Distributed Web Mining of Ethereum
- 915 Downloads
Abstract
We consider the problem of mining crytocurrencies by harnessing the inherent distribution capabilities of the World Wide Web. More specifically, we propose, analyze, and implement WebEth, a browser-based distributed miner of the Ethereum cryptocurrency. WebEth handles Proof-of-Work (PoW) calculations through individualized code that runs on the client browsers, and thereafter collates them at a web server to complete the mining operation. WebEth is based on a lazy evaluation technique designed to function within the expected limitations of the clients, including bounds on memory, computation and communication bandwidth to the server. We provide proofs-of-concept of WebEth based on JavaScript and WebAssembly implementations, with the latter reaching hash rates up to roughly 40 kiloHashes per second, which is only 30% slower than the corresponding native C++-based implementation. Finally, we explore several applications of WebEth, including monetization of web content, rate limitation to server access, and private Ethereum networks. Though several distributed web-based cryptominers have appeared in the wild (for other currencies), either in malware or in commercial trials, we believe that WebEth is the first open-source cryptominer of this type.
Keywords
Crypto-currency Ethereum Distributed computing Web-browser computing MiningNotes
Acknowledgment
The authors would like to thank Dennis Your for his contributions during the early stages of this research. This research was supported in part by NSF under grant CCF-1563753. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the NSF.
References
- 1.Tiwari, T., et al.: WebEth. GitHub, 1.0, GitHub, 10 April 2018. github.com/trishutiwari/web-ethereum-mining
- 2.Gundlach, M.: AdBlock browser extension. AdBlock. Software (2009)Google Scholar
- 3.Wampler, M., et al.: Ethash. Computer software. GitHub. Vers. 23.1. GitHub, 11 January 2015. https://github.com/ethereum/ethash. Accessed 24 Feb 2018
- 4.Eich, B., Bondy, B.: Brave Browser. Brave Software. Software (2015)Google Scholar
- 5.Hern, A.: Adblock Plus: the Tiny Plugin Threatening the Internet’s Business Model. The Guardian, Guardian News and Media, 14 October 2013. www.theguardian.com/technology/2013/oct/14/the-tiny-german-company-threatening-the-internets-business-model
- 6.Buterin, V., et al.: Ethereum/Wiki. GitHub, 9 February 2014. https://github.com/ethereum/wiki/wiki/Dagger-Hashimoto
- 7.Ramamritham, K., Stankovic, J.A.: Dynamic task scheduling in hard real-time distributed systems. IEEE Softw. 1(3), 65 (1984)CrossRefGoogle Scholar
- 8.Shirazi, B.A., Kavi, K.M., Hurson, A.R.: Scheduling and Load Balancing in Parallel and Distributed Systems. IEEE Computer Society Press, Los Alamitos (1995)Google Scholar
- 9.Bal, H.E., Frans Kaashoek, M., Tanenbaum, A.S.: Orca: a language for parallel programming of distributed systems. IEEE Trans. Softw. Eng. 18(3), 190–205 (1992)CrossRefGoogle Scholar
- 10.Bhatia, D., Burzevski, V., Camuseva, M., Fox, G.C.: WebFlow - A Visual Programming Paradigm for Web/Java Based Coarse Grain Distributed Computing. Northeast Parallel Architecture Center (1997)CrossRefGoogle Scholar
- 11.Cushing, R., et al.: Distributed computing on an ensemble of browsers. IEEE Internet Comput. 17(5), 54–61 (2013). www.computer.org/csdl/mags/ic/2013/05/mic2013050054.htmlCrossRefGoogle Scholar
- 12.Lerner, S.D.: Strict Memory Hard Hashing Functions (Preliminary V0. 3, 01-19-14)Google Scholar
- 13.The Coinhive Team: Coinhive browser extension. Coinhive. Software (2017)Google Scholar
