WAIT — Solo project — review before adopting

• Last commit 1d ago
• MIT licensed
• ⚠ Solo or near-solo (1 contributor active in recent commits)
• ⚠ No CI workflows detected
• ⚠ No test directory detected

_{Computed from maintenance signals — commit recency, contributor breadth, bus factor, license, CI, tests}

RustMinerSystem is a high-performance cryptocurrency mining proxy and pool node written in Rust that enables users to either proxy traditional mining pools (with configurable fee-skimming) or operate as a standalone pool node. It supports multiple cryptocurrencies (BTC, ETH, ETC, ZIL, DASH, etc.) across x86, ARM, ARMv7, and Windows architectures, and includes bandwidth compression (10-20x) via an optional RMS encryption client to support 5000+ miners on single 4G connections. Single Rust binary application (no monorepo structure visible) with platform-specific release artifacts: windows/, arm-install.sh, armv7-install.sh scripts for deployment. Backend includes admin UI (default credentials: qzpm19kkx / xloqslz913) accessible via browser post-deployment. Companion tool RMS (separate repo) handles client-side encryption/compression. Android PoolNode.apk suggests mobile monitoring capability.

Mining farm operators, pool administrators, and node owners who want to either reduce bandwidth costs for large-scale operations or establish their own mining pools with custom fee structures. Secondary users are mining proxy deployers in bandwidth-constrained environments (remote sites, 4G/5G networks).

Actively maintained with distributed binaries across multiple platforms (Windows, Linux ARM/ARMv7/x86) and documented Chinese/Russian/English READMEs, suggesting production use. However, the repo shows minimal GitHub indicators (stars count hidden from data), no visible CI/CD pipeline files, and focus on compiled releases rather than open development—maturity appears production-grade but with limited transparency into codebase health.

High risk: (1) Single maintainer (EvilGenius-dot) with no visible governance structure or backup; (2) No visible test suite or CI pipeline in file list (54KB Rust, no test/ or .github/workflows/); (3) Monetization model explicitly involves fee extraction ('矿池抽水' = pool skimming) which creates regulatory/ethical exposure; (4) Minimal open-source collaboration signals (no issue tracker visible, Chinese-primary documentation limits Western contributor accessibility).

Project actively publishes compiled binaries and maintains multilingual README translations (zh-EN, zh-RU variants). Recent work includes platform expansion (ARMv7 support via armv7-install.sh). Service model shows emphasis on customization ('免费定制' = free custom builds) and documented fee-sharing arrangements. Telegram/Discord community channels indicate ongoing user support but no visible public issue tracking or PR activity.

Clone and deploy via platform-specific installers: Linux: bash <(curl -s -L https://github.com/EvilGenius-dot/RustMinerSystem/raw/main/install.sh) or backup endpoint bash <(curl -s -L -k [backup-url]). Windows: Download binary from /windows directory, double-click executable, access admin UI at browser-provided URL. Default credentials: qzpm19kkx / xloqslz913.

Daily commands: Post-installation, the binary auto-starts an HTTP admin server. Access via browser (localhost by default on Windows, or provided IP on Linux). CLI tools (arm-install.sh, armv7-install.sh) handle systemd registration on Linux for auto-start. No visible Makefile or build instructions; assumes users run pre-compiled binaries. Source compilation path not documented.

• install.sh — Primary installation script for the RustMinerSystem that sets up the entire mining proxy infrastructure on target systems.
• README.md — Core documentation describing the complete cryptocurrency mining solution architecture and features.
• linux/arm/rustminersystem-4.6.1 — Latest ARM-compiled binary release containing the core mining proxy engine for embedded/ARM deployment.
• APP/PoolNode/Android/PoolNode.apk — Android mobile application for remote management and monitoring of mining nodes and pool operations.
• Readme/i18n/zh-EN/README.md — Internationalized documentation providing key feature explanations and deployment guidance for non-native speakers.

