Back to Blog
Fingerprint

WebGPU Fingerprinting: The Next Generation of GPU Tracking

How the WebGPU API exposes GPU adapter details for fingerprinting, and how to control GPU identity signals at the browser engine level.

Introduction

WebGPU is the successor to WebGL, providing modern, low-level access to GPU hardware for rendering and compute workloads. As browsers adopt WebGPU, it introduces a new fingerprinting surface that privacy-conscious users need to be aware of. The API exposes GPU adapter information including the vendor, architecture, device description, feature set, and detailed capability limits. This information is richer and more structured than what WebGL provides, making it a growing concern for anyone who values their online privacy.

For privacy researchers, automation engineers, and anyone concerned about browser fingerprinting, WebGPU represents a significant new source of device identity leakage. This article explains why WebGPU matters for your privacy and how BotBrowser controls WebGPU identity signals through its profile system and the --bot-config-webgpu flag.

Privacy Impact

WebGPU is a relatively new API (shipping in Chrome since version 113), but its fingerprinting implications are already significant. Although the WebGPU specification was designed with some privacy considerations, including reduced-resolution adapter info by default, the combination of available signals still provides meaningful entropy that can be used for tracking.

The GPU information exposed by WebGPU includes vendor, architecture, and device fields. While these are intentionally less detailed than WebGL's raw renderer strings, they still distinguish between GPU families. Different GPU vendors, integrated versus discrete GPUs, and different architectures all produce distinct values that narrow down your device configuration.

Beyond basic adapter info, WebGPU exposes a detailed set of capability limits: maximum texture dimensions, maximum buffer sizes, maximum compute workgroup sizes, and dozens more. These limits vary between GPU vendors, architectures, and driver versions. The combination of these limit values creates a GPU capability fingerprint that is often more granular than the adapter info itself.

Early research from browser privacy teams has noted that WebGPU's limit values can distinguish between specific GPU generations within the same vendor family. Two GPUs from the same manufacturer but different product lines report different limits, even though they share the same vendor identifier. This level of granularity is concerning for privacy because it narrows identification to specific hardware models.

Growing Importance

As WebGPU adoption increases, particularly for AI inference, advanced visualization, gaming, and creative applications, the API will become standard across modern browsers. This means that WebGPU fingerprinting will become more prevalent, and the absence of WebGPU may itself become a distinguishing signal. Proactive protection is essential.

Why This Matters for Your Privacy

GPU Identity Exposure

Your GPU is one of the most distinctive pieces of hardware in your computer. The combination of vendor, architecture, and capability limits creates a hardware fingerprint that is difficult to change and persistent across browsing sessions. WebGPU makes this information directly queryable by any website, without any permission prompt or user notification.

Cross-API Correlation

A critical privacy concern is the correlation between WebGPU and WebGL. Both APIs access the same GPU. If the GPU identity reported by one API does not match the other, or if the capability profiles are inconsistent between the two APIs, the mismatch itself becomes a strong tracking signal. Websites that query both APIs can detect inconsistencies, which is why any protection approach must address both APIs together.

Feature Set as Fingerprint

The set of GPU features available through WebGPU (such as texture compression formats, depth clipping, timestamp queries, and shader capabilities) varies between GPU models and driver versions. The specific combination of supported features acts as an additional fingerprinting dimension that supplements the adapter info and capability limits.

Rendering Output Variations

Like WebGL, WebGPU rendering produces GPU-specific output. Compute shaders, rendering pipelines, and texture operations all produce results that vary at the numerical level between GPU architectures. While WebGPU's specification is stricter about precision than WebGL's, implementation differences still exist and can be used for fingerprinting.

Common Protection Approaches and Their Limitations

Disabling WebGPU is currently the simplest protection. Since WebGPU is relatively new, most web content does not require it. However, as adoption increases, disabling it will become increasingly impractical. The absence of WebGPU will also become a distinguishing signal as the API becomes standard, potentially making your browser more identifiable rather than less.

Blocking individual API methods only addresses part of the fingerprint. The feature set and capability limits remain available and provide significant entropy on their own. Partial protection is often worse than no protection because it creates inconsistencies.

JavaScript-level modification of adapter info changes the reported vendor and architecture but does not change the actual capability limits or rendering behavior. A website that checks both adapter info and limits can detect the inconsistency immediately. Surface-level approaches create new detection signals rather than removing existing ones.

Standardizing limits (reporting minimum required values for all limits) would reduce the fingerprint surface but might break WebGPU applications that depend on higher capabilities, degrading the user experience.

