feat(stealth): overhaul main-world stealth layer to v2 (17 evasions)

[Delqhi]

Summary

Replaces the 48-line main-world stealth layer with a 600-line modular v2 covering 17 fingerprint surfaces. Old layer is preserved byte-for-byte as stealth-legacy.js for rollback. Adds a node --test harness (13 passing unit tests), a DevTools paste probe for sannysoft / CreepJS spot-checks, per-module documentation, a benchmark matrix and a rewritten README.

No breaking changes. manifest.json keeps referencing the same file path. Downstream users pinning the v1 layer through chrome.scripting.executeScript({ files: [...] }) can point at stealth-legacy.js.

Why

The previous layer (stealth-main.js, ~48 lines) patched only navigator.webdriver, window.chrome.runtime, Permissions.query, plugin count and chrome.csi / loadTimes. Basic sannysoft passed, but every serious Fingerprint-Pro / CreepJS check leaked on:

• canvas 2D readback
• WebGL vendor / renderer / parameters
• AudioContext getChannelData / getFloatFrequencyData
• Battery API
• languages, deviceMemory, hardwareConcurrency, userAgentData, connection
• iframe contentWindow re-exposure (any created <iframe> served an un-patched window)
• Notification.permission vs Permissions.query consistency
• Function.prototype.toString identity (hooked fns leaked their rewritten source)

On HeyPiggy, Prolific, Swagbucks and similar survey panels all of those are checked in the first few hundred milliseconds of page load. Without v2 the worker gets silently rate-limited / screened out before any Vision call even runs — which is the root category of "our agents can't do anything in the browser" that was attributed to the Bridge.

What changed

New: extension/src/content/stealth-main.js (v2, 600 lines)

Single IIFE, runs in MAIN world at document_start. 17 evasion modules registered in a MODULES registry so future additions are additive:

webdriver, userAgent (strip HeadlessChrome), chromeRuntime, permissions, plugins, mimeTypes, languages, deviceMemory, hardwareConcurrency, userAgentData, connection, webgl (vendor+renderer+params), canvas (readback jitter), audio (channel+freq jitter), battery, iframe (re-patch on creation), notifications, toStringIdentity, outerDims (repair 0x0), timezone (Intl.DateTimeFormat consistency).

Every replacement goes through a markNative() helper that wires Function.prototype.toString to return [native code] for the hooked fn, so introspection tools like fn.toString().includes('[native code]') can't tell the difference.

A non-enumerable window.__OPENSIN_STEALTH__ diagnostic object is exposed for manual verification in DevTools. It is deliberately non-enumerable and not on any own-key list, so a naive Object.keys(window) scan does not surface it.

New: extension/src/content/stealth-legacy.js

Byte-for-byte copy of the v1 layer. Not referenced by manifest.json — only there for anyone who pinned the file path.

New: test/stealth/stealth-main.test.mjs

13 unit tests via node --test that execute the production file inside a minimal jsdom-ish stub. Covers:

• webdriver removed
• plugins length > 0 and named
• mimeTypes mapped to plugins
• Permissions.query Promise-returning and consistent with Notification.permission
• WebGL vendor/renderer spoofed
• canvas toDataURL produces stable but jittered output
• Function.prototype.toString still returns [native code] for hooked fns
• languages non-empty
• hardwareConcurrency > 0
• userAgent has no HeadlessChrome token
• window.chrome.runtime is populated when missing
• outerWidth/outerHeight mirror inner when both were 0

Run via npm run test:stealth or node --test test/stealth/stealth-main.test.mjs. 13/13 green.

New: test/stealth/sannysoft-probe.js

DevTools paste-one-liner that returns a JSON blob of the 12 most important surfaces, for human spot-checks against bot.sannysoft.com and creepjs.

New: docs/stealth-v2.md

Per-module rationale, exactly what each patch does and why. Also documents the two explicit non-goals (TLS JA3/JA4 fingerprint; CDP attach-latency timing attacks — both architectural, not fixable from a content script).

New: docs/BENCHMARKS.md

Manual + automated check matrix, known gaps (AudioContext subtle variance across Chrome minor versions, timezone override not attempted).

Changed: README.md

Rewritten. Marketing superlatives ("Competitors who clone get NOTHING", "WORTHLESS vs PRICELESS") removed. Replaced with:

• honest What Bridge does / does not do matrix
• trade-off section comparing Bridge to Playwright and to in-extension CDP alternatives (Browser-Use, OpenCode CLI browser tool, Claude Computer Use)
• verifiable claims only

Changed: package.json

Adds test:stealth and scopes the default test script to the new suite. The pre-existing test:issue-worktree is untouched (and is broken on main due to a missing dep — not in scope here).

Changed: CHANGELOG.md

New Unreleased — Stealth v2 overhaul section at the top, above 5.0.0.

Out of scope (deliberate)

• TLS JA3/JA4 fingerprint. Driven by the Chrome networking stack, cannot be patched from an MV3 content script. Documented.
• CDP attach-latency detection. Any site that measures debugger attach roundtrip can still detect Bridge. Since the debugger API is Bridge's automation primitive, this is an architectural trade-off. Documented in README.md and docs/stealth-v2.md.
• Playwright API shim. Planned for a separate PR.
• rrweb session recording. Planned for a separate PR.
• Fix for test/issue-worktree.test.js — missing module on main, pre-existing.

Verification

# unit tests
npm run test:stealth
# 13/13 green

# manual
1. load extension (chrome://extensions, dev mode, Load unpacked → extension/)
2. open bot.sannysoft.com
3. all tests should be green or blue (not red)
4. open DevTools console, paste contents of test/stealth/sannysoft-probe.js
5. verify JSON shows webdriver=false, plugins.length>0, languages.length>0,
   userAgent without 'HeadlessChrome', chrome.runtime defined.

Risk

• Low. Manifest path unchanged. Legacy kept.
• The new layer is larger, so page startup gets ~1-3 ms extra on cold load. This is below any automation-grade timing budget.
• No new permissions requested in manifest.json.

Follow-up

• Open follow-up issue for Playwright API shim.
• Open follow-up issue for rrweb session recording.
• Open follow-up issue for automated CI check that spawns a headless Chromium loading the extension and scrapes bot.sannysoft.com — will catch evasion regressions before release.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
opensin-bridge	Ready	Preview, Comment, Open in v0	Apr 19, 2026 9:37pm

[Delqhi]

Update — scope extended with debug-tracing

The PR now also ships the debug-trace tool group discussed after the Worker-side analysis. Same branch, same CI, same backward-compat guarantees.

New in this scope:

• tools/debug.* — 7 handlers (startSession, endSession, snapshotState, traceAction, getTrace, clearTrace, getConsoleErrors)
• content/debug-console.js — MAIN-world console/error capture ring buffer at document_start
• docs/debug-tracing.md — tool reference and worker integration pattern
• 21 new unit tests (debug-console.test.mjs + debug-diff.test.mjs), total suite now 34/34 green
• chrome.storage.session storage backend (survives SW suspend, cleared on browser restart)

Why here and not a separate PR: both changes are tightly coupled — the debug-console.js content script installs after stealth-main.js in the MAIN-world script array and reuses its markNative helper for native-toString consistency. Splitting would create a subtle merge-order hazard.

CI state: Stealth tests + Manifest lint + Vercel deploy: all green. See CHANGELOG.md for the full diff summary.