Client’s Story: REMME for mining equipment

The cgminer chips used in mining equipment checks for conditions where the primary pool is lagging and passes some work to the backup servers under those conditions to try to keep the devices working on something useful and not risk idle periods. For cgminer to connect with mining pools, it uses the Stratum protocol which is the de-facto mining communication protocol used by blockchain-based cryptocurrency systems that enables miners to reliably and efficiently fetch jobs from mining pool servers.

However, this protocol has some vulnerabilities due to the lack of cryptographic protection of communications. Hence, the main purpose of integrating the REMME solution was to improve the Stratum protocol.

About the Client

For more than four years, Ukraine-based Hotmine has specialized in the development of products that use chips such as the 16 nm found in the microminer project, Hotmine hot-water boiler/btc miner, upgrade kits, X5 and X6 miners. Its engineers develop the products based on decentralization, Internet of Things and Bitcoin principles as well as cooperate with other companies that want to produce smart mining equipment, are seeking for partners to develop products for IoT needs and those who want to invest time and money in the field.


Proof-of-Work happens as miners try to solve exceptionally difficult mathematical problems. To prove ownership of the facilities, the miner must constantly perform a complex mathematical function (SHA-256) and send the results of the calculation to the network. Let’s consider the details of how the standard Stratum protocol functions.

After Stratum replaced the getwork protocol, it became the most popular protocol used by the miners. In the Stratum protocol, the miners solve the parts of the puzzle given to them (jobs) and send the intermediate results of the mining (shares) to the server. Then the pool compensates the work that has been done by miners according to the complexity of the work and the amount of shares sent to the server.

The Stratum protocol implementation is a textual connection over TCP / IP between the miner and the pool and it uses the JSON-RPC message format.

To register a miner on the pool, the client sends a connection subscription message to the server and the server brings back the subscription response message. Then, an authorization request is made using the miner’s authorization request message. The server responds to this request with a status result message: if successful, the server sends a “difficulty notification” message which shows the minimal complexity that the pool supports.

The pool uses the mining job notification message to issue the scope of work to the miner. After this, the miner starts to send a huge amount of share submission messages on a periodical basis with the results of the cryptographic puzzle computing.

This article shows how the hacker can steal the computing resources of the miner and even earn a profit from it by substituting traffic. While the simplest solution would be to simply arrange an encrypted channel between the miner and the pool, the simplest solution is usually not the best. Few issues with such a solution are as follow:

  1. The speed of delivery of the results of mining (hashes): The faster the block will be distributed through the network, the less likely that this block will become an “orphan” block. The installation and support of TCP, or even more, the encrypted TLS connection, makes a delay.
  2. Increase in network load: The second problem is increasing the load to the pool and to the miner’s processor as well as increasing the traffic between the miner and the pool. The highest load appears when the miner sends the result of the work — shares.


To solve these problems and improve the Stratum protocol, we created a new StratumRM protocol. In this protocol, the connection with the pool is divided into two different connections. One connection uses TCP + TLS while the second uses UDP. The TCP + TLS connection manages a low-speed connection which is used for the miner’s authorization on the server and to get statistics of the delivered packets. The high-speed UDP is used for the transmitting of the miner’s work results. The only difference is that the cookie connection received over the encrypted channel is included in the package with the result of the work. We made the most of Stratum’s best practice and tried to follow the format of the messages of the protocol when creating StratumRM. We used some things made by Bedrock — a minimalistic Stratum extension that protects the privacy and security of mining participants — during the development process.

The REMME solution is used during the miner authorization process on the pool while the TLS connection sets up. The certificate downloading process is processed using the miner’s unique web management and configuration created by Hotmine. The second certificate is used when a user logs into the account of the pool through the web interface.

Want to know more about REMME? Visit our website.