localprobe: detect Bitcoin nodes running on the same machine as your (Firefox) browser

btc++ floripa26 exploits hackathon
Saturday, February 28, 2026

You’re running a Bitcoin node on the same machine as your (Firefox) web browser? Yeah, I and everybody else can tell…

localprobe is a small JavaScript snippet I built at the btc++ Floripa 2026 exploits hackathon. It detects whether you are running a Bitcoin node on the same machine as your Firefox browser and alerts you if so.

Firefox, unlike Chromium-based browsers (Chrome, Brave, Edge), allows web pages to make cross-origin requests to localhost. This means any website you visit in Firefox can probe ports on your machine. Chromium-based browsers block this via the Private Network Access spec.

localprobe probes the default Bitcoin Core RPC and P2P ports for mainnet, testnet3, testnet4, signet, and regtest, as well as Tor control and proxy ports. If any of these ports respond, it shows a privacy warning alerting you that any website you visit in Firefox can detect that you’re running a node.

A privacy alert from localprobe.
A privacy alert from localprobe.

You can test it by running bitcoind -regtest and visiting b10c.me.

My open-source work is currently funded by an OpenSats LTS grant. You can learn more about my funding and how to support my work on my funding page.

Creative Commons License Text and images on this page are licensed under the Creative Commons Attribution-ShareAlike 4.0 International License

Previous

Image for peer-observer: A tool and infrastructure for monitoring the Bitcoin P2P network for attacks and anomalies
July 29, 2025

peer-observer: A tool and infrastructure for monitoring the Bitcoin P2P network for attacks and anomalies

Over the past few years, I’ve been working on monitoring tools for the Bitcoin network. One of these projects is peer-observer: A tool and …