Now that I'm back to a real keyboard instead of responding to chipless noise from my phone, here is what is collected:
=====> In use: 2 of 2 licenses <=====
<=== REQ: 26XXXXXXXXXXX1ea4d (1544162907) 7 REGULAR b8XXXXXX3725a
===> RES: 26XXXXXXXXXXXXea4d (1544162908) 8 REGULAR
That's a sample from a previous paid user, who's miner sent in a status check, it's 7th communication (1 count each way) and tells the server it is in regular mode. The server uses that information, along with the users's license information, to respond ("===> RES:" line) and say "Ok, stay regular."
The only difference for dev-fee is the transition is from "REGULAR" to dev-fee and then from dev-fee to "REGULAR". The other information that is passed includes the time to mine for dev at, which is _hard coded_ at 600 seconds (10 minutes).
Otherwise, an optional message is sent back to the miner which can be displayed in the "Summary" page of the web interface (This is how the winner of the contests will be alerted).
On the very first connection, frequencies of boards are also sent back for statistical purposes and ultimately to "tune" the auto tuning function, a very crude summary of that data for the minis is included below:
Z9 Mini Average Frequencies:
Global: 660, Min 500, Max 850
Board 1: 668, Min 550, Max 787
Board 2: 668, Min 500, Max 793
Board 3: 672, Min 462, Max 787
As far as my design philosophy goes, it was "enable features, protect the work". As such, I made a hard but conscious decision to require authorization to function. Can't reach the server? Won't work for you, sorry. I had some Russian customers with that issue, so I spun up a server that worked for Russia -- problem fixed. The exception to this philosophy is paid users -- still requires authorization to start up, can run longer without a recheck. My design also allows for other options at scale (deployments of 1000+ systems for a single farm) which are not currently in use.
Can I expire firmware? Yes.
Can I revoke licenses? Yes.
Can I disable a system? Yes.
All of that is simply an artifact of requiring authorization. Nothing nefarious.
Why did I go through this trouble? A couple of users and organizations decided to take advantage of my trust. One sold my firmware on ebay as their own, another purchased a paid license for 1 system and then ran it on 1000+. How do I know this? Someone tried to claim the referral fee for the 1000+ nodes but there were not any purchases anywhere even near that number. I've since had two large organizations approach me for custom firmware work, only to run off with it since I didn't lock it down.
Did I make efforts to prevent tampering? Yes.
Did I make efforts to prevent someone else from taking over the whole authorization system and "stealing" everyone's miners? Yes (That's part of why functionality is greatly limited in terms of control, Chip -- I didn't want someone else to be able to do something nefarious because of a mistake I might have made).
What did I use to do this? I've been blessed with an excellent career and opportunities over the years to work with anything from circuit level design to architectures and deployments at global scale. I'm a number guys. I work with systems, math, statistics and more.
As far as what I'm making, spin it however you want, but I wish your math was correct. I'm giving away through these contests a fairly large portion of what I'm bringing in, to be honest. Also, the dev pools aren't hidden, so you can flat out see what I'm "bringing in" by simply looking.
So, yeah... nothing to hide there, Chip. Ball is in your court to throw the next accusation; join the discord, say hello! You could see exactly how much I do share (it's a lot more than you assume) instead of flinging poo.
Jason