Moonify a respectful browser miner

Moonify.io
Moonify.io
Published in
5 min readMar 9, 2018

We started working on Moonify.io — A browser based cryptocurrency miner in the beginning of 2017. This is the first building block of a more ambitious project that we plan on rolling out incrementally. Unlike some of our competitors, who have resorted to malware and backdoor coin-mining hacks, we developed our miner to be more user compliance friendly. We strongly believe users should be fully aware if our miners are running on their systems. Our policy is to reward users instead of ripping them off.

In line with our philosophy, our miner was developed within an environment of respect, ethics and compliance. It’s absolutely unhidden and our policies, explicitly transparent. When a user visits any site implementing our miner, an unambiguous welcome message is displayed, this informs the visitor and acknowledges their consent on whether they want to opt in or out of mining.

This notification is mandatory. Users maintain full control of their CPU load through our modal window. Here’s our user policy page https://moonify.io/user-policy with an active miner to show up what I’m talking about.

Moonify is a legitimate company with 4 hard working full time staff. We aim to build long term partnerships while developing an interactive community. We believe, just like how there are acceptable online adverts, there can also be acceptable online crypto miners and we aim to be one of them.

That said, we’re fighting on a daily basis against deceptive people using our services, constantly trying to trick our script and hide the mandatory welcome message. Something that could likely get us adblocked.

In order to prevent this, we have built a series of monitoring tools and domain ownership verifications to avoid our services being used as malware on deceitful or hacked sites. Suspicious sites are flagged first, then manually reviewed and then banned if the flag was positive.

User experience comes first

Each time a user visits a partner website using our services, the mandatory welcome notification is displayed:

Clicking on “more” gives access to the control panel.
The panel can be used for :
  • Start/Stop the mining session
  • Define the maximum speed allowed (partners won’t be able to cross this maximum threshold)
  • Read some stats
  • Opt-in or Opt-out of Mining

The user can choose to opt-out from the website he/she is currently visiting, the websites he/she visited, but most importantly he can opt-out from our entire network in one click.

Technical tools to protect the users

Every piece of software or any invention can be used for good or for evil. Because of this, we work hard to protect the users to the best of our abilities.

Once our service has been implemented, our system performs few basic routine checks :

  • The way Moonify has been integrated on the web site.
  • A system check, to see if we can identify any attempt from the partner website to bypass our UI and our warning messages.
  • We also identify the type of machine we have in front of us.

1- Device type

For the time being, we are not supporting mining on mobile devices. At later development stages if we find a good balanced protocol for mobile mining, then, we could address the issue and also test to see if the device is plugged into power.

On desktops and laptops, we do a very quick benchmark of the machine. Depending of the available CPU power, our smart dispatcher will assign different sizes of blocks to mine. The more powerful the machine, the bigger the block.

While, low-end CPUs will work, but they will generate very little hashpower and compute very small blocks.

2- Integration check

Our system always checks the way Moonify has been implemented on partner websites. When a partner website creates a new service in the Administration section, they are accepting our policies:

We do not allow third party installations of Moonify or any of our services, not even as SAAS solutions. We make sure that our services are installed by the website owners and administrators only.

Our system flags suspicious websites when it detects multiple domains using the same Moonify Service.

3- Hacking check

Our system also checks if there are hack or backdoor attempts to hide our mandatory warning messages or any element of our UI. Suspicious sites are flagged first, then manually reviewed and banned when at fault.

Note that we do not block the service by default. We always check for any false-positives before considering banning a domain or blocking an account.

We can easily detect partners with suspicious activities.

Our backend monitoring panel provides us with all the tools necessary to act fast & efficiently.

We can then decide to block the service account, the provider or partner and also definitively ban the domains used by the provider to prevent future use of those domains with a fresh account. Once a domain is banned, the mining process is totally blocked.

There is a future

We believe browser mining to be a very innovative way of monetizing content. However adoption can take time and the activities of certain individuals recently haven’t helped. We aim to bring the building blocks of a new and exciting economic model to content publishers. Someday history will prove we were right.

Jean CEO of Moonify.io

--

--