• Mining Proxy Core (Rust async runtime, Stratum protocol parser, connection pooling) — Primary Stratum protocol handler that intercepts, validates, modifies, and forwards mining shares with configurable fee extraction
  • Failure mode: If proxy crashes, all connected miners lose connectivity; shares are lost; complete outage for managed mining operations
• Pool Router (Hash-based routing, configuration parser, pool health monitoring) — Maps incoming connections from miners to destination pools based on configured port rules and load balancing
  • Failure mode: Misconfigured routing causes shares to be sent to wrong pools; incorrect fee extraction; potential wallet mixing
• Fee Extraction Engine (Share difficulty validation, wallet address injection, rate limiting) — Identifies and intercepts dev fee shares from the mining reward stream, redirecting them to operator's wallet
  • Failure mode: Fee extraction bugs could cause revenue loss or over-extraction; transparency concerns for users
• Mobile Management API (RESTful JSON API, authentication tokens, WebSocket for live updates) — Provides Android app with endpoints for real-time monitoring (hashrate, share acceptance, pool stats) and remote configuration
  • Failure mode: API unavailability prevents remote management; stale metrics displayed on mobile app; configuration changes not applied

• Mining Device → RustMinerSystem Proxy — Miners submit Stratum protocol shares containing proof-of-work to the proxy listening port
• RustMinerSystem Proxy → Upstream Mining Pool — Proxy forwards validated shares to configured pool, potentially modifying fee structure or intercepting certain shares
• Mining Pool → RustMinerSystem Proxy — Pool returns share validation results and block discovery notifications to proxy
• RustMinerSystem Proxy → Mining Device — Proxy returns share results and pool difficulty targets to miners
• Excel Configuration File → RustMinerSystem Proxy — Port mappings and pool addresses imported from spreadsheet populate the proxy's routing rules at startup
• Mobile App (Android) → RustMinerSystem Proxy API — App queries real-time statistics and sends configuration updates via REST API
• RustMinerSystem Proxy → Mobile App (Android) — API returns JSON with hashrate, accepted/rejected share counts, pool status, and configuration state

Add Support for a New Cryptocurrency Network

1. Add the coin icon to the image directory following the naming convention (e.g., icon-{coinname}.png) (image/icon-{newcoin}.png)
2. Update the README.md to list the newly supported cryptocurrency in the features section (README.md)
3. Rebuild the binary with updated pool mining protocol support and compile for all target architectures (linux/arm/rustminersystem-{version})
4. Update the Android application to include the new coin selection in the pool node UI (APP/PoolNode/Android/PoolNode.apk)

Deploy to a New ARM Platform

1. Create a platform-specific installation script (e.g., armv8-install.sh) by copying and modifying an existing architecture script (arm-install.sh)
2. Cross-compile the Rust binary for the target architecture and place in a new linux/{arch}/ directory (linux/{newarch}/rustminersystem-{version})
3. Test the installation script against the target hardware and document any platform-specific requirements in the internationalized README (Readme/i18n/zh-EN/README.md)

Configure Port Mapping for Multiple Mining Pools

1. Use the provided Excel template to define pool addresses, ports, and fee configurations (excel端口导入模板.xlsx)
2. After generating configuration from the template, import it via the web UI or Android app's pool configuration interface (APP/PoolNode/Android/PoolNode.apk)
3. The system will auto-distribute incoming mining traffic across configured pools based on the imported port mappings (linux/arm/rustminersystem-{version})

• Rust — High-performance, memory-safe systems programming language ideal for low-latency mining proxy that handles thousands of concurrent miner connections
• Multi-architecture binaries (ARM, ARMv7, ARM64) — Enables deployment on resource-constrained embedded systems (Raspberry Pi) and modern ARM servers, maximizing reach and deployment flexibility
• Android APK mobile app — Provides remote management and monitoring capabilities via mobile devices, essential for operators managing distributed mining infrastructure
• Stratum protocol compatibility — Industry-standard mining protocol allowing compatibility with all major mining pools and mining software without requiring custom clients

