audit

10 days

7% attribution

Feature attributions are computed automatically for every prediction. No separate tooling required. Learn more about Kumo explainability

PQL Documentation

Learn the Predictive Query Language — SQL-like syntax for defining any prediction task in 2-3 lines.

Read docs

Python SDK

Integrate Kumo predictions into your pipelines. Train, evaluate, and deploy models programmatically.

Read docs

Explainability Docs

Understand feature attributions, model evaluation metrics, and how to build trust with stakeholders.

Read docs

Bottom line: Freeze outflows on wallets showing approval anomalies. A 6-hour verification delay costs nothing; a missed compromise costs $100M+.

Related scenarios

Explore more fraud predictions

Scenario #14Detect Crypto Chargeback FraudLearn more

Scenario #16Flag Ransomware Payment FlowsLearn more

Scenario #20Predict Sanctioned Exchange InteractionLearn more

Previous#14 Crypto Chargeback

Next#16 Ransomware Flows

Topics covered

wallet compromise detectioncrypto exchange securityhot wallet fraud preventiongraph neural networkblockchain analyticscryptocurrency complianceKumoRFMpredictive AIAI explainabilityreal-time detectionDeFi security

From a leadership team with proven experience

Vanja Josifovski

CEO and Co-Founder, ex-CTO Airbnb, ex-CTO Pinterest

Jure Leskovec

Co-Founder & Chief Scientist, Stanford Professor

Hema Raghavan

Co-Founder & Head of Engineering, ex-AI Lead, LinkedIn

One Platform. One Model. Predict Instantly.

KumoRFM

Relational Foundation Model

Turn structured relational data into predictions in seconds. KumoRFM delivers zero-shot predictions that rival months of traditional data science. No training, feature engineering, or infrastructure required. Just connect your data and start predicting.

For critical use cases, fine-tune KumoRFM on your data using the Kumo platform and Data Science Agent for 30%+ higher accuracy than traditional models.

Book a demo and get a free trial of the full platform: data science agent, fine-tune capabilities, and forward-deployed engineer support.

Book a Demo Try Free