Hacker News new | comments | show | ask | jobs | submit login
Show HN: Coinerra – JavaScript Crypto Miner (coinerra.com)
32 points by andrei821 11 months ago | hide | past | web | favorite | 35 comments

"We add an intermediary 15s step" "Add a timer to lock items which your users can unlock by mining" "you can delay showing the results for 5-10s to mine crypto"

"giving your users the awesome experience they deserve."

Awesome experience indeed.

Well, maybe the emphasis is on deserve here? ;)

I love their first FAQ. You don't often see a service that comes out and says "This probably isn't for you."

> Q: Will This Work On My Site? > A: Technically yes, economically probably not.

That same answer goes on to discuss how much revenue you could actually expect from using this crypto miner: "With just 10–20 active miners on your site, you can expect a monthly revenue of about 0.3 XMR (~$29)."

It seems like in some situations, where users are incentivized to stick around and mine for a bit, this could be an effective model. It seems like there is room for improvement in tuning power consumption and fees charged. Plus, if ad blockers block miners, it's likely a non-starter... but the merits of that are a different debate.

The FAQ is copypasted word-by-word from Coinhive though which I find kind of sloppy and non-serious.

Show HN: Coinhive – Embeddable JavaScript Crypto Miner | https://news.ycombinator.com/item?id=15246145 (Sep 2017)

Mentions https://medium.com/@MaxenceCornet/coinhive-review-embeddable...

$0.36 a day For this exact website, it’s 4 to 5 times less than what it makes with non-intrusive ads (banner + text only)

Hmm. That definitely seems sketchy. I'll redirect my love elsewhere.

I'm sure it's been covered to death already, but wow, this really ought to kill user's batteries. I'm not sure how I feel about this concept.

On my laptop (plugged in) I'd much rather donate CPU cycles than deal with ads/trackers/malware/etc.

If I could generate credits when I'm plugged in on my laptop, then use those credits later from my mobile, I wouldn't have to worry about battery.

Even better, if I could generate credits over-night when energy is cheapest - maybe I'd have enough credits to browse the internet ad-free the next day while supporting the creatives/content-producers.

I don't see the problem as long as you warn your users before making them explicitly start the miner to receive stuff.

That feels like the problem to me--there's no incentive for a website to do so instead of simply mining without the user's consent.

Except being morally objectionable and a PR disaster? No serious website would do that. I've completely stopped visiting The Pirate Bay after they put a miner there without users' consent.

The serious use case for these miners is that you have some kind of incentive for your users to mine, not just have it mine randomly in the background. I guess it works for pure donations but take a look at "Use Cases" on the front page for a couple of examples of what I mean.

That makes sense. I do appreciate that they went to the effort of putting intended use cases on their website, and I wouldn't mind explicitly encountering some of them (I would gladly mine some cryptocurrency to help support video creators I enjoy rather than watching or seeing ads). I just worry that "morally objectionable" and "PR disaster" aren't enough to stop JS miners from being used without the user's consent on sites--to me it feels somewhat comparable to ad tracking behavior.

I feel the same way about 'modern' websites that are written as JS-only 'web apps'.

And the big problem isn't consent. If I'm paying to watch a video by mining, my battery might not last the duration of the video I'm mining to watch!

Okay I'll bite. How is your choice of device the dev's responsibility?

I mean it's not like it'd make sense to flame blizzard or bethesda because you can't play as long as you'd like on a laptop/mobile.

You use the proper device for the proper use, and this way you just get an additional option to trade value with the site owner. You're free not to mine in the same way you're free to get a paid account if you don't like ads.

That's not "the big problem" in my opinion. I don't even know if I would consider it a problem at all. If I want to drain my computer's battery and get something for it that's my choice. As I said in another comment, the actual big problem is rogue sites putting this crap without user initialization or even informing them.

Hard to take this seriously with a mistake right on the front page:

> It's the cheapest miner on the market: 85% to you - 15% to Coinerra

A rapid search turns up crypto-loot.com with 88% payout. That said, it's good to see more actors in this space. Just please get your facts straight!

