Advertisement

Distributed Web Mining of Ethereum

  • Trishita Tiwari
  • David Starobinski
  • Ari Trachtenberg
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10879)

Abstract

We consider the problem of mining crytocurrencies by harnessing the inherent distribution capabilities of the World Wide Web. More specifically, we propose, analyze, and implement WebEth, a browser-based distributed miner of the Ethereum cryptocurrency. WebEth handles Proof-of-Work (PoW) calculations through individualized code that runs on the client browsers, and thereafter collates them at a web server to complete the mining operation. WebEth is based on a lazy evaluation technique designed to function within the expected limitations of the clients, including bounds on memory, computation and communication bandwidth to the server. We provide proofs-of-concept of WebEth based on JavaScript and WebAssembly implementations, with the latter reaching hash rates up to roughly 40 kiloHashes per second, which is only 30% slower than the corresponding native C++-based implementation. Finally, we explore several applications of WebEth, including monetization of web content, rate limitation to server access, and private Ethereum networks. Though several distributed web-based cryptominers have appeared in the wild (for other currencies), either in malware or in commercial trials, we believe that WebEth is the first open-source cryptominer of this type.

Keywords

Crypto-currency Ethereum Distributed computing Web-browser computing Mining 

Notes

Acknowledgment

The authors would like to thank Dennis Your for his contributions during the early stages of this research. This research was supported in part by NSF under grant CCF-1563753. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the NSF.