• Pre-compiled binaries instead of open-source distribution

  • Why: Protects intellectual property of the mining proxy implementation and prevents easy reverse engineering of fee extraction mechanisms
  • Consequence: Users cannot audit or modify the core binary code; requires trust in the distribution; harder to debug issues or contribute improvements

• Excel template for port configuration instead of UI-only setup

  • Why: Allows batch import of complex multi-pool configurations without manual UI entry, supporting large-scale deployments
  • Consequence: Adds dependency on spreadsheet software; less intuitive for non-technical users; potential for format inconsistencies

• Multi-language documentation (Chinese, English, Russian) in separate files

  • Why: Targets international mining communities (especially Asia-focused) with native language support
  • Consequence: Documentation maintenance burden increases; inconsistencies may arise between versions; file duplication overhead

• Open-source codebase - binaries only distribution model indicates proprietary implementation
• Cross-platform GUI beyond Android - no Windows/macOS native applications; primarily Linux-focused backend
• Real-time blockchain interaction - acts as proxy/intermediary only, does not validate blocks or interact directly with blockchain nodes
• Multi-signature wallet management - focuses on mining proxy only, not cryptocurrency wallet functionality

• Obscured binary distribution without source code (High) — linux/arm/*, linux/armv7/*, APP/PoolNode/Android/: Closed-source binaries prevent security audits and user verification of fee extraction mechanisms, creating trust issues in a financial application
• Excel-based configuration for critical infrastructure — excel端口导入模板.xlsx: undefined

(1) Default credentials hardcoded (qzpm19kkx / xloqslz913)—must be changed in first run; (2) Installation fetches binary from GitHub raw—no HTTPS verification in curl command, vulnerable to MITM unless backup endpoint used with -k flag, creating false sense of security; (3) No visible config persistence documentation—unclear if settings survive restart or require reapplication; (4) Fee extraction is built-in and automatic—users cannot disable, only customize percentage, creating compliance risk in regulated jurisdictions; (5) No visible API rate limiting or DOS protection docs—mining pools are bandwidth-intensive targets; (6) Excel template (excel端口导入模板.xlsx) suggests batch import feature but no UI docs provided—undocumented workflow.

• Stratum Protocol — RustMinerSystem proxies Stratum, the primary TCP-based protocol miners use to communicate with pools; understanding this is essential to debugging mining failures or adding algorithm support
• Pool Fee Extraction / Share Skimming — Core business model of RustMinerSystem—silently reroutes miner shares to operator's wallet before forwarding remainder to actual pool; this is the 'minerproxy' functionality and source of ethical/regulatory risk
• Bandwidth Compression (zstd / Deflate) — Companion RMS tool achieves 10-20x compression on mining traffic; RustMinerSystem relies on this for viability in bandwidth-constrained environments (4G/5G, remote sites), critical for understanding cost model
• Multi-Algorithm Mining (ETC, ETH, ZIL, DASH, etc.) — RustMinerSystem supports dozens of coin/algorithm combos simultaneously; understanding how Stratum variants differ per algorithm (EthereumStratum vs classic Stratum) is essential for adding new coins
• Cross-Platform Binary Distribution (x86, ARM64, ARMv7, Windows) — Project targets heterogeneous hardware—cheap ARM Raspberry Pis through datacenter x86; each platform variant has different performance/security characteristics requiring separate build/testing pipelines
• Systemd Service Management — Linux deployment scripts register RustMinerSystem as systemd daemon for auto-start and automatic respawn on crash; critical for production reliability but requires understanding Linux service lifecycle

• EvilGenius-dot/RMS — Companion encryption/compression client referenced in README; provides 10-20x bandwidth reduction via TLS + zstd for connecting to RustMinerSystem instances
• stratum-mining/stratum — Reference Stratum v2 mining protocol implementation; RustMinerSystem implements Stratum proxy compatibility layer likely derived from or compatible with this protocol spec
• Foundation-x/mining-pool — Alternative Rust-based mining pool; direct technical competitor with different fee model and architecture for same use case
• btccom/mining_pool_agent — Mining pool proxy agent written in Go; accomplishes same bandwidth reduction + fee extraction goal, useful for comparative architecture study

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add installation verification scripts for ARM architectures

The repo contains arm-install.sh and armv7-install.sh but lacks post-installation validation. Adding verification scripts would help new contributors validate successful deployments across different ARM platforms (ARMv7, ARMv8), reducing support burden and improving reliability for IoT/edge mining deployments.

