What Is WebGPU Fingerprinting?

Paste into ChatGPT, Claude, or any LLM

On this page

WebGPU fingerprinting reads identifying data from the modern navigator.gpu API. Where WebGL exposes a renderer string, WebGPU exposes a structured GPUAdapterInfo object plus dozens of numeric limits (max buffer size, max compute workgroup counts, max texture dimensions) and a list of supported features. Because WebGPU also runs real compute shaders, a probe can hash the floating-point output of a known kernel - a signal that is closer to the silicon than WebGL and harder to fake without a real GPU.

Reads	GPUAdapterInfo (vendor/architecture), ~40 numeric limits, feature list, compute output hash
Distinct from WebGL	WebGPU exposes structured adapter limits + compute shaders, not just a renderer string
Headless tell	No adapter at all (requestAdapter returns null) on GPU-less servers
Coherence trap	Adapter limits must match the WebGL renderer and the claimed platform
Status	Shipped in Chrome 113+; anti-bot vendors began scoring it in 2024-2025

What WebGPU exposes that WebGL does not

WebGPU was designed for compute, so it surfaces far more structured hardware detail than WebGL. A fingerprint probe collects three layers:

Adapter info - adapter.info returns vendor ("nvidia", "apple", "intel"), architecture ("turing", "apple-m", "gen-12lp"), and sometimes device and description strings.
Limits - adapter.limits is an object of roughly 40 numeric ceilings: maxTextureDimension2D, maxBufferSize, maxComputeWorkgroupSizeX, maxStorageBufferBindingSize, and more. The exact tuple is tightly bound to the GPU model and driver.
Compute output - dispatch a known compute shader over known inputs, read back the buffer, and hash it. Floating-point rounding in the shader cores differs between vendors and architectures.

The combination is higher-entropy than WebGL because the limits object alone encodes the GPU tier as ~40 correlated numbers rather than one string.

Why headless servers fail WebGPU

On a server with no GPU, navigator.gpu.requestAdapter() resolves to null. Real desktop Chrome on consumer hardware almost always returns a working adapter, so a null adapter on a request claiming to be a normal desktop user is a strong anomaly. Forcing software rendering (Chrome's Dawn/SwiftShader WebGPU backend) returns an adapter whose vendor is reported as a software fallback and whose limits match no real GPU - an equally clear tell.

The mitigations mirror WebGL: pass a real GPU through to the browser (xvfb plus a physical or virtual GPU), or patch the adapter at the engine level so the info, limits, and compute output all come from a coherent real-device profile. JavaScript-level spoofing of adapter.limits is detectable because the patched getters fail Function.toString() inspection.

The WebGL/WebGPU coherence check

The decisive technique is cross-checking WebGPU against WebGL. Both APIs describe the same physical GPU, so their stories must agree. If WebGL reports "Apple GPU" but the WebGPU adapter vendor is "nvidia", or WebGL reports an RTX 4070 while the WebGPU maxComputeWorkgroupStorageSize matches an integrated Intel chip, the request is incoherent and gets blocked. A request that spoofs one API but leaves the other at its headless default is worse than spoofing neither.

This is the same lesson as everywhere else in fingerprinting: a believable identity is a coherent cluster of values harvested from one real machine, not a pile of individually-plausible spoofs. Engine-level tools (Camoufox, Chromium forks) that serve matched (WebGL, WebGPU) tuples per session are the only reliable defence.

Code example

javascript

// What an anti-bot script reads to fingerprint WebGPU
async function webgpuFingerprint() {
  if (!navigator.gpu) return 'no-webgpu';          // suspicious on modern Chrome
  const adapter = await navigator.gpu.requestAdapter();
  if (!adapter) return 'null-adapter';             // GPU-less headless server tell

  const info = adapter.info || {};
  const limits = {};
  for (const k in adapter.limits) limits[k] = adapter.limits[k];  // ~40 numbers

  return {
    vendor: info.vendor,                 // 'nvidia' | 'apple' | 'intel' | software-fallback
    architecture: info.architecture,     // 'turing' | 'apple-m' | 'gen-12lp'
    features: [...adapter.features].sort().join(','),
    maxBufferSize: limits.maxBufferSize, // tightly bound to GPU model
    maxTexture2D: limits.maxTextureDimension2D
  };
  // Cross-checked against the WebGL renderer - a mismatch is block-grade.
}

Related terms

What Is WebGL Fingerprinting?

WebGL fingerprinting reads identifying information directly from the GPU. The browser exposes the graphics card vendor and renderer string (…

What Is Canvas Fingerprinting?

Canvas fingerprinting is a browser-identification technique that asks the browser to draw an invisible image and hashes the resulting pixel …

What Is Browser Fingerprinting?

Browser fingerprinting is a technique that identifies and tracks a visitor by combining dozens of small, observable characteristics of their…

What Is Fingerprint Clustering?

Fingerprint clustering is the practice of grouping fingerprints from millions of real visitors by similarity, then rejecting any new visitor…

What Is Headless Browser Detection?

Headless browser detection is the set of probes anti-bot systems use to distinguish a headless or instrumented Chrome session from a real us…

What Is Camoufox?

Camoufox is a stealth-focused fork of Firefox with anti-fingerprinting patches applied at the C++ build level. Unlike playwright-stealth, wh…

What Is Anti-Bot Detection?

Anti-bot detection is the set of techniques websites use to distinguish automated traffic from human users — and to block, challenge, or thr…

What Is Browser Fingerprinting Evasion?

Browser fingerprinting evasion is the practice of configuring an automated browser so that the combined fingerprint it presents — canvas, We…

Anti-Bot Vendor Detection Cheatsheet

The first step of any scrape against a protected site is identifying which anti-bot vendor is in front of it. The vendor determines almost e…

How Do Websites Detect Web Scrapers?

Websites detect scrapers by collecting hundreds of signals across the network, transport, browser, and behavioral layers, then scoring the c…

Concept map

How WebGPU Fingerprinting connects

The terms most directly tied to this one. Hover a node to see its neighbours, click to preview, drag to rearrange.

0 terms · 0 connections

You are here · Anti-Bot

Tools & solutions for this topic

Frequently asked questions

Is WebGPU fingerprinting replacing WebGL fingerprinting?

It is adding to it, not replacing it. WebGL still ships everywhere and is checked first. WebGPU is used as a second, higher-entropy GPU signal and - more importantly - as a coherence cross-check against WebGL. Vendors that score both can catch tools that only harden one.

Can I disable WebGPU to avoid the fingerprint?

On Chrome 113+ a missing navigator.gpu is increasingly anomalous for a claimed desktop Chrome user, though it is still common enough that it is a soft signal rather than a hard block today. Returning a null adapter is more normal than removing the API entirely, but the safest posture is a coherent real adapter.

Why is the limits object such a strong signal?

Because it is about 40 numbers that all come from the same GPU and driver. They are highly correlated - you cannot change one without making the tuple inconsistent with any real device. Spoofing a believable limits object means copying a complete one from a real GPU, not editing individual values.

Last updated: 2026-05-30