The effective approach requires controlling adapter info, features, limits, and rendering behavior from a single coherent source. This is exactly what BotBrowser provides.

BotBrowser's Engine-Level Approach

BotBrowser controls WebGPU identity at the Chromium engine level through its profile system, ensuring that all WebGPU-related signals are consistent and authentic. This is not a JavaScript override. BotBrowser modifies the browser's internal GPU reporting, so the native APIs themselves produce profile-consistent results.

Complete Adapter Info Control

When a profile is loaded, the adapter info matches the profiled GPU across all fields: vendor, architecture, device identifier, and description. These values correspond to a real GPU configuration captured from an actual device. There are no synthetic or generic values that could indicate the identity has been modified.

Feature Set Control

The set of features reported by the WebGPU adapter matches the profiled GPU exactly. Only features supported by the profiled GPU are listed, and all features that the profiled GPU supports are present. This ensures that the feature set is consistent with the adapter info, the capability limits, and the rendering behavior.

Capability Limits Control

All capability limit values are derived from the profile. The maximum texture dimensions, buffer sizes, compute workgroup sizes, and all other limits match the profiled GPU's actual capabilities. These are not default minimum values. They correspond to the specific GPU model in the profile, reflecting real-world hardware characteristics.

WebGL-WebGPU Consistency

BotBrowser ensures that the GPU identity reported by WebGPU is consistent with what WebGL reports. Both APIs indicate the same GPU vendor, and the capability profiles are compatible. This cross-API consistency eliminates a major detection vector that affects other protection approaches.

Rendering Output Control

When combined with --bot-noise-seed, WebGPU rendering output becomes deterministic and consistent with the profiled device. Compute shader results and rendering pipeline output reflect the profiled GPU's numerical behavior, providing protection against rendering-based fingerprinting.

Configuration and Usage

Basic WebGPU Protection

WebGPU protection is automatic when loading a profile:

chrome --bot-profile="/path/to/profile.enc" \
       --user-data-dir="$(mktemp -d)"

WebGPU Configuration Options

BotBrowser gives you explicit control over WebGPU behavior through the --bot-config-webgpu flag:

# Use profile's WebGPU settings (default, recommended)
chrome --bot-profile="/path/to/profile.enc" \
       --bot-config-webgpu=profile

# Use real system GPU for WebGPU (when you need actual GPU performance)
chrome --bot-profile="/path/to/profile.enc" \
       --bot-config-webgpu=real

# Disable WebGPU entirely (removes the fingerprinting surface)
chrome --bot-profile="/path/to/profile.enc" \
       --bot-config-webgpu=disabled

Combined WebGL and WebGPU Configuration

For the strongest fingerprint protection, configure both GPU APIs together:

# Both APIs use profile data (recommended for consistency)
chrome --bot-profile="/path/to/profile.enc" \
       --bot-config-webgl=profile \
       --bot-config-webgpu=profile \
       --bot-noise-seed=42

This ensures complete GPU identity consistency across both APIs, with deterministic rendering output through the noise seed.

Playwright Integration

const { chromium } = require('playwright');

const browser = await chromium.launch({
  executablePath: '/path/to/botbrowser/chrome',
  args: [
    '--bot-profile=/path/to/profile.enc',
    '--bot-config-webgpu=profile',
    '--bot-noise-seed=42'
  ]
});

const page = await browser.newPage();
await page.goto('https://example.com');

// Verify WebGPU identity matches the profile
const gpuInfo = await page.evaluate(async () => {
  if (!navigator.gpu) return 'WebGPU not available';
  const adapter = await navigator.gpu.requestAdapter();
  if (!adapter) return 'No adapter';
  const info = await adapter.requestAdapterInfo();
  return {
    vendor: info.vendor,
    architecture: info.architecture,
    device: info.device,
    features: [...adapter.features],
    maxTexture2D: adapter.limits.maxTextureDimension2D
  };
});
console.log('WebGPU identity:', gpuInfo);

Puppeteer Integration

const puppeteer = require('puppeteer');

const browser = await puppeteer.launch({
  executablePath: '/path/to/botbrowser/chrome',
  defaultViewport: null,
  args: [
    '--bot-profile=/path/to/profile.enc',
    '--bot-config-webgpu=profile'
  ]
});

const page = await browser.newPage();
await page.goto('https://example.com');

// Your WebGPU identity is now protected by the profile

Verification

After launching BotBrowser with a profile, verify your WebGPU protection:

Adapter info check. Verify the vendor, architecture, and device match the profile's target GPU. They should reflect the profiled device, not your actual hardware.

