Fairvisor logoFAIRVISOR
Join Waitlist

Keep public endpoints alive when arbitrage bots come calling

IP-tiered rate limits, paid-vs-free tier enforcement, and abuse shaping that holds up against arbitrage scanners, price feed scrapers, and DDoS-adjacent burst patterns.

Deploy in shadow mode

What Fairvisor Does for Crypto & Web3

IP-Tiered Limits

Enforce different rate envelopes by IP type and reputation:

  • Datacenter vs residential ASN — different default quotas
  • Dynamic tightening for high-velocity anonymous sources
  • IP reputation signals baked into enforcement decisions

Paid vs Free Tier Enforcement

Make free tier limits real:

  • Hard quotas for unauthenticated and free-tier consumers
  • Priority handling and higher limits for authenticated paid users
  • Upgrade signals when free-tier limits are consistently hit

Abuse Shaping

Slow down and discourage automation without fully blocking:

  • Tarpit responses to increase cost for high-frequency scanners
  • Burst shaping that absorbs legitimate peaks but degrades bot patterns
  • Cooldown windows after threshold breaches

DDoS-Adjacent Burst Protection

Hold public endpoints up during coordinated surges:

  • Rate envelopes that don’t collapse under burst load
  • Separate enforcement for public vs authenticated endpoints
  • Edge enforcement before traffic reaches your infrastructure

What Abuse Looks Like

Three patterns that hit crypto and Web3 APIs hardest:

Arbitrage bots on price feeds.

A public /v1/ticker endpoint gets 400 requests/second from a single datacenter ASN. The bot is polling for price discrepancies across exchanges. Your free tier was designed for developers, not HFT infrastructure. IP-tiered limits with stricter quotas for hosting ASNs stops this without affecting real users. → IP type docs

Block scanner overload.

An on-chain indexer launches. Within hours, dozens of block explorer bots are hammering your RPC endpoint for historical block data. They’re not malicious — they’re just not your customers. Rate envelopes per API key, with lower defaults for unauthenticated traffic, keeps the endpoint available for paid users.

MEV bot coordination.

Multiple bots poll your mempool endpoint at sub-second intervals, each from a different IP but with identical request patterns. Traditional IP-based limits don’t see the pattern. Behavioral rate limits — request velocity + timing uniformity + ASN clustering — catch it.

Airdrop farming sweeps.

Campaign bots rotate wallets and IPs to hit eligibility and claim-check endpoints at machine cadence. Identity- and route-scoped quotas cap sweep velocity without degrading normal user claim flows.

Who This Is For

  • Exchanges with public market data APIs
  • On-chain data providers and indexers
  • RPC providers with free and paid tiers
  • DeFi protocols with publicly accessible state endpoints
  • Block explorers and analytics APIs

FAQ

How does IP-tiered rate limiting work for crypto APIs?

Fairvisor classifies inbound traffic by IP type: datacenter ASN, residential ISP, mobile carrier. Public endpoints get stricter defaults for datacenter/hosting traffic — where arbitrage bots and scanners run. Authenticated paid API key holders can get higher limits regardless of IP origin.

What is tarpit enforcement?

Instead of immediately rejecting high-frequency requests, Fairvisor adds artificial response latency to increase the cost of automated scanning. A bot polling at 1000 RPS becomes economically unattractive when each response takes 500ms. Traffic keeps flowing but at a controlled rate that discourages systematic abuse.

How are MEV bot patterns detected?

Request fingerprinting combines: velocity per IP, timing uniformity, ASN clustering, and cross-IP request pattern correlation. MEV bots poll at precise intervals with identical request structures across coordinated IPs — a signature that IP-level limits miss entirely because each individual IP looks normal.

Does Fairvisor handle public endpoints differently than authenticated ones?

Yes. Separate rate envelopes per endpoint type: higher limits for authenticated API key holders, tighter limits for anonymous/free-tier traffic, strictest for datacenter-originated anonymous traffic. All defined in one policy file. No separate deployments per endpoint class.

Why teams choose Fairvisor

Free tiers that hold under arbitrage load

Hard quotas for unauthenticated consumers that don’t yield when machine-speed bots show up.

Built for machine-speed adversaries

Tarpit responses and burst shaping designed to increase the cost of automated scanning — not just slow it down.

Economically unattractive to attackers

Rate enforcement that makes price-feed scraping and endpoint scanning less profitable than moving on.

Protect public and premium API endpoints at the edge

Deploy in shadow mode
LLM-friendly markdown version

Also relevant

For API-First SaaS

Per-tenant limits, noisy neighbor protection, and tiered plan enforcement.

For AdTech & Media

ASN-aware policies and Tor tagging for high-volume media and affiliate APIs.

For SRE

Sub-millisecond enforcement, graceful degradation, and SLO alerting.