Fixed C++ build failures in `miner/core/tests/CMakeLists.txt`:
- Applied `-mavx2 -mvaes` compilation flags to `CryptoNight_x86_vaes.cpp` in the test library target, mirroring the main build configuration. This resolves the `target specific option mismatch` error during compilation.
- Applied optimization flags to `CnHash.cpp` in the test library target.
Verified Go implementation:
- Confirmed `PingPeer` is implemented in `pkg/node/controller.go`.
- Confirmed `handlePing` is implemented in `pkg/node/worker.go`.
- Confirmed `go.mod` includes necessary dependencies.
Recorded learnings regarding CMake property propagation across directories.
- Create miner/README.md documenting standalone C++ mining tools
- Update miner/core and miner/proxy READMEs with EUPL-1.2 license
- Add GitHub Actions workflow for multi-platform miner releases
- Add Makefile targets: build-miner, build-miner-core, build-miner-proxy
- Update main README with standalone miner usage instructions
The miner/ directory contains standalone CPU/GPU miner and stratum
proxy that can be used independently without the GUI. Pre-built
binaries will be published alongside Go releases.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- HIGH-015: Improve TLS certificate validation
- Enable SSL_VERIFY_PEER with system CA store
- Support certificate pinning via fingerprint
- Chain validation OR fingerprint match required
- HIGH-019: Document libuv single-thread model for Client state
- TOCTOU pattern is safe due to event loop serialization
- MED-005: Fix potential alignment issues in Keccak
- Use memcpy for unaligned uint8_t* to uint64_t access
- Prevents undefined behavior on strict alignment architectures
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Security fixes:
- HIGH-014: Use OpenSSL's RAND_bytes() for cryptographic random instead
of std::mt19937 when libsodium not available
- HIGH-021: Use find() instead of operator[] in SimpleSplitter::submit()
to avoid inserting nullptr into map
- HIGH-024: Use CRYPTO_memcmp() for constant-time token comparison in
Httpd::auth() to prevent timing attacks
- HIGH-026: Add overflow detection and slot reuse in Storage::add()
counter to prevent ID collisions after many connections
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Critical fixes:
- CRIT-008: Enable TLS peer certificate verification in client connections
- CRIT-010: Add null pointer checks throughout ExtraNonceSplitter
- CRIT-011: Validate JSON error message field before access in Client
- CRIT-013: Make event system thread-safe with atomic<bool> and CAS
- CRIT-018: Add bounds checking in NonceSplitter vector access
High priority fixes:
- HIGH-002: Set 0600 permissions on generated private key files
- HIGH-004: Add strtol error checking and overflow validation
- HIGH-007: Handle integer overflow in ExtraNonceStorage nonce counter
- HIGH-018: Add comprehensive JSON field validation in Miner::parse()
These fixes address TLS security, thread safety, memory safety, and
input validation issues identified during parallel code review.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Security fixes implemented:
- CRIT-001/002: Replace static shared buffer with per-instance buffer in Miner
- CRIT-003: Redact password from API response in ApiRouter
- CRIT-004: Fix TlsContext::setCiphers returning true on failure + TLS hardening
- CRIT-005: Add null check in Controller destructor to prevent double-free
- CRIT-006: Add JSON type validation before member access in BindHost
- CRIT-007: Restrict CORS to localhost + add security headers in HttpApiResponse
- CRIT-014: Add HTTP body/header/URL size limits to prevent DoS
- HIGH-001: Make miner ID generation thread-safe with std::atomic
- HIGH-003: Make all global counters atomic in Counters class
- HIGH-009: Implement rolling window for latency vector (max 10K entries)
These fixes address race conditions, memory exhaustion DoS vectors,
information disclosure, and thread safety issues identified during
parallel code review.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement GPU mining backends for three new algorithms:
- ProgPowZ (Zano): DAG-based ProgPow variant with 512 parents, dynamic
program generation per period
- ETChash (Ethereum Classic): Standard Ethash with 256 parents and
ECIP-1099 epoch calculation for post-block 11.7M
- Blake3DCR (Decred): Simple Blake3 hash kernel with no DAG requirement,
processing 180-byte block headers
Each implementation includes OpenCL kernels, GPU runners, thread
generators, and build system integration. Also adds fast modulo
optimization to ETCCache for GPU kernel performance.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Stratum protocol integration for ETChash, ProgPowZ, Blake3DCR
- EthStratumClient selection for DAG-based algorithms
- Nonce offset handling for all new algorithm families
- AutoClient support for new algorithm detection
- Coin definitions for ETC, ETH, ZANO, DCR
Worker integration:
- CPU worker support for Blake3DCR mining
- GPU worker stubs for ETChash, ProgPowZ, Blake3
- Proper algorithm family handling in CpuWorker/OclWorker
Go CLI integration:
- Updated xmrig_start.go with coin field support
- Improved pool configuration for new algorithms
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Blake3 cryptographic hash library (portable C implementation)
- Create Blake3DCR wrapper for Decred mining (180-byte block headers)
- Register BLAKE3_DCR algorithm ID (0x62100000) with dcr/decred aliases
- Support for block header hashing and nonce iteration
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add core crypto implementation (ProgPowZHash.cpp, ProgPowZCache.cpp)
- ProgPowZ uses standard Ethash 30000 block epochs
- Period length 50 (vs 3 for KawPow), CNT_CACHE 12, CNT_MATH 20
- Integrate with OpenCL and CUDA backends for memory calculation
- Register PROGPOWZ_ZANO algorithm ID (0x70100000)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add core crypto implementation (ETChash.cpp, ETCCache.cpp)
- Implement ECIP-1099 epoch calculation for Ethereum Classic
- Add Ethash support with standard 30000 block epochs
- Integrate with OpenCL and CUDA backends for memory calculation
- Register ETCHASH_ETC and ETHASH_ETH algorithm IDs
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
