feat: enhance fingerprinting system with audio_v2, canvas_v2, WebGL2, and spoofing detection#91
Conversation
Agent-Logs-Url: https://github.com/IntegerAlex/fingerprint-oss/sessions/468aec40-8202-4659-95bf-c8644f4f9774 Co-authored-by: IntegerAlex <84370725+IntegerAlex@users.noreply.github.com>
…bGL2, spoofing detection Agent-Logs-Url: https://github.com/IntegerAlex/fingerprint-oss/sessions/468aec40-8202-4659-95bf-c8644f4f9774 Co-authored-by: IntegerAlex <84370725+IntegerAlex@users.noreply.github.com>
…t Uint8Array hashing Agent-Logs-Url: https://github.com/IntegerAlex/fingerprint-oss/sessions/468aec40-8202-4659-95bf-c8644f4f9774 Co-authored-by: IntegerAlex <84370725+IntegerAlex@users.noreply.github.com>
…plementation Agent-Logs-Url: https://github.com/IntegerAlex/fingerprint-oss/sessions/468aec40-8202-4659-95bf-c8644f4f9774 Co-authored-by: IntegerAlex <84370725+IntegerAlex@users.noreply.github.com>
❌ Deploy Preview for clever-starlight-3034ea failed. Why did it fail? →
|
❌ Deploy Preview for fingerprint-oss failed. Why did it fail? →
|
|
|
There was a problem hiding this comment.
Pull request overview
This PR extends the fingerprinting pipeline by adding an optional enhanced namespace to SystemInfo, collecting additional (noise-stabilized / higher-entropy) signals and a spoofing/headless score while keeping existing outputs and hashing behavior backward-compatible.
Changes:
- Adds
src/enhanced.tswithaudio_v2,canvas_v2,webgl2, spoofing detection, and entropy scoring, plus an aggregatecollectEnhancedFingerprint(). - Extends
SystemInfotyping to includeenhanced?: EnhancedFingerprintInfo. - Wires enhanced collection into
getSystemInfo()and re-exports the new APIs/types viasrc/index.ts.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
| src/enhanced.ts | Implements enhanced signal collection (audio/canvas/WebGL2) + spoofing scoring + entropy estimates. |
| src/types.ts | Adds new enhanced interfaces and attaches enhanced? to SystemInfo. |
| src/systemInfo.ts | Calls collectEnhancedFingerprint() and stores result under systemInfo.enhanced. |
| src/index.ts | Exposes enhanced functions/constants/types as named exports and on the default export object. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@copilot apply changes based on the comments in this thread |
…aths, camelCase keys, non-enumerable enhanced, parallel collection, viewport guard Agent-Logs-Url: https://github.com/IntegerAlex/fingerprint-oss/sessions/84a490dd-5714-45ad-a17a-6e48d30f8eea Co-authored-by: IntegerAlex <84370725+IntegerAlex@users.noreply.github.com>
Agent-Logs-Url: https://github.com/IntegerAlex/fingerprint-oss/sessions/84a490dd-5714-45ad-a17a-6e48d30f8eea Co-authored-by: IntegerAlex <84370725+IntegerAlex@users.noreply.github.com>
Applied all review comments in commit
|
| // baseline async signals (incognito, adBlocker, audio, webGL, cores). | ||
| const enhancedPromise = collectEnhancedFingerprint(); | ||
|
|
There was a problem hiding this comment.
🟠 High src/systemInfo.ts:174
If any intermediate await (e.g., detectIncognito() at line 178) throws before line 256, enhancedPromise is never awaited, causing an unhandled promise rejection when collectEnhancedFingerprint() eventually rejects. This can crash Node.js configured with --unhandled-rejections=throw. Consider chaining .catch(() => {}) to enhancedPromise immediately after creation to suppress unhandled rejection warnings.
// Start enhanced collection early so it runs in parallel with the
// baseline async signals (incognito, adBlocker, audio, webGL, cores).