Hi everyone. Founder here. Thanks for the feedback, and I admit, there are a lot of things that we can improve. We have focused more on the technology, and soon are going to update most of the documentation and FAQ.

So this takes 15% fee vs 30% for Coinhive. With almost non-existant barrier to entry, it seems like commission would be driven down to what traditional mining pool cuts (1% or less)

This doesn't have an API though so I don't really understand how you would use it for rewards. With Coinhive you can verify the number of solved hashes per user server-side.

Yeah, they don't have a private api, but you could use the client side API (miner) to get total hashes / listen for accepted hashes and save the data on your side and give rewards based on that.

The animation on the 'Sign Up' button is a sin. Instant tab close.

Almost as bad as the 'subscribe' popup nonsense way too many websites have.

It doesn't bother me too much, all in all. Distracting, sure, but then again, they found a way to draw your attention to the most important button on their website (in their opinion). It doesn't obscure the content like a popup or prevent you from closing the tab with an alert. By my book, that's playing by the rules.

Nah it's not that bad but it's similar to seeing a '.biz' domain or comic-sans font - an innate heuristic that informs my brain to nope the hell out of there.

It triggers the this is scammy response (no matter how unjustly).

I think all ad blockers and the like should block these miners. Full stop. Not because I'm anti-miner but because serious websites must explicitly ask for users' consent and while doing that it's easy just to whitelist the miner for that specific website when you want to mine. I don't see any dichotomy. The problem is obviously rogue sites mining in the background.

It seems pretty natural for ad blockers to block miners, which extends them more into the space of allowing users to maintain control over their client, rather than purely blocking ads as the name implies.

That being said, the primary concern so far seems to be the CPU melting effect of the mining. (I don't want to use my battery, CPU, etc to make you money without you asking me.) Rather than blacklisting certain domains or requests to crypto-mining services, I'd like to see something that protects against intensive scripts in general.

Here's how I could see it working:

* Services like Coinerra want to do intensive work without blocking site responsiveness, so they should use something like Web Workers.

* Browsers should provide user controls to throttle the execution of Web Workers. This will protect their resources from most intensive scripts.

* Intensive execution on the main thread already has (inelegant) protections (no responsiveness, script timeout warnings). Maybe these will need to be improved as more sites request intense, continuous computations on behalf of clients.

Unfortunately, crypto miners themselves will have little incentive to add the controls on their end, because it is best for their customers if the hashes are computed at the maximum rate. (Well, they will have a little incentive, because throttling may allow them to fly under the radar, providing smaller revenue without being blocked entirely.)

uBlock does block Coinhive by default which is another one of these, not sure about Coinerra though.

> You are running Vue in development mode.


Anyways, it's time for a miner blocker browser plugin I guess, this sucks!

Made a blocker some time ago for Coin Hive and a few others, will add Coinerra to the blocker too. You can check it out on Github: https://github.com/keraf/NoCoin

Some list i have in uBlock Origin already blocks CoinHive's miner (https://github.com/uBlockOrigin/uAssets/issues/690), i guess this will follow soon.

Mining services are fighting back by registering additional "random" domains though: https://github.com/jspenguin2017/uBlockProtector/issues/636#...

It only sucks if you use it without user-consent. Sadly a lot of sites probably will, which is why a blocker sounds reasonable.

uBlock Origin now includes a default filter list called Resource abuse, for blocking cryptocoin miners and the like.

I did a 1 day trial... My stats TOTAL HASHES 2.33 Milion/Hashes TOTAL PAID 0.00000 xmr PENDING PAYMENTS 0.00000 xmr ????? ALL IS 0, I stopped using it

I think they had a bug, because for me it started showing today. 10.47 MH -> 0.00177 xmr pending and now it's increasing at each refresh

the js isn't just minified, its been obfuscated (actually adding to the size significantly). it also has the exact same api as coinhive. i wonder what they are trying to hide...

Applications are open for YC Winter 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact