Security research framework for Bitcoin mining infrastructure. Hypothesis-first design: spin up a Stratum server, connect a real CPU miner, test your attack.

pool = StratumServer().start(); miner = CPUMiner(pool=pool).start();

 — now you're mining with real hashrate, ready to test your hypothesis.

While stress-testing Stratum V2 we found an interesting bug regarding share accounting (responsible disclosure in progress 👀).

bitcoinplusplus

BTCPP Floripa 2026 - Hackathon Megathread

alex_lewin

## Minesploit

### Team:
- **Johnny** – [GitHub](https://github.com/johnnyasantoss) / [Nostr](npub1j0nyf54ndc6keq80xfyeqfumn2l23e3k79f33x5jsqxnut6a8dyqp74mu0)
- **Jayr** – [GitHub](https://github.com/jayrmotta)
- **Lucas** – [GitHub](https://github.com/lucasbalieiro)

### What We Built:
Security research framework for Bitcoin mining infrastructure. Hypothesis-first design: spin up a Stratum server, connect a real CPU miner, test your attack. 

Example: `pool = StratumServer().start(); miner = CPUMiner(pool=pool).start();` — now you're mining with real hashrate, ready to test your hypothesis.

While stress-testing Stratum V2 we found an interesting bug regarding share accounting (responsible disclosure in progress 👀).

### Stack:
- **Python 3.10+** (async/await, type hints, uv)
- **Exploits**: 18 CVEs (Bitcoin Core, Stratum, cgminer)
- **Protocols**: Stratum V1 client/server/MITM proxy/sniffer, Stratum V2 (translator), P2Pool scanner
- **Utilities**: TCP/SSL, JSON-RPC & mining message parsers, crypto (hash256/hash160/merkle), port scanner
- **REPL**: Interactive shell with check/run/verify, tab completion, scriptable
- **CPUMiner**: Docker-wrapped **mujina** for real hashrate testing

### Repo:
https://github.com/johnnyasantoss/minesploit

### Next Steps:
- More protocol implementations
- Stratum V2 bindings for easier testing
- Contributions welcome

MinesploitMinesploit

Team:Team:

What We Built:What We Built:

Stack:Stack:

Repo:Repo:

Next Steps:Next Steps: