Reverse Engineering A Bitcoin Miner

If you’re brave enough to have dipped your toes into the Wild West that is cryptocurrency, you probably know that people have long since abandoned trying to mine on their desktop computers. Farms of GPUs are all the rage now, but dedicated mining hardware has also enjoyed a following among those who are serious about their fictitious money. The state-of-the-art for such devices is moving just as rapidly as cryptocurrency itself is, which means older mining gear can now be picked up fairly cheap on the second-hand market. This is an excellent opportunity for those who want to experiment with this type of hardware and potentially utilize it for some other purpose, but first you’ve got to figure out how the thing works.

To that end, [Tomasz Wątorowski] wrote in to the tip line to tell us about the progress he’s made reverse engineering the control protocol for the Antminer S1. As is often the case, the documentation didn’t have all the details he needed, but it did have a schematic of the BM1380 chip at the heart of the device.

Performance of the Antminer S1 controlled via UART

The Antminer S1 contains 64 BM1380 chips on an internal UART bus. With the information from the schematic, [Tomasz] was able to tap into this UART bus with a USB adapter and start listening in on the conversation. He compiled a collection of commands and learned enough to be dangerous (which is always the goal here at Hackaday).

For example, he found that the could set the frequency of the BM1380 as high as he wished without any consideration for thermal overload. This could potentially allow somebody to run  the hardware to the point of destruction, à la Stuxnet.

Once he figured out how to give the hardware hashes to work on over the UART interface, he setup a little head-to-head competition between the software he wrote to command the Antminer S1 and the official control software. No drop in performance was found between his software and the real deal, which sounds like a win in our book.

Even if he can’t improve on the performance of this particular piece of outdated mining hardware, it still beats doing it by hand on a piece of paper.

Hacking a Sonoff WiFi Switch

The ESP8266 platform has become so popular that it isn’t just being used in hobby and one-off projects anymore. Companies like Sonoff are basing entire home automation product lines around the inexpensive WiFi card. What this means for most of us is that there’s now an easily hackable and readily available product on the market that’s easily reprogrammed and used with tools that we’ve known about for years now, as [Dan] shows in his latest project.

[Dan] has an aquaponics setup in his home, and needs some automation to run the lights. Reaching for a Sonoff was an easy way to get this done, but the out-of-the-box device can only be programmed in the simplest of ways. To get more control over the unit, he wired a USB-to-Serial UART to the female headers on the board and got to programming it.

The upgraded devices are fully programmable and customizable now, and this would be a great hack for anyone looking to get more out of a Sonoff switch. A lot of the work is already done, like building a safe enclosure, wiring it, and getting it to look halfway decent. All that needs to be done is a little bit of programming. Of course, if you’d like to roll out your own home automation setup from scratch that can do everything from opening the garage door to alerting you when your dog barks, that’s doable too. You’ll just need a little more hardware.

Backchannel UART without the UART

Anyone who has worked with a microcontroller is familiar with using printf as a makeshift debugger. This method is called tracing and it comes with the limitation that it uses up a UART peripheral. Believe it or not, there are 8051 variants out there that come with only one serial block and you are out of luck if your application needs it to communicate with another device.

[Jay Carlson] has a method by which he can piggyback these trace messages over an on-chip debugger. Though the newer ARM Cortex-M software debugger already has this facility but [Jay Carlson]’s hack is designed to work with the SiLabs EFM8 controllers. The idea is to write these debug messages to a predefined location in the RAM which the debugger can access anyway. His application polls a certain area of the memory and when it finds valid information, it reads the data and spits it out into a dedicated window. It’s using the debugger as a makeshift printf!

[Jay Carlson] used slab8051.dll interface and put together a C# program and GUI that works alongside the SiLab’s IDE. The code is available on GitHub for you to check out if you are working the EFM8 and need a helping hand. The idea is quite simple and can be ported to other controllers in a multitude of ways like the MSP430 perhaps. For those of you who like the Teensy, you might want to take a look at adding debugger support to the Teensy 3.5/3.6.

Serially, Are You Syncing or Asyncing?

I know you’ve heard of both synchronous and asynchronous communications. But do you really know the differences between the two?

Serial communication was used long before computers existed. A predecessor is the telegraph system using Morse Code, one of the first digital modes of communication. Another predecessor is the teletype, which set standards that are still used today in your Arduino or Raspberry Pi.

All you need is two wires for serial communications, which makes it simple and relatively robust. One wire is ground and the other the signal. By interrupting the power with predefined patterns, information can be transferred over both short and long distances. The challenge is receiving the patterns correctly and quickly enough to be useful.

I was a bit surprised to find out the serial port on the Arduino Uno’s ATmega328P microcontroller is a Universal Synchronous Asynchronous Transmitter Receiver (USART). I’d assumed it was only a UART (same name, just leave out synchronous) probably because my first work with serial communications was with the venerable Intel 8251 “Programmable Communication Interface”, a UART, and I didn’t expect the microcontroller to be more advanced. Silly me. Later I worked with the Zilog 8530 Serial Controller Chip, a USART, the term I’ll use for both device types.

All these devices function in the same way. You send a byte by loading it into a register and it is shifted out one bit at a time on the transmit (TX) line as pulses. The receiver accepts the pulses on a receive (RX) input and shifts them into a register, which is then read by the system. The transmitter’s job is pretty easy it just shifts out the bits at a known clock rate. The receiver’s task is more complex because it needs to know when to sample the incoming signal. How it does this is the difference between asynchronous and synchronous communications.

Continue reading “Serially, Are You Syncing or Asyncing?”

What Could Go Wrong: Asynchronous Serial Edition

It’s the easiest thing in the world — simple, straightforward serial data. It’s the fallback communication protocol for nearly every embedded system out there, and so it’s one that you really want to work when the chips are down. And yet! When you need it most, you may discover that even asynchronous serial can cost you a few hours of debugging time and add a few gray hairs to your scalp.

In this article, I’m going to cover most (all?) of the things that can go wrong with asynchronous serial protocols, and how to diagnose and debug this most useful of data transfer methods. The goal is to make you aware enough of what can go wrong that when it does, you’ll troubleshoot it systematically in a few minutes instead of wasting a few hours.

Continue reading “What Could Go Wrong: Asynchronous Serial Edition”

Audio Out Over UART

There’s a reason that the bog-standard serial port will never die. It’s just so robust and simple. When you need a console that will absolutely work with minimal software and hardware, UART is the way to go. Because of this, UART hacks abound. Here’s a new one to us, and a challenge to our readers.

[Tiziano Bacocco] decided to use UART signals as a type of PWM to create audio. That’s right, he’s plugging the serial TX line straight into a speaker. This gives you eight possible PWM output voltage levels. The trick is using some Python code (using the awesome pyserial module) to down-quantize the audio data to fit these eight possible values and then push them out at the correct sampling rate. ffmpeg is used to pre-process the files.

Continue reading “Audio Out Over UART”

Break Your Wrist? Twitter-Enable That Plaster Cast

Plaster casts are blank canvases for friends and family to post their get well messages. But if it’s holiday season, adding blinky LED lights to them is called for. When [Dr Lucy Rogers] hurt her hand, she put a twitter enabled LED Christmas tree on her cast.

The hardware is plain simple – some RGB LEDs, an Arduino, a blue tooth module and a battery. The LEDs and wires formed the tree, and all the parts were attached to the plaster cast using Velcro. This allowed the electronics to be removed during future X-ray scans. The fun part was in connecting the LEDs to the #CheerLights project. CheerLights is an “Internet of Things” project that allows people’s lights all across the world to synchronize to one color set by a Tweet. To program the Arduino, she used code written by [James Macfarlane] which allowed the LED color to be set to any Cheerlights color seen in blue tooth UART data.

Connectivity is coordinated using MQTT — lightweight standard popular with connected devices. By connecting the MQTT feed to the cheerlights topic from [Andy Stanford-Clark’s] MQTT feed (mqtt://iot.eclipse.org with the topic cheerlights) the lights respond to tweets (Tweet #cheerlights and a color). The LED colors can also be selected via the phone from the color picker tool in the controller, or directly via the UART. If the Bluetooth connection is lost, the LEDs change colors randomly. Obviously, delegates had great fun when she brought her Twitter enabled LED blinky lights plaster cast arm to a conference. It’s not as fun unless you share your accomplishments with others!