Client Side  Crypto Miners – Part 2

Client Side Crypto Miners – Part 2

By | March 8th, 2018
No Comments on Client Side Crypto Miners – Part 2

JAVASCRIPT API OPT-IN OVERLAY When loaded through the

JavaScript API will ask the user for consent as soon as miner.start() is

called. This is done in a popover window directly on your page. You will

not be able to start the miner if the user cancels the opt-in. If the user

gives consent, an […]


When loaded through the JavaScript API will ask the user for consent as soon as miner.start() is called. This is done in a popover window directly on your
page. You will not be able to start the miner if the user cancels the opt-in. If the user gives consent, an opt-in token is stored in a cookie on your website. As long as the token does not expire, the miner can start again without a further explicit opt-in.
To prevent misuse, the text in the opt-in screen can not be altered. Translations for the content on this page into different languages will be available in the near future.
The simple UI as well as the JavaScript API keeps the opt-in given by the user as valid for their current browser session or at most 24h.
The response to the opt-in is stored in a session cookie. Coinhive claims that it can not be altered as it includes a timestamp and a cryptographic token. The cookie is first checked in the browser on the client side in JavaScript and (if not expired) is validated again upon connection to their pool servers. CoinHive’s servers refuse a connection from an invalid or expired opt-in token and shows the opt-in screen again.
To prevent one opt-in token to be used with multiple clients, the token incorporates the user’s current IP address. If the IP address changes, the user has to provide consent via opt-in again. The token also incorporates your site key so that it is only valid for one website at a time.
Coinhive also claims that the opt-in token itself is stateless and that they do not store the token on their servers in any form at all.

You can also retrieve the number of hashes solved by a user by making a direct call to Coinhive’s API via curl or similar utilities, which in turn will return JSON responses. An example call would be:
curl “” # {success: true, name: “your-name ” balance: 1024}
You can also listen onto events, write your handlers, etc. Check out a detailed example here: Full documentation can be found on:

To embed the Coinhive Miner UI, you have to load the simple-ui.min.jsanywhere on your page and create a

with the coinhive-miner class where you want the miner to be displayed on the client side.
A sample snippet for the same can be found here: The UI for the same can be easily customized by providing the size as style and other data-attributes. Only the datakey attribute is mandatory. All other attributes are optional.
If the user has already configured the number of threads and throttle to use, the miner will remember their choices. The data-threads and datathrottle attributes only provide a default for the first run of the miner.
For a complete example, in the blue colour scheme, check out the code at this link:

Proof of Work Captcha
CoinHive provides a captcha-like service where users need to solve a number of hashes (adjustable by you) in order to submit a form. This method is already in use. Chances are that if you have signed up on CoinHive then you have already seen it in action at the sign-up page’s form. Here’s how it looks in action:This prevents spam at an inconvenience that is comparable to a classic captcha. All with the added benefit of earning you money.

Proof of Work Shortlinks
If you have an URL you’d like to forward your users to, you can create a shortlink to it. The user has to solves a number of hashes (adjustable by you) and is automatically forwarded to the target URL afterwards.Example: (Find out where it takes you!).
You can create shortlinks directly in your control panel or through CoinHive’s API via the endpoint “/
Http API Documentation
A full-fledged HTTP API exists for multiple functionalities. Full Http API documentation is available at: An example can be found at


If ethical practices are enforced, then this looks like a promising new way by which websites with high numbers of visitors or websites where users tend to stay on for longer time periods may choose to serve ad-free content and yet make profits out of their websites. However, small websites or low visit count blogs may not be able to sustain even their minimal operating costs from the proceeds of browser based client-side mining. And even if it doesn’t turn out to be significant, it will reduce the burden on ads alone to generate revenue for a website.
Nevertheless, it’s an interesting development and can find innovative applications in the wide world of the internet. It is suggested that before implementing such solutions check the legal aspects related to these in accordance to the laws of the land where you reside and operate from. Also, keep your users in good faith and they will appreciate the gesture and praise you for sticking to an ethical code. Just be up front about any mining activity on your website.

Read about RBI-s crypto currency policy and the legal aspects of cryptocurrencies in India here:

[DISCLAIMER: The author or the publication assumes or undertakes NO LIABILITY for any loss or damage suffered as a result of the use, misuse or reliance on the information and content on this article. This article is for informational purposes only and should be used as such at your own responsibility.]

Ashutosh Gupta
Share a little biographical information to fill out your profile. This may be shown publicly. In WordPress version 2.9, a new filter was added to make changing the [...] string in the excerpt. Do not use both of these methods in