The firewall is the real anti-poisoning defense: a victim sends to a lookalike on purpose, so locking funds afterwards does not help. Only refusing does. It runs before anything is signed.

Check a recipient

level
'safe' | 'warning' | 'block'
The worst severity found. block must stop the send.
reasons
RiskReason[]
Each with a code, severity and human message.
complete
boolean
True only when every data source answered. An incomplete check never reports safe.

What it catches

Fail-closed. When the sender’s payment history is unavailable, the lookalike rule cannot run, so an unverified target is blocked, not waved through. A firewall that degrades to “looks fine” when its data source is down is worse than none.

Gate a send on it

It is already on inside sendProtected

You do not have to remember to call it. sendProtected runs the check itself and throws RiskBlockedError on a block. Opt out per call only if you already gated: