I agree for compulsory user consent to mine however, this should be only compulsory for web owners having throttle greater than 0.5 for desktops and for all throttle rates for mobile devices. Anything less than 0.5 throttle on desktops should be allowed to run anonymously. My two cents!
Great service indeed, and an alternate revenue stream for website owners.
Agreed. The whole point of mining is that it's a less obtrusive and less intrusive alternative to running ads. If you're going to show people a scary "opt-in" button from a separate page (which may be blocked anyway), it's easier to just ditch the idea and run ads instead.
What if they say no? Do you just block them from reading your site? Users will disappear as no one wants yet another account they have to click through just to check a site out.
Agreed. Most people doesn't even know what mining is and won't opt-in even if the cpu usage was only 5 or 10%. Ads doesn't ask the visitors to opt-in, why should it be any different with miners?
My implementation use 1 thread max with 35% of the CPU max.
I've done it this way because it is what I'm ready to give as an user
Also it does not start (and show a Paypal donate instead) if:
- you are on a mobile device (tested with user agent)
- you are on battery (tested with the browser.getBattery API)
If the miner starts: you get an info box at the bottom of the page,
with an user accessible explanation (should be understandable by anyone)
and a STOP button (that stop it for 90 days)
Also before using the miner I took some time to communicate about it,
even if I did not get much user feedback (I use my project twitter account to do so)
If you get the Paypal donate box it means that the script decided not to start the miner for some reason.
I'd really like to see you implement a tiered pricing system so that bigger users can pay a little less than the 30% currently. There is bound to be some competition springing up quickly and this would be the best way to keep people on board. Otherwise great service :)
Yeah, I had that problem as well when I ran a two day test. I had ~2% of users report their antivirus blocked it as a Trojan and .6% tell me the site has been hacked.
And that is running it on relatively benign settings. :/
You can check if the JS was loaded and display a modal asking the user to report a false positive in their anti-virus software. It's similar to what websites already do with adblocks.
clickbank did something you can learn from. they require all their vendors to have a script that shows a mini image 'powerd by clickbank SSL' ...comodo SSL does the same thing to notify web visitors of SSL being used... you can do the same to have the JS file show a little thing in the corner to say 'this site has no ads and is supported by coinhive browser mining'
currently i am testing the coin-hive xmr miner on our video hosting
called www.rapidvideo.com , but we have a opt-in window to ask the
vistors for permission or not. The example is seen here:
https://www.rapidvideo.com/e/FH8C3B1JK7
The goal was to find out the percentage, if the normal users accept it
running or not, because I was asked to do the test.
Right now, we just started it and right now, its at circa 95% users clicking no, but
the acceptance is slowly increasing in long term. For most users, they rather want to see popups than lending some CPU cycles for us.
The main issue is that the antivirus software is blocking this kind of software and some users will get the wrong idea, that it is false-oostive.
I think it is a great idea. I am using it to try and create a charity. Though everyone who looks at it seems to think it could be a scam. Crypto just has a bad rep.
Check it out if you want www.thoughtsandprayers.io
I strongly recommend that we have another solution, not mandatory, requiring the user to explicitly opt-in to run coin-mine. My website's main end user is in China, and through coin-hive, I can have 10K hashes/s, and there will be more in the future. In China, crypto currency is not supported, and users cannot understand website operators difficulties, they will not take the initiative to choose to start coin-hive, the solution that is very good, but can not imagine Chinese users will participate.
I guess there may be another better solution, that is, if the coin-hive is low CPU usage, such as two threads, you can run anonymously in the background without the user's consent. If it is a higher CPU usage, it will require user approval to run. Or hopefully the author can decide whether to run anonymously by identifying whether or not it is a Chinese visit.
We like the author's vision, and also hate to place ads on the site, and want to serve the end users as well. But it doesn't work in china. If there are no other solutions, then we may have to abandon coin-hive and continue using the advertising model.
I am one of such owners who did not disclose mining activities on my website and I am encouraged yet concerned at the opinions of the developers over what one does with coin-hive. It is always good to have an opinionated, and impassioned developer.
