A Few Ways To Ensure Confidentiality And Security When Mining Bitcoin
November 11, 2020 / Interesting
As governments and regulators study Bitcoin, their attempts to regulate or even directly control mining seem inevitable. What can we do to secure our acts?
Do you want your ISP to be aware of everything you do online? Most likely no. One of the ways internet users have partially regained privacy in recent years is by switching from HTTP to HTTPS. The latter is already the standard for all websites.
The “S” means Secure in HTTPS. Basically, your ISP knows which websites you visit, but doesn’t know what you are doing on them.
On websites without an SSL certificate, your ISP can track all of your activity, including usernames, passwords, and even payment details.
Obviously, HTTPS is a more acceptable protocol for users.
Most Bitcoin miners still use HTTP equivalent of mining called Stratum V1. Miners and mining pools are constantly exchanging data in JSON format, and, unless additional precautions are taken, the ISP can see all the details of this data transfer.
In other words, ISPs, based on the data available to them, can easily see that someone is mining Bitcoin. Worse, that someone can steal the hashrate (and thus the BTC) without your knowledge. Even your neighbor can carry out a hash hijacking attack if the ISP does not properly isolate clients from each other.
To prevent this, miners can use the industry equivalent of HTTPS: Stratum V2. While V1 data transmission is unencrypted and human-readable, Stratum V2 uses Authenticated Data-Attached Encryption (AEAD) to ensure the confidentiality of data transfers between miners and pools.
Switching from JSON to binary in Stratum V2 significantly reduces the size of the data transferred, so that encrypted messages in V2 are about 50% lighter than unencrypted messages in V1. Data download by miners will not increase after switching to V2.
Your ISP doesn’t have to know that you are mining bitcoin. Stratum V2 avoids this. But this is only part of the solution.
Your ISP can still see which websites you visit. You can learn a lot about a person even from a list of URLs.
VPN can come in handy for general web browsing. A VPN masks your public IP address so your ISP doesn’t know what you are doing on the Internet and doesn’t track your activities.
Bitcoin miners can achieve the same privacy improvement with DNS proxies without significantly increasing network latency.
This dnsscrypt-proxy provides a local service that can be used directly on the local resolver or as a DNS forwarder, encrypting and authenticating requests using the DNSCrypt protocol and forwarding them to an upstream server. The DNSCrypt protocol uses high-speed, high-security elliptic curve cryptography, which is similar to DNSCurve but aims to secure communication between the client and its Layer 1 converter.
Information that is usually exposed is also encrypted through a DNS proxy server, which means that the ISP cannot determine which sites you visit.
Miners can use any DNS proxy that supports encrypted DNS protocols such as DNSCrypt v2 and DNS-over-HTTPS to achieve much more privacy. Combined with Stratum V2, this is the equivalent of browsing the web with a VPN and visiting only HTTPS domains.
If you only use one or a few ASIC devices, these steps will help you keep mining confidential and safe. Large-scale mining leaves a thermodynamic footprint that is difficult to hide.
The best thing to do with software is to ensure that no one, including your ISP, can eavesdrop on your mining or steal your hash rate.