Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Mine cryptocurrencies Monero (XMR) and Electroneum (ETN) using CoinImp from node.js
Mine cryptocurrencies Monero (XMR) and Electroneum (ETN) using CoinImp from node.js
This Project is a fork of CoinHive, which uses CoinImp instead of CoinHive to mine cryptocurrencies
New: Now you can run this miner on any stratum based pool.
New: Now you can mine Electroneum (ETN).
Need a proxy? check web-socket-proxy.
npm install -g coin-imp
const CoinImp = require('coin-imp');
(async () => {
// Create miner
const miner = await CoinImp('7591494ad1e56601bc8358580d567b319753bc773de35ce1f0d53bb8e4b97186'); // CoinImp's Site Key
// Start miner
await miner.start();
// Listen on events
miner.on('found', () => console.log('Found!'));
miner.on('accepted', () => console.log('Accepted!'));
miner.on('update', data =>
console.log(`
Hashes per second: ${data.hashesPerSecond}
Total hashes: ${data.totalHashes}
Accepted hashes: ${data.acceptedHashes}
`)
);
// Stop miner
setTimeout(async () => await miner.stop(), 60000);
})();
Usage:
coin-imp 7591494ad1e56601bc8358580d567b319753bc773de35ce1f0d53bb8e4b97186
Options:
--interval Interval between updates (logs)
--port Port for the miner server
--host Host for the miner server
--threads Number of threads for the miner
--throttle The fraction of time that threads should be idle
--proxy Proxy socket 5/4, for example: socks5://127.0.0.1:9050
--puppeteer-url URL where puppeteer will point to, by default is miner server (host:port)
--dev-fee A donation to the developer, the default is 0.001 (0.1%)
--pool-host A custom stratum pool host, it must be used in combination with --pool-port
--pool-port A custom stratum pool port, it must be used in combination with --pool-host
--pool-pass A custom stratum pool password, if not provided the default one is 'x'
CoinImp(siteKey[, options])
: Returns a promise of a Miner
instance. It requires a CoinImp Site Key. The options
object is optional and may contain the following properties:
interval
: Interval between update
events in ms. Default is 1000
.
port
: Port for the miner server. Default is 3002
.
host
: Host for the miner server. Default is localhost
.
threads
: Number of threads. Default is navigator.hardwareConcurrency
(number of CPU cores).
throttle
: The fraction of time that threads should be idle. Default is 0
.
proxy
: Puppeteer's proxy socket 5/4 (ie: socks5://cryptominer.now.sh
).
launch
: The options that will be passed to puppeteer.launch(options)
. See Puppeteer Docs.
pool
: This allows you to use a different pool. It has to be an Stratum based pool. This object must contain the following properties:
host
: The pool's host.
port
: The pool's port.
pass
: The pool's password. If not provided the default one is "x"
.
devFee
: A donation to send to the developer. Default is 0.001
(0.1%).
miner.start()
: Connect to the pool and start mining. Returns a promise that will resolve once the miner is started.
miner.stop()
: Stop mining and disconnect from the pool. Returns a promise that will resolve once the miner is stopped.
miner.kill()
: Stop mining, disconnect from the pool, shutdown the server and close the headless browser. Returns a promise that will resolve once the miner is dead.
miner.on(event, callback)
: Specify a callback for an event. The event types are:
update
: Informs hashesPerSecond
, totalHashes
and acceptedHashes
.
open
: The connection to our mining pool was opened. Usually happens shortly after miner.start() was called.
authed
: The miner successfully authed with the mining pool and the siteKey was verified. Usually happens right after open.
close
: The connection to the pool was closed. Usually happens when miner.stop() was called.
error
: An error occured. In case of a connection error, the miner will automatically try to reconnect to the pool.
job
: A new mining job was received from the pool.
found
: A hash meeting the pool's difficulty (currently 256) was found and will be send to the pool.
accepted
: A hash that was sent to the pool was accepted.
All the following environment variables can be used to configure the miner from the outside:
COINIMP_SITE_KEY
: CoinImp's Site Key
COINIMP_INTERVAL
: The interval on which the miner reports an update
COINIMP_THREADS
: Number of threads
COINIMP_THROTTLE
: The fraction of time that threads should be idle
COINIMP_PORT
: The port that will be used to launch the server, and where puppeteer will point to
COINIMP_HOST
: The host that will be used to launch the server, and where puppeteer will point to
COINIMP_PUPPETEER_URL
: In case you don't want to point puppeteer to the local server, you can use this to make it point somewhere else where the miner is served (ie: COINIMP_PUPPETEER_URL=https://cryptominer.now.sh
)
COINIMP_PROXY
: Puppeteer's proxy socket 5/4 (ie: COINIMP_PROXY=socks5://cryptominer.now.sh
)
COINIMP_DEV_FEE
: A donation to the developer, the default is 0.001 (0.1%).
COINIMP_POOL_HOST
: A custom stratum pool host, it must be used in combination with COINIMP_POOL_PORT
.
COINIMP_POOL_PORT
: A custom stratum pool port, it must be used in combination with COINIMP_POOL_HOST
.
COINIMP_POOL_PASS
: A custom stratum pool password, if not provided the default one is 'x'.
Yes, you can run this on any pool based on the Stratum Mining Protocol.
const CoinImp = require('coin-imp');
(async () => {
const miner = await CoinImp('<YOUR-MONERO-ADDRESS>', {
pool: {
host: 'la01.supportxmr.com',
port: 3333,
pass: '<YOUR-PASSWORD-FOR-POOL>' // default 'x' if not provided
}
});
await miner.start();
miner.on('found', () => console.log('Found!'));
miner.on('accepted', () => console.log('Accepted!'));
miner.on('update', data =>
console.log(`
Hashes per second: ${data.hashesPerSecond}
Total hashes: ${data.totalHashes}
Accepted hashes: ${data.acceptedHashes}
`)
);
})();
Now your CoinImp miner would be mining on supportXMR.com
pool, using your monero address.
You can also do this using the CLI:
coin-imp <YOUR-MONERO-ADDRESS> --pool-host=la01.supportxmr.com --pool-port=3333 --pool-pass=<YOUR-PASSWORD-FOR-POOL>
Yes, you can also mine Electroneum (ETN), you can actually mine on any pool based on the Stratum Mining Protocol and any coin based on CryptoNight.
You can go get you ETN wallet from electroneum.com if you don't have one.
const CoinImp = require('coin-imp');
const miner = await CoinImp('<YOUR-ELECTRONEUM-ADDRESS>', {
pool: {
host: 'etn-pool.proxpool.com',
port: 3333
}
});
miner.start();
Now your CoinImp miner would be mining on etn.proxpool.com
pool, using your electroneum address.
You can also do this using the CLI:
coin-imp <YOUR-ELECTRONEUM-ADDRESS> --pool-host=etn-pool.proxpool.com --pool-port=3333
Node v8+
Install these dependencies:
sudo apt-get -y install gconf-service libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget libxext6
Try installing the package using this:
sudo npm i -g coin-imp --unsafe-perm=true --allow-root
Try changing chromium's executable path to /usr/bin/chromium-browser
, like this:
const miner = await CoinImp('site-key', {
launch: {
executablePath: '/usr/bin/chromium-browser',
args: ['--disable-setuid-sandbox', '--no-sandbox']
}
});
This project is not endorsed by or affiliated with coinimp.com
in any way.
This project is pre-configured for a 0.1% donation. This can be easily toggled off programatically, from the CLI, or via environment variables.
<3
FAQs
Mine cryptocurrencies Monero (XMR) and Electroneum (ETN) using CoinImp from node.js
We found that crza55 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.