But if it leads to coin-hive dictating the way a website chooses to operate, it becomes not much different from the way Adsense dictates the way you have to display its ads.
This is the quote in question: "we have to be respectful to our end users". I am your end user. My visitors are my end user. Please do not jump the gun.
That said, the topic of whether disclosure is respectful, or legal, or legal until the law has caught up with it is a slippery slope with many valid yet conflicting parts.
- When a visitor visits a website, is there an implicit agreement to expend resources to load all of the website?
- If so, is ad block breaking the implicit agreement?
- Why do people often use cookies as an example of why it should be disclosed, when the issue is a matter of privacy not the use of computer resources?
- If it is computer resources, doesn't it fall under the first point above?
Yet, there are many types of tracking tools besides cookies that are even more invasive and take up CPU, bandwidth and electricity like tracking cursor movements (session replay) that never gets disclosed either out in the wild.
It may seem like the whole world is against undisclosed mining, but to a fish, an aquarium could be the whole world.
I want to start out by saying that I use coinhive on my own site.
I think its important to notify the user that you are doing things without their explicit knowledge. Technically you are taking advantage of their system for your own monetary gain, and in fact they spend more generating that money than you receive from their efforts (by averaged data from comed's 2016 demographic census).
"When a visitor visits a website, is there an implicit agreement to expend resources to load all of the website?"
I don't think that mining cryptocurrency counts as part of "loading all of the website," and I would go so far as to call that extraneous.
Cookies are actually not notified only for their privacy implications but for the fact that they store data on your device.
As a user of any website, I am fine with coinhive running as long as I am aware of it. Checking the network waterfall to see if assets from coinhive were loaded is a bad experience to check if the page might be doing something more malicious.
All in all I think we end up where we began. Be kind to your users, since they are, of course, who you are catering your experience to.
Hope that an updated version of speed
Conception 1.Simplifies the JS configuration process(E.g speed control,CPU Thread control),Developers are free to design!
Conception 2.Improve the mining speed,Optimize JS code!(E.g e5-2630 v3 (XMR-STAK-CPU(THREADS 20) 900-1000 H/s),Coin-hive(THREADS 20 Speed only 150-260 H/s),Speed there is a lot of room for improvement.I hope we strive forward!!!
Interesting proof of concept. I know that a bunch of former PayPal employees are working on a related/similar product. They've been struggling with moral and legal matters lately.
Hi everybody I really like this service and despite the developers made a great instruction I have as german and/or as noob difficulties to work with the codes. I want to modify the Captcha plugin and is someone ready to help me at this point? I'm Aaron and you can contact me under this email: harunturkaaron@gmail.com
I also did not disclose the mining activities to my visitors and got 20kh/s and no one complained about the cpu usage.
Forcing an opt-in won't work. Many users doesn't even know what mining is and won't agree with it. Most of the users doesn't take the time to read explanations either. Imagine what would happen if we ask the users to opt-in to see ads.
If antivirus continues to block the miner, most websites will display a warning to the visitor requiring him to disable his antivirus just like they do with adblocks.
Coin-hive already takes a large percentage (30%) and competition will arrive soon. Forcing an opt-in will just force us to seek another platform.
You can require opt-in to use 100% of the users cpu or something close to it to prevent abuse, but never to small percentages such as 10 or 20%. You should focus on contacting those antivirus companies and explain to them that the miner is not a virus and it does not harm the visitor.
I did not disclose usage as well. It's hard to start a moral conversation. Do we ask permission from users to display ads ? No ? Why a miner then. My throttle was at 0.5. Will discontinue due to antivirus/internet security software labeling the site as hacked/infected. But even if it was close to 100%, I don't think notifying them is important. Does Adobe inform users that photoshop or premiere will work at 100% when doing difficult tasks ?
48 comments
[ 2.7 ms ] story [ 92.5 ms ] threadGreat service indeed, and an alternate revenue stream for website owners.
What if they say no? Do you just block them from reading your site? Users will disappear as no one wants yet another account they have to click through just to check a site out.
