History

snider 1101248397 fix: Address 22 security findings from parallel code review (Pass 2) Security fixes implemented: - CRIT-001: SSRF IPv6 bypass protection (localhost, link-local, ULA, mapped) - CRIT-002: cn_heavyZen3Memory leak fix with cleanup function - CRIT-003: HTTP header size DoS prevention (8KB/16KB limits) - CRIT-004: patchAsmVariants null check after allocation - CRIT-005: autoPause race condition fix with atomics - HIGH-001: OpenSSL strchr null pointer check - HIGH-002: uv_loop_close error handling - HIGH-004/005/006: Miner.cpp race conditions (atomic reset, mutex protection) - HIGH-007: m_workersMemory dangling pointer fix - HIGH-008: JIT buffer overflow bounds checking - HIGH-009: Bearer prefix timing attack mitigation - HIGH-010: CORS origin restriction to localhost - HIGH-011: Per-IP connection limits (10 per IP) for DoS protection - HIGH-012: SSRF 172.x RFC1918 range validation - MED-002: pthread_join return value check on macOS - MED-004: OclKawPowRunner exception-safe initialization - MED-005: Generic error messages to prevent info disclosure - MED-006: CRLF header injection prevention 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>		2025-12-31 19:28:22 +00:00
..
.github/ISSUE_TEMPLATE	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
cmake	feat: Add Blake3DCR algorithm support (Decred)	2025-12-30 20:30:05 +00:00
doc	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
res	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
scripts	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
src	fix: Address 22 security findings from parallel code review (Pass 2)	2025-12-31 19:28:22 +00:00
.gitignore	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
CHANGELOG.md	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
CLAUDE.md	fix: Update documentation for miner-cuda plugin and improve build instructions	2025-12-31 01:53:53 +00:00
CMakeLists.txt	feat: Rename XMRig references to Miner and add miner.cpp for new platform	2025-12-31 16:38:48 +00:00
CODE_REVIEW_TODO.md	fix: Address 22 security findings from parallel code review (Pass 2)	2025-12-31 19:28:22 +00:00
LICENSE	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
package.json	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
PARALLEL_CODE_REVIEW.md	feat: Add security and resilience middleware	2025-12-31 15:54:37 +00:00
README.md	feat: Rebrand xmrig to miner and vendor XMRig ecosystem	2025-12-30 19:43:02 +00:00
TODO.md	feat: Add security and resilience middleware	2025-12-31 15:54:37 +00:00

README.md

XMRig

XMRig is a high performance, open source, cross platform RandomX, KawPow, CryptoNight and GhostRider unified CPU/GPU miner and RandomX benchmark. Official binaries are available for Windows, Linux, macOS and FreeBSD.

Mining backends

CPU (x86/x64/ARMv7/ARMv8/RISC-V)
OpenCL for AMD GPUs.
CUDA for NVIDIA GPUs via external CUDA plugin.

Download

Binary releases
Build from source

Usage

The preferred way to configure the miner is the JSON config file as it is more flexible and human friendly. The command line interface does not cover all features, such as mining profiles for different algorithms. Important options can be changed during runtime without miner restart by editing the config file or executing API calls.

Wizard helps you create initial configuration for the miner.
Workers helps manage your miners via HTTP API.

Donations

Default donation 1% (1 minute in 100 minutes) can be increased via option donate-level or disabled in source code.
XMR: 48edfHu7V9Z84YzzMa6fUueoELZ9ZRXq9VetWzYGzKt52XU5xvqgzYnDK9URnRoJMk1j8nLwEVsaSWJ4fhdUyZijBGUicoD

Developers

xmrig
sech1