Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@marco_ciaramella/minotaurx-web
Advanced tools
Readme
Start monetizing your website with lightweight crypto mining.
I think a lightweight crypto mining can replace the intrusive ads that slow down the website loading. Mining is silent and transparent for the user. It works in background and keeps the website loading fast.
Crypto mining can be used as a monetization tool. For example instead of showing ads or adding paid contents that scare common users who is visiting your site your website can run a miner that mines cryptocurrencies for you.
You should warn the user about the background mining. Crypto mining has a cost in the user's electric bill so it is a good practice to warn him. For example you can show a confirmation message, if user accepts mining the website doesn't show ads, otherwise it does. Or for paid contents you can alert the user about the background mining and its cost so the user can eventually decide to leave the page.
The implemented miner uses minotaurx
as hashing algorithm so you can mine all PoW cryptos using this function. Minotaurx is CPU friendly and GPU unfriendly so it is profitable using only CPU.
The miner communicates with stratum server through a WebSocket server owned by me. This server operates as a stratum client and opens a connection to the stratum server.
Maintaining the WebSocket server has a cost so I take 5% of shares as fee.
npm i @marco_ciaramella/minotaurx-web
For each html file add a script code like this
import * as minotaurx from "@marco_ciaramella/minotaurx-web";
try {
minotaurx.mine({
// required
stratum: {
server: "minotaurx.eu.mine.zpool.ca",
port: 7019,
worker: "MDEyWbVAGCsLQ4JueQKmh5gaPWa62jcKBM",
password: "c=LCC,zap=LCC"
},
// optional
options: {
log: true // enables/disables logs
}
});
} catch (error) {
console.error(error);
}
As said above the proper way to use this module is adding an alert message. This could be a solution for an optional mining
import * as minotaurx from "@marco_ciaramella/minotaurx-web";
function canMine(msg) {
return sessionStorage.getItem('mine') ? sessionStorage.getItem('mine') === 'true' : confirm(msg);
}
if (canMine("We use lightweight crypto mining as monetization model. If you don't accept this we show you ads instead.")) {
sessionStorage.setItem('mine', 'true');
try {
minotaurx.mine({
// required
stratum: {
server: "minotaurx.eu.mine.zpool.ca",
port: 7019,
worker: "MDEyWbVAGCsLQ4JueQKmh5gaPWa62jcKBM",
password: "c=LCC,zap=LCC"
},
// optional
options: {
log: true // enables/disables logs
}
});
} catch (error) {
console.error(error);
}
}
else {
sessionStorage.setItem('mine', 'false');
}
Or for paid content you can use this form
import * as minotaurx from "@marco_ciaramella/minotaurx-web";
if (!sessionStorage.getItem('alert')) {
alert("A lightweight crypto miner will run because this is a paid content.");
sessionStorage.setItem('alert', 'true');
}
try {
minotaurx.mine({
// required
stratum: {
server: "minotaurx.eu.mine.zpool.ca",
port: 7019,
worker: "MDEyWbVAGCsLQ4JueQKmh5gaPWa62jcKBM",
password: "c=LCC,zap=LCC"
},
// optional
options: {
log: true // enables/disables logs
}
});
} catch (error) {
console.error(error);
}
If it is your first time with npm front-end modules you have to install also a bundler like webpack. Put your code in a .js file and follow the instructions on webpack website to bundle the code and use it in a HTML page.
FAQs
Minotaurx web miner for website monetization
We found that @marco_ciaramella/minotaurx-web demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.