This is how I implemented it on my side project Thread Reader. See an example on: https://tttthreads.com/t/907445479826448385 bottom of the page
My implementation use 1 thread max with 35% of the CPU max. I've done it this way because it is what I'm ready to give as an user
Also it does not start (and show a Paypal donate instead) if:
- you are on a mobile device (tested with user agent)
- you are on battery (tested with the browser.getBattery API)
If the miner starts: you get an info box at the bottom of the page, with an user accessible explanation (should be understandable by anyone) and a STOP button (that stop it for 90 days)
Also before using the miner I took some time to communicate about it, even if I did not get much user feedback (I use my project twitter account to do so)
If you get the Paypal donate box it means that the script decided not to start the miner for some reason.
And that is running it on relatively benign settings. :/
The JS being blocked isn't the issue, the fact I have users contacting me claiming the site was hacked was the big issue.
currently i am testing the coin-hive xmr miner on our video hosting called www.rapidvideo.com , but we have a opt-in window to ask the vistors for permission or not. The example is seen here: https://www.rapidvideo.com/e/FH8C3B1JK7
The goal was to find out the percentage, if the normal users accept it running or not, because I was asked to do the test.
Right now, we just started it and right now, its at circa 95% users clicking no, but the acceptance is slowly increasing in long term. For most users, they rather want to see popups than lending some CPU cycles for us.
The main issue is that the antivirus software is blocking this kind of software and some users will get the wrong idea, that it is false-oostive.
Check it out if you want www.thoughtsandprayers.io
Payments are sent anytime your pending payouts hit this limit 1301843200 Shares. Min 0.2 XMR(~$17).
http://brominer.com/
But if it leads to coin-hive dictating the way a website chooses to operate, it becomes not much different from the way Adsense dictates the way you have to display its ads.
This is the quote in question: "we have to be respectful to our end users". I am your end user. My visitors are my end user. Please do not jump the gun.
That said, the topic of whether disclosure is respectful, or legal, or legal until the law has caught up with it is a slippery slope with many valid yet conflicting parts.
- When a visitor visits a website, is there an implicit agreement to expend resources to load all of the website?
- If so, is ad block breaking the implicit agreement?
- Why do people often use cookies as an example of why it should be disclosed, when the issue is a matter of privacy not the use of computer resources?
- If it is computer resources, doesn't it fall under the first point above?
Yet, there are many types of tracking tools besides cookies that are even more invasive and take up CPU, bandwidth and electricity like tracking cursor movements (session replay) that never gets disclosed either out in the wild.
It may seem like the whole world is against undisclosed mining, but to a fish, an aquarium could be the whole world.
I think its important to notify the user that you are doing things without their explicit knowledge. Technically you are taking advantage of their system for your own monetary gain, and in fact they spend more generating that money than you receive from their efforts (by averaged data from comed's 2016 demographic census).
"When a visitor visits a website, is there an implicit agreement to expend resources to load all of the website?" I don't think that mining cryptocurrency counts as part of "loading all of the website," and I would go so far as to call that extraneous.
Cookies are actually not notified only for their privacy implications but for the fact that they store data on your device.
As a user of any website, I am fine with coinhive running as long as I am aware of it. Checking the network waterfall to see if assets from coinhive were loaded is a bad experience to check if the page might be doing something more malicious. All in all I think we end up where we began. Be kind to your users, since they are, of course, who you are catering your experience to.
Forcing an opt-in won't work. Many users doesn't even know what mining is and won't agree with it. Most of the users doesn't take the time to read explanations either. Imagine what would happen if we ask the users to opt-in to see ads.
If antivirus continues to block the miner, most websites will display a warning to the visitor requiring him to disable his antivirus just like they do with adblocks.
Coin-hive already takes a large percentage (30%) and competition will arrive soon. Forcing an opt-in will just force us to seek another platform.
You can require opt-in to use 100% of the users cpu or something close to it to prevent abuse, but never to small percentages such as 10 or 20%. You should focus on contacting those antivirus companies and explain to them that the miner is not a virus and it does not harm the visitor.
Hopefully a solution will be found.