- const enhancedPromise = collectEnhancedFingerprint();
+ const enhancedPromise = collectEnhancedFingerprint().catch(() => undefined);
// Check for incognito mode
const incognitoMode = await detectIncognito();🚀 Reply "fix it for me" or copy this AI Prompt for your agent:
In file src/systemInfo.ts around lines 174-176:
If any intermediate `await` (e.g., `detectIncognito()` at line 178) throws before line 256, `enhancedPromise` is never awaited, causing an unhandled promise rejection when `collectEnhancedFingerprint()` eventually rejects. This can crash Node.js configured with `--unhandled-rejections=throw`. Consider chaining `.catch(() => {})` to `enhancedPromise` immediately after creation to suppress unhandled rejection warnings.
Evidence trail:
src/systemInfo.ts lines 175-178 (enhancedPromise creation and first intermediate await), lines 185, 207, 210, 217 (additional intermediate awaits), line 255 (where enhancedPromise is finally awaited), src/incognito.ts line 372 (`main().catch(reject)` showing detectIncognito can reject)
There was a problem hiding this comment.
I'm working on the fix now. Adding .catch(() => undefined) to enhancedPromise to suppress unhandled rejection warnings.
There was a problem hiding this comment.
I was unable to create the branch macroscope/copilot/enhance-fingerprinting-system. This may be due to your branch protection rules. For more information, see the documentation at https://docs.macroscope.com/fix-it-for-me.
|
@macroscope-app review |
|
Review in progress. Results will be posted when complete. |
|
@macroscope-app review |
|
Review in progress. Results will be posted when complete. |
ApprovabilityVerdict: Needs human review 1 blocking correctness issue found. Diff is too large for automated approval analysis. A human reviewer should evaluate this PR. You can customize Macroscope's approvability policy. Learn more. |
❌ Deploy Preview for clever-starlight-3034ea failed. Why did it fail? →
|
fix: resolve all security vulnerabilities and code scanning alerts
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
- Regenerate lockfiles with npm install to ensure package.json/lock sync - Add .npmrc with legacy-peer-deps for demo (react-day-picker peer dep) - All 4 packages pass npm ci and report 0 vulnerabilities
fix: regenerate all lockfiles for npm ci compatibility
|
@macroscope-app review |
|
Review in progress. Results will be posted when complete. |
- Add permissions: contents: read to ci.yml and playwright_tests.yml - Add npm overrides for postcss, esbuild, uuid, qs, etc. to force safe versions - Add .npmrc with legacy-peer-deps for demo (react-day-picker peer dep conflict) - Regenerate all lockfiles to be in sync with package.json - All 4 packages report 0 vulnerabilities
src/enhanced.tswith new fingerprinting functionssrc/types.tswith new enhanced interfacessrc/systemInfo.tsto collect enhanced datasrc/index.tsstable.set(frames[0].data)— the ternary was redundant since both branches returneddata0[i]Note
Add audio_v2, canvas_v2, WebGL2, and spoofing detection to fingerprinting
getEnhancedAudioFingerprintusingOfflineAudioContextto produce a deterministic audio fingerprint and detect sample tampering viagetChannelDatavscopyFromChannelcomparisongetEnhancedCanvasFingerprintthat renders a fixed scene 3 times and takes the per-byte majority value to neutralize per-call noise, returning a SHA-256 hashgetEnhancedWebGL2Infoto collect vendor/renderer strings, implementation limits, shader precision formats, and extension hashesdetectSpoofingthat aggregates headless/anti-fingerprinting indicators (e.g.navigator.webdriver, missingwindow.chrome, software renderer) into a weighted score and boolean verdictenhancedproperty on thegetSystemInforeturn value, leavingJSON.stringifyandObject.keysoutput unchangedChanges since #91 opened
package-lock.json[f3d01a7]fingerprint-ossdependency from version 0.9.5 to 0.9.6 [970b44a]Macroscope summarized fb74a16.