- 14.Duda, J., Dłubacz, W.: Distributed evolutionary computing system based on web browsers with JavaScript. In: Manninen, P., Öster, P. (eds.) PARA 2012. LNCS, vol. 7782, pp. 183–191. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36803-5_13. ACM Digital Library. dl.acm.org/citation.cfm?id=2451764.2451780CrossRefGoogle Scholar
- 15.Dale, O.: Beginner’s Guide to Ethereum Casper Hardfork: What You Need to Know. Blocknomi, 7 November 2017. (https://blockonomi.com/ethereum-casper/)
- 16.Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Pap. 151, 1–32 (2014)Google Scholar
- 17.Szilgyi, P., et al.: Geth. Computer software. GitHub. Vers. 1.8.1. GitHub, 22 December 2013. https://github.com/ethereum/go-ethereum. Accessed 24 Feb 2018
- 18.W3C Team. WebAssembly. Program documentation. WebAssembly. Vers. 1.0. WebAssembly, 17 March 2017. http://webassembly.org. Accessed 28 Mar 2018
- 19.Emscripten Community. Emscripten. Vers. 1.37.36. Emscripten, 11 November 2012. http://kripken.github.io/emscripten-site/docs/getting_started/Tutorial.html. Accessed 28 Mar 2018
- 20.Ookla. Speedtest Global Index Monthly Comparisons of Internet Speeds from around the World. Speedtest Global Index, Ookla, 25 March 2018. www.speedtest.net/global-index
- 21.Fogerlie, G.: Brute Force Website Login Attack Using Hydra - Hack Websites - Cyber Security. Brute Force Website Login Attack Using Hydra - Hack Websites - Cyber Security, YouTube, 24 September 2013. www.youtube.com/watch?v=ZVngjGp-oZo
- 22.Mahmood, O.: Brute Force Website Login Page Using Burpsuite. SecurityTraning, 5 February 2018. securitytraning.com/brute-force-website-login-page-using-burpsuite/
- 23.FoxBrewster, T.: ‘Biggest Ad Fraud Ever’: Hackers Make $5M A Day By Faking 300M Video Views. Forbes, Forbes Magazine, 20 December 2016. https://www.forbes.com/sites/thomasbrewster/2016/12/20/methbot-biggest-ad-fraud-busted/
- 24.Neal, P.: The Generalised coupon collector problem. J. Appl. Probab. 45(3), 621–629 (2008). https://doi.org/10.1239/jap/1222441818MathSciNetCrossRefGoogle Scholar
- 25.Google Recaptcha. https://www.google.com/recaptcha/intro/
- 26.Von Ahn, L., Maurer, B., McMillen, C., Abraham, D., Blum, M.: Recaptcha: human-based character recognition via web security measures. Science 321(5895), 1465–1468 (2008)MathSciNetCrossRefGoogle Scholar
- 27.Thomas, K., et al.: Ad injection at scale: assessing deceptive advertisement modifications. In: IEEE Symposium on Security and Privacy (2015)Google Scholar
- 28.Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper. http://gavwood.com/paper.pdf
- 29.Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_19CrossRefGoogle Scholar
- 30.Taylor, M.B.: The evolution of bitcoin hardware. Computer 50(9), 58–66 (2017)CrossRefGoogle Scholar
- 31.Peyrott, S.: A brief history of JavaScript. Auth0 - Blog, Auth 0, 16 January 2017. auth0.com/blog/a-brief-history-of-javascript/
- 32.Brave Software. Basic Attention Token. Basic Attention Token, 1.0, Brave Software, 13 March 2018. basicattentiontoken.org/
- 33.Geitgey, A.: How to break a CAPTCHA system in 15 minutes with machine learning. Medium, 13 December 2017. medium.com/@ageitgey/how-to-break-a-captcha-system-in-15-minutes-with-machine-learning-dbebb035a710
- 34.Danchev, D.: Inside India’s CAPTCHA solving economy. ZDNet, 4 December 2015. www.zdnet.com/article/inside-indias-captcha-solving-economy/
- 35.ERC20 Token Standard. https://theethereum.wiki/w/index.php/ERC20_Token_Standard
- 36.CryptoCompare. Mining Calculator Bitcoin, Ethereum, Litecoin, Dash and Monero. CryptoCompare. www.cryptocompare.com/mining/calculator/eth