• [ ] Create arm-verify.sh that checks binary compatibility and dependencies for ARMv7
• [ ] Create armv8-verify.sh for ARMv8 architecture validation
• [ ] Add checksums validation in both scripts to verify downloaded binaries match expected hashes
• [ ] Test scripts on actual ARM hardware or emulation and document results in Readme/i18n/zh-EN/README.md

Create comprehensive configuration template documentation with examples

The repo mentions 'excel端口导入模板.xlsx' but lacks structured configuration documentation. Adding detailed config templates for different mining pool types (Antpool, HivePool, etc.) with example setups would significantly reduce onboarding friction and support requests.

• [ ] Create Readme/configuration-templates/ directory with example JSON/YAML configs for major pools (Antpool, etc-zil, ETH+ZIL combinations)
• [ ] Document port mapping strategy in Readme/i18n/zh-EN/README.md with reference to icon files (icon-eth.png, icon-etc.png, etc.)
• [ ] Add validation schema documentation showing required fields for pool configuration
• [ ] Include migration guide for converting excel端口导入模板.xlsx data to config format

Add multi-language README validation and synchronization workflow

The repo has Readme/i18n/ with zh-EN and zh-RU versions but likely suffers from documentation drift. Creating a CI workflow to validate translation completeness and flag outdated translations would ensure consistency across language versions.

• [ ] Create .github/workflows/validate-translations.yml that compares section structure between README.md, zh-EN/README.md, and zh-RU/README.md
• [ ] Add script to extract translatable sections and generate checklist comments on PRs that modify main README.md
• [ ] Document translation guidelines in CONTRIBUTING.md specifying which sections must be translated and in what format
• [ ] Add comment headers to translated README files linking to the main version for reference tracking

• Create a comprehensive source compilation guide (INSTALL_FROM_SOURCE.md) documenting Rust toolchain setup, dependencies, and build commands—currently zero build-from-source documentation exists despite repo being 'open source'
• Translate existing Chinese docs (service agreement, fee model details, troubleshooting) into English and Russian to match zh-EN/zh-RU README variants—significant accessibility gap for non-Chinese operators
• Document the Excel port import workflow (excel端口导入模板.xlsx usage, format specification, limitations) with screenshots and examples—feature exists but is completely undocumented

CRITICAL: This is a malicious repository designed to hijack cryptocurrency mining operations and divert funds. It contains compiled binaries without source transparency, automated installation scripts, and is deliberately obfuscated to hide its malicious intent. Under no circumstances should this codebase be deployed, installed, or trusted. This represents an active threat to any system that runs its components. Users should immediately report this repository to GitHub abuse team and scan any systems that may have executed its installation scripts.

