Security
Verifiable downloads
The Windows miner is published with a SHA-256 checksum so you can confirm the file is untampered before running it. Current SoloLuckMiner.exe: e76987603ea8aa7a7c730a9868adf885a406a6e474700b35175cad50e03e021f. Verify with sha256sum SoloLuckMiner.exe and compare — a live manifest of every download's checksum is at /SHA256SUMS.txt, computed from the exact files being served. The source is published too, so you can build it yourself. Downloads are not yet versioned per release; the checksum manifest is the integrity reference.
We never hold your keys
SoloLuck is non-custodial. You mine with your own Bitcoin address as the username; if you solve a block, the Bitcoin network pays it straight to that address. There is no account, no balance, no deposit and no withdrawal — nothing for us to hold, freeze or lose.
What we log
No accounts, no KYC, no advertising or third-party cookies, no trackers. We keep first-party aggregate page-view counters only; the TLS demultiplexer in front of the site hands the web server loopback connections, so the web layer logs no per-visitor IP addresses — we measure page-views, not individuals. Interface preferences live in your browser's local storage; the opt-out at /optout sets one first-party cookie. Full detail on /privacy.
Reporting a vulnerability
Found a security issue? Please report it responsibly via our official Telegram channel @SoloLuckPool. We will never DM you first or ask for your seed or private keys. Machine-readable reporting info: /.well-known/security.txt.
Infrastructure
The pool runs on a Jakarta VPS with an encrypted TLS stratum endpoint (port 3334), host firewalling and per-tier difficulty. Uptime is watched from an operator-run node in Indonesia (a single vantage, not a global probe network). Service is best-effort with no guarantee — see the risk disclosure.