Welcome To The Foreman Knowledge Base

How do I utilize Trusted Pool Configurations?

If you're trying to automatically configure mining pools, or protect against pool changes from a malicious insider, Trusted Pool Configurations can help.

As operations expand and more people become involved in the daily management of a cryptocurrency mine, mistakes can happen. Whether it be an operator configuring a customer's miners with the wrong pools by accident, or even worse, changing them to mine to their own personal wallets, getting notified as soon as these events happen is critical.

How Foreman Helps

With Trusted Pool Configurations, managers can set limitations on what stratums and worker names are acceptable. These are configured at the dashboard level, so they can be set globally from the top-level parent dashboard, at the site-level (example: Texas), or at the customer-level (example: Bill can mine to Foundry and Luxor, Ted can mine to AntPool and ViaBTC).

Any combination is supported, so you can provide just a stratum pattern, just a worker pattern, or both, and pools are only evaluated if at least one Trusted Pool Configuration exists. Then, they're all evaluated against every pool reported by the miner. If there are 3 pools, each will separately need to pass at least one of the Trusted Pool Configurations; otherwise, the miner will get marked as Invalid Pools Configured.

Getting Started

First, determine at which level Trusted Pools will be enforced at (Parent, Site, Client). For this example, we'll assume there exists a hosting company called Mine Magik and there are two physical sites, one in Baltimore, MD, and another in Canton, OH.  Additionally, there are 3 customers: Client A, Client B, and Client C.

If you're curious how to construct a dashboard like this, see the guide here.

The clients want to configure the following Trusted Pools:

Customer Stratum Worker
Client A btc.global.luxor.tech:700 clienta.<anything>
Client B btc.foundryusapool.com:<any port> bill.magicx<anything>
Client C ss.antpool.com:<any port> ted.<anything>

First, we'll head to the Mining Pools tab on the Settings page of the client that you wish to enforce Trusted Pools on. Next, click Add Config to launch a new Trusted Pool Configuration. Under Match Type, you'll see there are two options: Regular Expression and Exact.

Regular Expression is going to check the Stratum Expression for a regular expression pattern, while Exact is going to check the Stratum Expression against a list of variables that will display when you change the Match Type.

Regular Expression

From each respective dashboard, Trusted Pool Configurations are created here. While they can be as simple as btc.foundryusapool.com:3333, most regular expressions are supported.

Rather than creating 3 different entries for Foundry, btc.foundryusapool.com:(3333|443|25) can be used, which will allow any of the three valid Foundry stratums.

Screenshot 2024-06-21 131720.png

Exact

Screenshot 2024-06-21 135601.png

Now that you have input the correct Worker Expression for the Match Type you're using, you can optionally restrict the Trusted Pool Configuration to only apply to certain miner model types using the Miner Types field. If you don't enter any models in this field, the Trusted Pool Configuration will apply to all miners on the client.

Finally, scroll down to the bottom of the Settings page and click Save to lock in your new Trusted Pool Configurations.

 

Automatically Catching and Correcting Invalid Pools

Optionally, a Trigger can also be created to notify, or conditionally change the pools immediately, if a miner is ever detected mining to a pool that does not match your Trusted Configuration.

Two separate Triggers are pictured below: The first will notify by email anytime an Invalid Pools Configured error is reported, while the second will automatically change the incorrect pool to a specified pool on your Trusted Pool Configuration list.

Notify on invalid pools.
Auto correct invalid pools.
 

Still have some questions on Trusted Pool Configurations, or could use some guidance on best practices when it comes to pool security? Send an email to support@obm.mn and our team of engineers will be happy to assist you.

Was this article helpful?

0 out of 1 found this helpful

Have more questions? Submit a request

Comments

0 comments

Article is closed for comments.