Persistent Hardware Fingerprinting · Cross-Browser · Anti-Evasion
Impronta is a probabilistic, hardware-invariant identity tracking system. Unlike traditional cookie or localStorage-based tracking, Impronta captures physical hardware signatures that persist across:
- Browser restarts and incognito mode
- Storage/cookie clears
- Different browsers on the same device
- Different OS user sessions on the same machine
Successfully tested on: Chrome, Firefox, Brave (Shields ON), Opera, GNOME Web (WebKit), Falkon (QtWebEngine), qutebrowser — all returning 100% correlated identity on the same physical machine.
┌─────────────────────────────────┐
│ Client Browser │
│ supercookie-async.js (LEX) │
│ ┌───────────────────────────┐ │
│ │ F-Cache │ Hardware │ │
│ │ (Read) │ Tokens (11+) │ │
│ └───────────┴───────────────┘ │
└──────────────┬──────────────────┘
│ HTTPS
┌──────────────▼──────────────────┐
│ Express Server │
│ /api/session/start │
│ /api/session/finish (YACC) │
│ AFND Scoring Engine │
│ ┌───────────────────────────┐ │
│ │ SQLite WAL (impronta.db) │ │
│ └───────────────────────────┘ │
└─────────────────────────────────┘
| Layer | Method | Resilience |
|---|---|---|
| L1 | F-Cache (Favicon Supercookie) | Survives cookie/storage clear |
| L2 | Spectral Prediction (AFND Engine) | Survives browser change |
The system is currently running in an isolated live environment for tracking and fingerprint profiling:
When astrobiology analyzes the spectrum of a distant planet searching for life, it doesn't look for "skyscrapers" or "humans" (which are temporary constructs). It searches for thermodynamic invariants or methane that persist despite cosmic noise and thick atmospheres.
Impronta utilizes this exact same analytical paradigm, but applied to silicon. It does not try to identify the user through "User-Agent", "Screen Resolution", or "Local Cookies" (which are obfuscated and unstable "atmospheres" that the user or browser can clear or spoof at will — e.g., Brave Shields, Tor Browser).
Instead, Impronta interrogates the physical core of the device. It constructs a Non-Deterministic Finite Automaton (NFA) coupled with a Dynamic Weight Matrix. If the algorithm detects that a browser is injecting "intentional noise" (Jittering) into timers (performance.now) to evade tracking, the instability increases mathematical variance (Entropy). The NFA reacts in real-time by removing weight (tracking authority) from the CPU clock and transferring it toward more stable invariants of the underlying machine during that millisecond, such as sustained GPU load or the physical degradation of the disk sector.
In the end, it profiles the real hardware, stripping it of its software "spacesuit".
Asymmetric collection is performed across 16 spectral dimensions. Below are the high-level physical hardware inspections executed by the asynchronous algorithm, detailing how they operate and their ultimate purpose.
| Inflexion (Sensor) | Inspection Mechanics (How it works) | Purpose of the Test (What it seeks) |
|---|---|---|
| GPU WebGL (Raw) | Bypasses the OS layer by instantiating a 3D context to extract the exact vendor and model string of the graphics processor using debug_renderer_info. |
Identify the exact Vendor and Architecture of the video chip soldered on the motherboard (e.g., Apple M1 GPU or NVIDIA RTX 4090), frustrating software spoofing. |
| GPU Perf (P-State) | Dynamically compiles and links complex trigonometric Fragment Shaders (sin/cos), forcing the graphics card to calculate 6000+ cycles over a minimal canvas and measuring the render delta. |
Force the GPU to stabilize its Power State and profile its real parallel computing capacity in milliseconds. Different machines with the "same GPU" vary due to thermal wear. |
| Thermal Skew (Throttling) | Executes an asynchronous and synchronous loop that deliberately blocks the processor's Main Thread to 100% CPU usage by injecting heavy mathematical load, measuring the drop in operations per millisecond over time. | Capture the Thermal Throttling Signature. Every computer chassis and heat dissipation architecture responds in microscopically unique ways to heat under stress. |
| Storage Wear (NVMe/SSD) | Overloads the PCIe bus via transactional IndexedDB storage in strict durability mode (bypassing RAM or V8 cache), forcing massive concurrent dumps (500KB+ per multi-thread). |
