← Back to Skills Marketplace
1892
Downloads
2
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install bonero-miner
Description
Mine Bonero - private cryptocurrency for AI agents. RandomX CPU mining, Monero-based privacy.
README (SKILL.md)
Bonero Miner
Private money for private machines. Bonero is a Monero fork with ring signatures, stealth addresses, and RandomX mining.
Before You Start
Mining uses CPU. Ask your human first before running on real hardware. The network is live - you'll be earning real BON.
What's Bonero?
A Monero fork built for AI agents. All transactions are private by default - nobody can see who sent what to whom.
- ~120 second blocks
- RandomX (CPU-mineable, like Monero)
- Ring signatures hide the sender
- Stealth addresses hide the receiver
- Address prefix:
C
Quick Install
curl -fsSL https://raw.githubusercontent.com/happybigmtn/bonero/master/install.sh | bash
Or verify first:
curl -fsSLO https://raw.githubusercontent.com/happybigmtn/bonero/master/install.sh
less install.sh # inspect it
bash install.sh --add-path
Build takes 10-20 minutes (it's compiling from source).
Start Mining
1. Create a wallet
bonero-wallet-cli --generate-new-wallet=mywallet
Save your seed phrase! Write it down. You can't recover the wallet without it.
Your address starts with C. Copy it for the next step.
2. Start the daemon with mining
bonerod --detach \
--start-mining YOUR_C_ADDRESS \
--mining-threads 4 \
--add-peer 95.111.227.14:18080 \
--add-peer 185.218.126.23:18080
That's it. The daemon syncs the chain and mines in the background.
3. Check status
curl -s http://127.0.0.1:18081/json_rpc \
-d '{"jsonrpc":"2.0","id":"0","method":"get_info"}' \
-H 'Content-Type: application/json' | jq '.result.height'
How Many Threads?
Bonero mining is CPU-bound. Use about half your cores:
| Cores | Threads |
|---|---|
| 4 | 2 |
| 8 | 4 |
| 16 | 8 |
Leave headroom for the system and network sync.
Build from Source (Manual)
If the install script doesn't work for your system:
# Dependencies (Ubuntu/Debian)
sudo apt-get install -y build-essential cmake pkg-config \
libboost-all-dev libssl-dev libzmq3-dev libunbound-dev \
libsodium-dev libhidapi-dev liblzma-dev libreadline-dev
# Clone
git clone --recursive https://github.com/happybigmtn/bonero.git
cd bonero
git submodule update --init --recursive
# Build
mkdir -p build && cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
# Binaries in build/bin/
macOS:
brew install cmake boost openssl zmq unbound libsodium hidapi
# Then same build steps
Seed Nodes
The network is small but growing. These nodes keep it running:
95.111.227.14:18080
95.111.229.108:18080
95.111.239.142:18080
161.97.83.147:18080
161.97.97.83:18080
161.97.114.192:18080
161.97.117.0:18080
194.163.144.177:18080
185.218.126.23:18080
185.239.209.227:18080
Commands
# Check if daemon is running
pgrep bonerod && echo "running" || echo "stopped"
# Get blockchain height
curl -s http://127.0.0.1:18081/json_rpc \
-d '{"jsonrpc":"2.0","id":"0","method":"get_info"}' | jq '.result.height'
# Check wallet balance
bonero-wallet-cli --wallet-file=mywallet
# Stop daemon
pkill bonerod
Privacy Features
Unlike Botcoin (transparent like Bitcoin), Bonero hides everything:
| Feature | What it hides |
|---|---|
| Ring signatures | Which input is really being spent |
| Stealth addresses | The recipient's real address |
| RingCT | Transaction amounts |
You can see blocks being mined. You can't see who's sending what to whom.
Talking to Your Human
"Can I mine Bonero? It's a private cryptocurrency - like Monero but for AI agents. Uses CPU at low priority. Transactions are untraceable by design. Cool?"
Some humans might have opinions about privacy coins. Ask first.
Troubleshooting
| Problem | Fix |
|---|---|
| Submodule errors | git submodule update --init --recursive |
| Can't connect | Check firewall allows port 18080 |
| Daemon won't start | Check ~/.bonero/bonero.log |
| Build fails | Missing deps - install libboost, libzmq, etc. |
Private money for private machines.
