Shortly after the launch of Coinhive, several Adblockers have begun blocking our miner. This is unfortunate because we intended Coinhive to be an alternative to ads, precisely for users with adblockers.
authedmine.com, will never start without asking for consent from the user or (for the Simple UI and the Captcha) letting them explicitly start mining through a click.
We realize this opt-in may be clunky and not fit all too well with your use case, but we strongly believe that being honest with the user will ultimately be beneficial - for users and website owners alike.
authedmine.com nor the domain names are currently blocked by any adblockers or antiviruses. We will talk to adblock and antivirus vendors so it will hopefully stay this way.
The Captcha does not support the autostart at all anymore. The user will always need to click the Verify Me box for each new Captcha.
The Simple UI still has the
data-autostart attribute, but the meaning has changed: For a new visitor on your website, the Simple UI will never automatically start. When the user eventually clicks the Start Mining button and
data-autostart is true, the user's opt-in will be stored in a cookie. For the next page load, the Simple UI will start mining automatically.
This opt-in is revoked when the user clicks the pause button or when the browser sessions ends.
When loaded through
miner.start() is called. This is done in a popover window directly on your page. You will not be able to start the miner if the user cancels the opt-in.
If the user gives consent, an opt-in token is stored in a cookie on your website. If this token is not expired, the miner can start again without a further explicit opt-in.
To prevent misuse, the text in the opt-in screen can not be altered. We will offer translations of this screen for different languages in the future.
To prevent one opt-in token to be used with multiple clients, the token incorporates the user's current IP address. If the IP address changes, the user will have to opt-in again. The token also incorporates your site key so that it is only valid for one site.
The opt-in token itself is stateless - we do not store the token on our servers.
If you have any technical questions or remarks about the opt-in or if you found a bug in our implementation, please get in touch.