References

  1. 1.
    Tiwari, T., et al.: WebEth. GitHub, 1.0, GitHub, 10 April 2018. github.com/trishutiwari/web-ethereum-mining
  2. 2.
    Gundlach, M.: AdBlock browser extension. AdBlock. Software (2009)Google Scholar
  3. 3.
    Wampler, M., et al.: Ethash. Computer software. GitHub. Vers. 23.1. GitHub, 11 January 2015. https://github.com/ethereum/ethash. Accessed 24 Feb 2018
  4. 4.
    Eich, B., Bondy, B.: Brave Browser. Brave Software. Software (2015)Google Scholar
  5. 5.
    Hern, A.: Adblock Plus: the Tiny Plugin Threatening the Internet’s Business Model. The Guardian, Guardian News and Media, 14 October 2013. www.theguardian.com/technology/2013/oct/14/the-tiny-german-company-threatening-the-internets-business-model
  6. 6.
    Buterin, V., et al.: Ethereum/Wiki. GitHub, 9 February 2014. https://github.com/ethereum/wiki/wiki/Dagger-Hashimoto
  7. 7.
    Ramamritham, K., Stankovic, J.A.: Dynamic task scheduling in hard real-time distributed systems. IEEE Softw. 1(3), 65 (1984)CrossRefGoogle Scholar
  8. 8.
    Shirazi, B.A., Kavi, K.M., Hurson, A.R.: Scheduling and Load Balancing in Parallel and Distributed Systems. IEEE Computer Society Press, Los Alamitos (1995)Google Scholar
  9. 9.
    Bal, H.E., Frans Kaashoek, M., Tanenbaum, A.S.: Orca: a language for parallel programming of distributed systems. IEEE Trans. Softw. Eng. 18(3), 190–205 (1992)CrossRefGoogle Scholar
  10. 10.
    Bhatia, D., Burzevski, V., Camuseva, M., Fox, G.C.: WebFlow - A Visual Programming Paradigm for Web/Java Based Coarse Grain Distributed Computing. Northeast Parallel Architecture Center (1997)CrossRefGoogle Scholar
  11. 11.
    Cushing, R., et al.: Distributed computing on an ensemble of browsers. IEEE Internet Comput. 17(5), 54–61 (2013). www.computer.org/csdl/mags/ic/2013/05/mic2013050054.htmlCrossRefGoogle Scholar
  12. 12.
    Lerner, S.D.: Strict Memory Hard Hashing Functions (Preliminary V0. 3, 01-19-14)Google Scholar
  13. 13.
    The Coinhive Team: Coinhive browser extension. Coinhive. Software (2017)Google Scholar
  14. 14.
    Duda, J., Dłubacz, W.: Distributed evolutionary computing system based on web browsers with JavaScript. In: Manninen, P., Öster, P. (eds.) PARA 2012. LNCS, vol. 7782, pp. 183–191. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36803-5_13. ACM Digital Library. dl.acm.org/citation.cfm?id=2451764.2451780CrossRefGoogle Scholar
  15. 15.
    Dale, O.: Beginner’s Guide to Ethereum Casper Hardfork: What You Need to Know. Blocknomi, 7 November 2017. (https://blockonomi.com/ethereum-casper/)
  16. 16.
    Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Pap. 151, 1–32 (2014)Google Scholar
  17. 17.
    Szilgyi, P., et al.: Geth. Computer software. GitHub. Vers. 1.8.1. GitHub, 22 December 2013. https://github.com/ethereum/go-ethereum. Accessed 24 Feb 2018
  18. 18.
    W3C Team. WebAssembly. Program documentation. WebAssembly. Vers. 1.0. WebAssembly, 17 March 2017. http://webassembly.org. Accessed 28 Mar 2018
  19. 19.
    Emscripten Community. Emscripten. Vers. 1.37.36. Emscripten, 11 November 2012. http://kripken.github.io/emscripten-site/docs/getting_started/Tutorial.html. Accessed 28 Mar 2018
  20. 20.
    Ookla. Speedtest Global Index Monthly Comparisons of Internet Speeds from around the World. Speedtest Global Index, Ookla, 25 March 2018. www.speedtest.net/global-index
  21. 21.
    Fogerlie, G.: Brute Force Website Login Attack Using Hydra - Hack Websites - Cyber Security. Brute Force Website Login Attack Using Hydra - Hack Websites - Cyber Security, YouTube, 24 September 2013. www.youtube.com/watch?v=ZVngjGp-oZo
  22. 22.
    Mahmood, O.: Brute Force Website Login Page Using Burpsuite. SecurityTraning, 5 February 2018. securitytraning.com/brute-force-website-login-page-using-burpsuite/
  23. 23.
    FoxBrewster, T.: ‘Biggest Ad Fraud Ever’: Hackers Make $5M A Day By Faking 300M Video Views. Forbes, Forbes Magazine, 20 December 2016. https://www.forbes.com/sites/thomasbrewster/2016/12/20/methbot-biggest-ad-fraud-busted/
  24. 24.
    Neal, P.: The Generalised coupon collector problem. J. Appl. Probab. 45(3), 621–629 (2008).  https://doi.org/10.1239/jap/1222441818MathSciNetCrossRefGoogle Scholar
  25. 25.
  26. 26.
    Von Ahn, L., Maurer, B., McMillen, C., Abraham, D., Blum, M.: Recaptcha: human-based character recognition via web security measures. Science 321(5895), 1465–1468 (2008)MathSciNetCrossRefGoogle Scholar
  27. 27.
    Thomas, K., et al.: Ad injection at scale: assessing deceptive advertisement modifications. In: IEEE Symposium on Security and Privacy (2015)Google Scholar
  28. 28.
    Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper. http://gavwood.com/paper.pdf
  29. 29.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313–314. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38348-9_19CrossRefGoogle Scholar
  30. 30.
    Taylor, M.B.: The evolution of bitcoin hardware. Computer 50(9), 58–66 (2017)CrossRefGoogle Scholar
  31. 31.
    Peyrott, S.: A brief history of JavaScript. Auth0 - Blog, Auth 0, 16 January 2017. auth0.com/blog/a-brief-history-of-javascript/
  32. 32.
    Brave Software. Basic Attention Token. Basic Attention Token, 1.0, Brave Software, 13 March 2018. basicattentiontoken.org/
  33. 33.
    Geitgey, A.: How to break a CAPTCHA system in 15 minutes with machine learning. Medium, 13 December 2017. medium.com/@ageitgey/how-to-break-a-captcha-system-in-15-minutes-with-machine-learning-dbebb035a710
  34. 34.
    Danchev, D.: Inside India’s CAPTCHA solving economy. ZDNet, 4 December 2015. www.zdnet.com/article/inside-indias-captcha-solving-economy/
  35. 35.
  36. 36.
    CryptoCompare. Mining Calculator Bitcoin, Ethereum, Litecoin, Dash and Monero. CryptoCompare. www.cryptocompare.com/mining/calculator/eth

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Trishita Tiwari
    • 1
  • David Starobinski
    • 1
  • Ari Trachtenberg
    • 1
  1. 1.Department of Electrical and Computer EngineeringBoston UniversityBostonUSA

Personalised recommendations