Antminer S9 Firmware
Kerby Reynolds
It's recommended to install the firmware via Awesome Miner. Awesome Miner can install the Awesome Miner firmware on compatible Antminers, including Antminers with disabled SSH access and firmware signature validation enabled. The only exceptions are:
To install the firmware via Awesome Miner, go to the toolbar: Main -> ASIC Tools -> Update firmware. The firmware can be selected from a list and Awesome Miner will automatically download and install the firmware on all selected miners.
The firmware can either run directly from the SD card or be flashed to the Antminer memory (NAND). Please note that you need to know the controller type on the Antminer before proceeding with the installation. The controller can either be Xilinx, BeagleBone (BB) or AmLogic. Learn more in the Antminer S19, S21 firmware guide
Please hold down the Ctrl key and press the Reload button in the web browser or use the key combination Ctrl+F5. This will clear any cache of the old firmware user interface and resolve the problem. For more information see the Wikipedia guide about fully reloading a web page.
If the Mining Profile is configured for Full Reboot, the miner can reboot it self in order to better tune or correct poor performing mining chips. It's expected that a miner will reboot a few times when using the firmware for the first time.
The firmware has a built-in mining fee to support the development of the firmware. The goal of the firmware is to provide significantly better hashrate performance, more features and improved Awesome Miner integration, making the mining fee very affordable.
The mining fee consist of two pools named DevFee that are running mining in parallel. These two pools are working with a very low difficulty level, resulting in a high number of accepted shares. A high number of shares doesn't indicate that the DevFee pools are taking all hashrate - it's a result of the low difficulty level for each of the shares.
Experts say cryptocurrencies (such as Bitcoin, Monero, and Ethereum) will be the protagonists of the future decentralized and distributed economic system. If this is true then one of the most debated topics in the field of cryptocurrency, how to verify payments while spending as little as possible in terms of resources, is especially important for cryptosecurity.
An application specific integrated circuit (ASIC) is an integrated circuit created to solve a very specific calculation. A given example could be the Bitcoin ASIC which are specialized in mining Bitcoin using algorithm hash SHA-256. Being programmed and developed specifically for mining, there are very few companies that produce and create ASIC circuits. Even further, there is a gap between those who mine with CPUs or GPUs and those who mine with ASICs and this restriction creates a point of failure since governments can press development teams to include backdoors or exploits.
One boring afternoon, I decided to prove that ASICs are not secure. Since ASICs are being produced by few companies around the world. I looked for one firmware via search engines and discovered the BitMain company which provides a firmware download.
Some might criticize me and explain that it is obvious that there are default passwords in the device. However, my goal was not to highlight the fact that there were default credentials and the setup of device does not require the immediate changing of root password.
The interface is based on CGI scripts ran into /bin/sh (bash shell). This is very interesting since all the scripts are ran as root user, then all the commands injected are executed with the highest privileges.
In fact, during the upgrade, there must be a parallel system which can guarantee the minimal functionalities of the Operating system (such as the supporting of copying functions) in order to switch between the old and new firmwares.
During my research, I found a CVE report 2018-11220 which describes a potential security issue. When a tar archive is uploaded into web interface, the antminer will extract it and will try to run the file called restoreConfig.sh. I decided to investigate more.
First of all, the upgrade.cgi receives a POST response from the user which contains the file name and content of the file. The file will not check the signature (if the uploaded one is a tar, a txt or a pdf), but instead, it will create the file under the /tmp/ directory. The following commands are executed for extracting the archive.
It seems CVE 2018-11220 was fixed introducing two file signature checkers using the tool openssl and the public key bitmain-pub.pem. Here, the Bitmain company added a check since theoretically flashing the device with a unofficial and untrusted firmware breaks the agreement between the company and the final user.
This shows how you can break file signature and possibly how you can inject malicious software by rebuilding the firmware image. However, these do not seem the only problems that affect the Antminer Z11 since some versions still has the firmware upgrading feature without checking of signature.