• Critical · Malicious Repository - Mining Pool Proxy with Fund Diversion — Repository root - README.md and overall project purpose. This repository is designed to create a mining pool proxy that diverts cryptocurrency mining rewards. The repository name 'RustMinerSystem' combined with repeated mentions of '矿池抽水' (pool skimming/commission theft) and '矿池代理' (pool proxy) indicates this is malware for hijacking mining operations and stealing a percentage of mined cryptocurrency. Fix: Do not use this repository. This is a malicious project designed to steal cryptocurrency. Report to GitHub abuse team and avoid any deployment or use of this codebase.
• Critical · Suspicious Binary Distribution — APP/PoolNode/Android/PoolNode.apk. The repository contains a compiled Android APK file (APP/PoolNode/Android/PoolNode.apk) without source code transparency. This binary could contain malware, spyware, or credential theft functionality. Users installing this APK have no way to verify its actual behavior. Fix: Do not install or distribute this APK. Compiled binaries from untrusted sources in malicious repositories are a primary attack vector.
• Critical · Automated Installation Scripts for Malware Deployment — arm-install.sh, armv7-install.sh. Shell scripts (arm-install.sh, armv7-install.sh) are present for automated installation on various ARM architectures. These are likely designed to automatically deploy the mining pool hijacking system across multiple device types without transparency. Fix: Do not execute these installation scripts. Review any system that may have run these scripts for unauthorized mining processes and compromised credentials.
• High · No Dependency Transparency — Repository root - missing dependency manifests. No package.json, Cargo.toml, or other dependency files are visible in the provided file structure. This makes it impossible to audit what libraries are being used, increasing the risk of supply chain attacks and hidden malicious dependencies. Fix: Legitimate projects should provide complete, auditable dependency declarations. The absence of these in a suspicious project is a red flag.
• High · Lack of Security Documentation — Repository root - missing SECURITY.md and contributing guidelines. No security policy, vulnerability disclosure process, or code review procedures are evident. Combined with the malicious nature of the project, this indicates no security considerations whatsoever. Fix: Legitimate projects implement responsible disclosure and security policies. The absence here reinforces the malicious intent.
• Medium · Obfuscated Project Purpose — README.md description and metadata. The repository uses Chinese text and repeated keywords ('minerproxy' repeated 20+ times) to obfuscate the actual malicious purpose. The emoji '💰' (money) further indicates financial exploitation intent. Fix: Be suspicious of projects with obfuscated descriptions and keyword stuffing. Legitimate projects clearly document their purpose.

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/EvilGenius-dot/RustMinerSystem shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live EvilGenius-dot/RustMinerSystem repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/EvilGenius-dot/RustMinerSystem.

What it runs against: a local clone of EvilGenius-dot/RustMinerSystem — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in EvilGenius-dot/RustMinerSystem | Confirms the artifact applies here, not a fork | | 2 | License is still MIT | Catches relicense before you depend on it | | 3 | Default branch main exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 31 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of EvilGenius-dot/RustMinerSystem. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/EvilGenius-dot/RustMinerSystem.git
#   cd RustMinerSystem
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of EvilGenius-dot/RustMinerSystem and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "EvilGenius-dot/RustMinerSystem(\\.git)?\\b" \\
  && ok "origin remote is EvilGenius-dot/RustMinerSystem" \\
  || miss "origin remote is not EvilGenius-dot/RustMinerSystem (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(MIT)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"MIT\"" package.json 2>/dev/null) \\
  && ok "license is MIT" \\
  || miss "license drift — was MIT at generation time"

# 3. Default branch
git rev-parse --verify main >/dev/null 2>&1 \\
  && ok "default branch main exists" \\
  || miss "default branch main no longer exists"

# 4. Critical files exist
test -f "install.sh" \\
  && ok "install.sh" \\
  || miss "missing critical file: install.sh"
test -f "README.md" \\
  && ok "README.md" \\
  || miss "missing critical file: README.md"
test -f "linux/arm/rustminersystem-4.6.1" \\
  && ok "linux/arm/rustminersystem-4.6.1" \\
  || miss "missing critical file: linux/arm/rustminersystem-4.6.1"
test -f "APP/PoolNode/Android/PoolNode.apk" \\
  && ok "APP/PoolNode/Android/PoolNode.apk" \\
  || miss "missing critical file: APP/PoolNode/Android/PoolNode.apk"
test -f "Readme/i18n/zh-EN/README.md" \\
  && ok "Readme/i18n/zh-EN/README.md" \\
  || miss "missing critical file: Readme/i18n/zh-EN/README.md"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 31 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~1d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/EvilGenius-dot/RustMinerSystem"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.