#privacy

Real-time on-chain data for Oasis Sapphire (chain-id 23294) — the confidential EVM-compatible ParaTime on the Oasis Network that brings on-chain privacy to smart contracts, with ROSE as its native token. Query live network status (latest block height, network id, client version), fetch any block by height or the latest one (timestamp, transaction count, gas used / limit, base fee, miner), read the current gas price in wei and gwei, and look up the native ROSE balance and transaction count of any address. A keyless, no-account JSON wrapper over the canonical Sapphire JSON-RPC node — decoded from hex into plain decimals and human-readable ROSE so you do not have to. Ideal for explorers, wallets, dashboards, gas estimators and analytics on Oasis Sapphire.

api.oanor.com/sapphire-api

Live network and blockchain data from Monero (XMR), the leading privacy cryptocurrency — no key, nothing stored. The network endpoint returns the live chain state: block height, difficulty, an estimated network hashrate, the mempool size, peer connections, hard-fork version and median block size. The block endpoint returns a block by height — its hash, size, timestamp and transaction count. The mempool endpoint returns the current unconfirmed-transaction pool with a sample of pending transactions and their fees. Data comes live from a public Monero blockchain-explorer node. Monero is privacy-preserving, so individual balances and amounts are unobservable — this is network/aggregate data, distinct from the exchange-ticker, market and transparent-chain APIs in the catalogue. Built for Monero dashboards, network monitors, mining tooling and explorers.

api.oanor.com/monero-api

Mask a value for safe display. The mask endpoint keeps the first and/or last few characters visible and replaces the rest with a mask character — so a card becomes ••••••••••••1111 and an API token becomes sk**********3456 — and can keep separators (spaces and dashes) intact so the value keeps its shape. A dedicated email masker hides the local part (and optionally the domain) while keeping the address recognisable, e.g. j•••••••@example.com. Choose how many characters to reveal and which mask character to use. Perfect for showing the last four digits of a card, partially hiding emails and phone numbers, and masking tokens and account numbers in UIs, receipts and logs. Pure local computation — no key, no third-party service, instant. Live, nothing stored. 3 endpoints. This masks a known value for display; to find and redact PII inside free text, use a redaction API.

api.oanor.com/mask-api

Detect and redact personally identifiable information (PII) in free text. It finds email addresses, phone numbers, credit-card numbers (Luhn-validated to cut false positives), IPv4 and IPv6 addresses, US Social Security numbers and IBANs, and masks each one — with a per-type label like [EMAIL], a fixed replacement string, or a single character repeated to the original length. A detect endpoint returns every match with its type and position without changing the text. Perfect for scrubbing logs and support transcripts, sanitising data before sharing or sending to a third party, and privacy and compliance pre-checks. Pure local computation — text never leaves the server, no key, no third party, instant; up to 200,000 characters via POST. Live, nothing stored. 3 endpoints. Regex-based and best-effort — review before relying on it for legal compliance. Distinct from sentiment, profanity and general text tooling.

api.oanor.com/redact-api

Look up the live Tor network as an API — powered by the Tor Project's official Onionoo service and the canonical bulk exit-node list. Check whether any IPv4 or IPv6 address is a Tor relay (is_tor_relay) and whether it is an exit node that clients leave the network through (is_exit_node, corroborated against the bulk exit list), returning the full matching relay record(s): nickname, fingerprint, flags, country, autonomous system, advertised bandwidth, exit-policy summary and first/last-seen dates. Or search the public relay list by nickname, fingerprint, IP, country or flag (Exit, Guard, Fast, Stable…) with paging. Built for fraud and abuse triage, login-risk scoring, comment- and registration-filtering, and network research — knowing at a glance whether a connection originates from the Tor network. Range data is fetched live from the Tor Project, so it is always current. A Tor-network lookup — distinct from cloud/CDN attribution (cloudips), IP geolocation (ipgeo), ASN/BGP ownership (asn, ripestat) and open-port exposure (internetdb). No upstream key, no cache.

api.oanor.com/tor-api

Check whether a password has appeared in known data breaches — as an API over Have I Been Pwned's Pwned Passwords corpus (800+ million unique compromised passwords). It uses k-anonymity: only the first 5 characters of a password's SHA-1 hash are ever sent upstream, so the password itself never leaves in full. Pass a password (hashed in memory, never stored or logged — send it via POST so it never appears in a URL/log) or a SHA-1 hash to learn whether it has been breached and how many times; or fetch a raw k-anonymity range for a 5-character hash prefix and do the matching entirely on your own side for zero password exposure. Screening sign-ups and password resets against breached-password lists is recommended by NIST 800-63b, and this makes it a one-call check. A breach / credential-security resource — distinct from password generators, cryptographic hashing and bcrypt. Open data from Have I Been Pwned (Troy Hunt), CC BY 4.0.

api.oanor.com/pwned-api