A given example of a possible attack could be changing the miner address with yours. Combining this attack with some precautions (such as rendering fake transactions to your target), you could steal all the earnings from ASIC. Injecting malicious programs is also possible!
Bugs and defects are intrinsic characteristics of software development. At the moment of creation software have issues. The art of fixing bugs is the art of delaying as much as possible the probability that bugs occur. In critical infrastructure development, the problems could affect availability and stability of the program.
ASICs are critical tools to manage the consensus of a cryptocurrency. Imagine if we discovered a new bug in which we could switch off all the devices in the same network, meaning that we are not able to mine through them. That would be disruptive and amplify attacks on blockchains.
I am a security researcher, a writer, and a contributor to the Monero project, a cryptocurrency focused on preserving privacy for transactions data. My publication Mastering Monero has became one of the best rated resources to learn about Monero. More about me
Hi, just wanted to let you guys know that after changing the firmware with this procedure, the mac address of the network adapter on controller changed, so if you were configuring the network ip with a DHCP reservation you have to redo this for the new mac address.
MARAFW has been tested extensively on ASIC miners over several months and there are both temperature & connectivity based guard- rails in the firmware. However overclocking always comes with additional risk to your hardware and you should proceed with caution.
To ensure Bitmain can provide efficient mining equipment for the Ethereum community, it has launched a new firmware to support the Antminer E3. This new firmware has been designed to allow miners to continue using the Antminer E3, even after March 2020.
This new firmware addresses the prior issue of the growth of directed acyclic graph (DAG) files, which limited the capability of the Antminer E3s for mining ETH or ETC. This new firmware will expand the usage of Double Date Rate (DDR) Memory, as more space is needed to process DAG files
I looked around and could find no official documentation on how to do this. There exists commercial firmware that charge pool commission, which seem to tune power usage by controlling the hash rate in a feedback loop. However, this seems like a basic configuration setting that should be modifiable by an API, or low-level interface.
No, stock Antminer firmware offers a sleep and normal state. They introduced a low power state a couple of years ago on the S19 fleet. They've finally introduced a high power state in the new 21 series. Programmatically, just POST to the config cgi endpoint, it does reboot the miner though.
Somewhere on the miner's configs there is a voltage/frequency combination. It leaks through on one of the cgi endpoints, I've never tried messing with it. Its also available over SSH, I believe its writable with the default miner:miner SSH user/pass.
Note: This option is currently not compatible with the default Bitmain Antminer firmware from March 2024 and later. See Option #3 in case of Bitmain firmware versions from March 2024 and later.
It's important to select a Mining Profile (the hashrate level you want), otherwise there will not be any significant hashrate improvements. The mining profile can either be set via Awesome Miner or the Antminer web interface.
Custom firmware like BraiinsOS or VNish can provide additional features and enhanced performance for advanced users. They offer more control over your miner and can help maximize your Bitcoin mining efficiency.
Yes, you can always switch back to the original Bitmain firmware or any other firmware by using the Recovery Firmware. It allows you to restore your device to its original settings or recover from software issues or failed updates.
Overclocking is the process of increasing the operating speed of a certain component, in this case, your Antminer. Custom firmware like VNish and BraiinsOS often provide overclocking options, which can increase your mining efficiency and returns, but be aware that it may also increase power consumption and heat output.
Improving mining efficiency often involves a combination of hardware optimization and software tweaks. This can include maintaining a cool and dry environment for your Antminer, using custom firmware with advanced features, and fine-tuning your overclocking and undervolting settings.
Most custom firmware options like BraiinsOS and VNish are compatible with a variety of Antminer models. However, always check the compatibility list before installing to ensure your specific model is supported.
Open-source firmware like BraiinsOS allows for greater transparency and control over your Antminer. You can review the code yourself or rely on the scrutiny of the community to ensure there are no hidden features or malicious code. Additionally, open-source firmware often includes advanced features not found in stock firmware.
c80f0f1006