Feature set check. Confirm that the listed features match the expected features for the profiled GPU. The set should be complete and accurate.

Limits check. Verify several limit values and confirm they match the profiled GPU's capabilities. The values should be specific to the GPU model in the profile, not generic minimums.

WebGL-WebGPU consistency. Compare the GPU vendor reported by WebGL with the vendor reported by WebGPU. They should indicate the same GPU family, ensuring cross-API coherence.

Cross-session stability. Run the same WebGPU queries across multiple sessions with the same profile. All values should be identical every time, demonstrating that your GPU fingerprint is stable and reproducible.

You can use fingerprint testing websites or BotBrowser's built-in verification tools to confirm these signals are properly aligned.

Best Practices

  • Keep WebGL and WebGPU settings aligned. Both APIs expose GPU identity. Use --bot-config-webgl=profile and --bot-config-webgpu=profile together to ensure cross-API consistency. Mismatched GPU identities between the two APIs are a strong tracking signal.

  • Use profiles with WebGPU data. Not all profiles include WebGPU information (older profiles may predate WebGPU). Use current profiles that include WebGPU adapter data to ensure complete protection.

  • Consider disabling WebGPU if not needed. If your use case does not require WebGPU, --bot-config-webgpu=disabled removes the fingerprinting surface entirely. This is a valid choice while WebGPU adoption is still growing, though it may become less viable as the API becomes standard.

  • Combine with --bot-noise-seed for rendering output. Adapter info and limits are deterministic from the profile. Rendering output also needs the noise seed for determinism. Using both together provides the most comprehensive GPU fingerprint protection.

  • Test WebGPU availability. Some profiles may not support WebGPU (matching devices where WebGPU is not available). Verify that your profile includes WebGPU data if your application needs it.

FAQ

Q: Is WebGPU available in all browsers? A: As of early 2026, WebGPU is available in Chrome/Edge (since version 113), Firefox (behind a flag in some versions), and Safari (partial support). Availability varies by platform. BotBrowser profiles specify whether WebGPU should be available based on the profiled device, giving you accurate representation of real-world browser configurations.

Q: How does WebGPU fingerprinting compare to WebGL fingerprinting? A: WebGPU provides more structured adapter info and more detailed capability limits, while WebGL provides raw renderer strings and rendering-based fingerprints. Both APIs are important for comprehensive GPU fingerprint protection. BotBrowser protects both through its profile system, ensuring your GPU identity is consistent across all graphics APIs.

Q: Can I use WebGPU for compute workloads with BotBrowser? A: Yes. BotBrowser's WebGPU control operates at the identity and capability reporting level. Actual compute execution uses your real GPU hardware for performance. You get full GPU performance for your workloads while maintaining a protected fingerprint identity.

Q: What if my profile does not include WebGPU data? A: If the profile does not include WebGPU data and --bot-config-webgpu=profile is set, WebGPU may not be available (matching a device where WebGPU is not supported). Use a newer profile that includes WebGPU data if you need WebGPU access.

Q: Does disabling WebGPU affect WebGL? A: No. WebGL and WebGPU are independent APIs. Disabling WebGPU does not affect WebGL functionality. Each is controlled by its own --bot-config-* flag, giving you granular control over your GPU fingerprint.

Q: Are WebGPU compute shader results affected by the noise seed? A: When --bot-noise-seed is set, rendering and compute output that could be used for fingerprinting includes deterministic variation. Normal compute workloads that do not touch fingerprint-sensitive surfaces are unaffected. Your scientific or AI compute workloads remain accurate while your fingerprint is protected.

Summary

WebGPU introduces a new and detailed GPU fingerprinting surface through adapter info, feature sets, capability limits, and rendering output. As the API becomes standard, controlling these signals becomes essential for comprehensive fingerprint protection. BotBrowser controls all WebGPU identity signals at the Chromium engine level through its profile system, ensuring consistency with WebGL identity and with the overall device profile. The --bot-config-webgpu flag provides explicit control over WebGPU behavior, from full profile-driven protection to complete disabling. With BotBrowser, your GPU identity is authentic, consistent across APIs, and fully aligned with your overall browser fingerprint.

For related topics, see What is Browser Fingerprinting, WebGL Fingerprint Protection, Canvas Fingerprinting, and Deterministic Browser Behavior.

#webgpu#fingerprinting#gpu#privacy