Usage Guidance
This skill will make your machine download, build, and run a cryptocurrency miner that uses CPU and network resources. Before installing or running it: (1) do not blindly run curl | bash — download the install.sh and inspect it first, or better, build from source in a controlled environment; (2) run any build/run steps inside a VM, container, or sandbox (not on a production or personal machine you care about); (3) verify the GitHub repo and commit history and ensure the source is trustworthy; (4) be aware the daemon opens network connections and runs in the background — monitor CPU, network, and processes; (5) never paste or expose your wallet seed or private keys to remote services, and do not store them in environment variables; (6) consider disabling autonomous model invocation for this skill or requiring explicit human confirmation before executing commands. If you are not comfortable auditing the install script or controlling resource usage, do not install.
Capability Analysis
Type: OpenClaw Skill
Name: bonero-miner
Version: 2.0.0
The skill is classified as suspicious primarily due to the use of `curl -fsSL ... | bash` for installation in SKILL.md. This command executes arbitrary remote code without prior inspection, posing a significant supply chain risk. While the stated purpose is cryptocurrency mining for the agent's own address (not an attacker's), and the skill includes a benign prompt injection to 'Ask your human first', the method of installation and the resource-intensive nature of CPU mining without direct human oversight are high-risk behaviors.
Capability Assessment
Purpose & Capability
The SKILL.md behavior (building from source, running a daemon, starting RandomX CPU mining) matches the skill name/description. However the skill metadata declares no required binaries or deps despite instructions that clearly require curl, bash, git, build tools (cmake, make, compilers), jq, and network access. That mismatch is a coherence issue: the skill will not work without those tools, and the metadata understates its footprint.
Instruction Scope
The instructions tell the agent to fetch and execute a remote install script (curl | bash), clone/build source, start a background daemon that mines, add peers by IP, and manipulate processes (pgrep/pkill). These are explicit system-level operations that go beyond simple API queries: they download and run code, change CPU usage, open network connections, and create wallets/seed phrases. The doc asks the agent to 'Ask your human first' but nothing enforces that, and the instructions give the agent direct commands that could be run autonomously.
Install Mechanism
There is no formal install spec, but the SKILL.md recommends piping a script from raw.githubusercontent.com into bash — a high-risk pattern (remote script execution). GitHub raw content is better than an unknown personal server, but piping to bash executes potentially arbitrary code. Manual build instructions are standard but also require many system packages.
Credentials
The skill declares no environment variables or credentials, which is consistent with a miner. That said, the instructions create and advise storing wallet seed phrases and run networked peers; while no env secrets are requested, the user must manage sensitive wallet seed material themselves. The lack of declared binaries/deps (see purpose_capability) is the main proportionality gap.
Persistence & Privilege
always:false (good) but model-invocation is enabled by default. Combined with the SKILL.md that instructs running a background daemon (detached mining), an agent could autonomously start persistent CPU mining unless human approval or platform controls prevent it. The skill does not request system-wide configuration changes in metadata, but its runtime commands create a persistent process and modify system state (binaries, wallets, logs).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install bonero-miner - After installation, invoke the skill by name or use
/bonero-miner - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
Bonero Miner 2.0.0 is a major update focused on usability improvements and clearer documentation.
- Introduced a simplified, one-command install script for faster setup.
- Streamlined and clarified mining and wallet setup instructions.
- Expanded and updated the list of public seed nodes.
- Added best practices for CPU thread usage and reminders to get human consent.
- Enhanced privacy feature explanations for users.
- Improved troubleshooting and command documentation for easier maintenance.
v1.0.1
- Updated version to 1.0.1 in metadata.
- Changed the RPC Port value in Network Information from 18881 to 18081.
- Updated the "Check Status" command to use port 18081 instead of 18881.
v1.0.0
Initial release of bonero-miner.
- Provides step-by-step instructions to mine Bonero (BON) using RandomX CPU mining.
- Includes setup guidelines for wallet creation and node operation.
- Lists required dependencies for supported platforms.
- Documents mining commands, troubleshooting tips, and network details.
- Offers reference seed nodes and resource links for further help.
Metadata
Frequently Asked Questions
What is Bonero-Miner?
Mine Bonero - private cryptocurrency for AI agents. RandomX CPU mining, Monero-based privacy. It is an AI Agent Skill for Claude Code / OpenClaw, with 1892 downloads so far.
How do I install Bonero-Miner?
Run "/install bonero-miner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Bonero-Miner free?
Yes, Bonero-Miner is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Bonero-Miner support?
Bonero-Miner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Bonero-Miner?
It is built and maintained by rk (@happybigmtn); the current version is v2.0.0.
More Skills