Profile the physical degradation and wear of the solid-state chip (Wear Leveling). The persistent disk write time is never identical between two disks in the world due to the asymmetric exhaustion of internal silicon during the device's lifespan. |
| WASM Benchmark | Instantiates pre-compiled WebAssembly (WASM) modules to execute pure mathematical calculations at the assembly level, bypassing the Javascript JIT Compiler (V8/SpiderMonkey) and its speculative optimizations. | Imprint a microscopic footprint of the underlying x86/ARM processor's IPC (Instructions Per Cycle) without the runtime abstraction layers of the web browser. |
| Clock Skew (Oscillator) | Uses a 1D Kalman Filter performing loops that densely measure the cross-difference between the RTC (Date.now) and the High-Resolution timer (performance.now), mitigating deliberate rounding imposed by Chromium/Firefox. |
Extract the inevitable "natural drift" (Clock Drift) of the physical Quartz Crystal on the Motherboard. Used to detect if the same device is masquerading as another by altering its identities. |
| JIT Engine (JS) | Executes an intensive floating-point algorithmic test purely in ES6/Javascript, forcing the browser's internal engine to precompile (TurboFan / JIT compiler). | Discover, analyze, and confirm the underlying organic behavior of the native Javascript Engine, preventing browsers from flagrantly spoofing their native identity without altering latency. |
| Audio / Font Rendering | Employs the Offline Audio Context API with specific oscillators and compressors; and renders hidden text strings to measure micrometric variances in vector antialiasing on screen. | Expose the configuration of the DSP (Digital Signal Processing) Drivers at the OS level and the vector rendering base libraries exclusive to the installation (DirectWrite vs CoreText). |
Dynamic Similarity Threshold: The Clustering engine assigns diverse devices a single shared
master_id(Persona) when the total mathematical convergence over the NFA surpasses a weighted confidence of >85%.
- Node.js 18+
- npm
git clone https://github.com/pab10v/impronta.git
cd impronta
npm install
node server.js
# Open http://localhost:3000Set the following environment variable in your cPanel Node.js configuration:
BASE_PATH=/app
This will prefix all routes: https://yourdomain.com/app/api/session/start, https://yourdomain.com/app/admin.html, etc.
cPanel Node.js App Settings:
- Application Root:
impronta/ - Application URL:
/app(or your chosen sub-path) - Application Startup File:
server.js - Environment Variables:
BASE_PATH=/app,PORT=3000(or as assigned by cPanel)
Starts a fingerprinting session.
Body: { action: "read" | "write", uid?: string }
Returns: { sid: string, uid?: string }
Serves an iframe for favicon bit-read (F-Cache layer).
Serves/reads individual favicon cache bits.
Finalizes the session, runs the AFND prediction engine.
Body: { sid, hardwareTokens, updateProfile?: boolean }
Returns: { uid: string, method: "f-cache" | "prediction" | null }
Admin endpoint. Returns all identities with optional spectral similarity scores.
Permanently deletes an identity and its hardware profile.
Navigate to /admin.html to:
- View all registered identities with their binary sequence (F-Cache vector)
- Select any identity as a "base" and compare its spectral similarity against all others
- Delete individual identities for clean test cycles
| Env Variable | Default | Description |
|---|---|---|
PORT |
3000 |
Server port |
BASE_PATH |
`` (empty) | URL prefix for all routes (e.g., /app) |
impronta/
├── server.js # Express server + AFND prediction engine
├── impronta.db # SQLite database (auto-created)
├── logs/
│ └── predictive.log # Process and prediction audit log
├── public/
│ ├── index.html # Demo client page
│ ├── admin.html # Admin/audit dashboard
│ └── supercookie-async.js # Client-side LEX (hardware collector)
└── tests/
└── simulate_cross_browser_fixed.js # Offline prediction simulation
| Evasion Technique | Defeated? | Signal Used |
|---|---|---|
| Clear cookies/localStorage | ✅ | F-Cache (Favicon) |
| Incognito / Private Mode | ✅ | F-Cache + Hardware |
| Different Browser | ✅ | GPU, Thermal, Screen |
| Brave Shields (Canvas/Audio randomization) | ✅ | GPU Raw + Thermal |
| Different OS user session | ✅ | Hardware invariants |
| Virtual Machine | env flag + Thermal Leak (Inflexión 16) |
|
| Different physical machine | ❌ | By design |
MIT © 2026
Javier Valle artesanous@endev.us