WebGPU exposes adapter name, vendor, and architecture without any debug extension. Learn how it creates a new fingerprinting surface and what defenses exist.
WebGPU is the modern successor to WebGL — a lower-level, lower-overhead API that gives web pages direct access to the GPU's compute and rendering pipeline. Since Chrome 113 and Edge 113 shipped it as stable in May 2023, adoption has grown across the Chromium ecosystem. What the privacy and security communities are now noticing is that WebGPU exposes more hardware-identifying information than WebGL ever did, and it does so through standard first-class API surfaces rather than a debug extension browsers are slowly deprecating. This makes WebGPU the next major GPU fingerprinting surface — one that most anti-detect tools have not yet caught up with.
Key Takeaways
navigator.gpu.requestAdapter()returns adapter metadata by default — vendor, architecture, device, and driver strings without any extension or permission prompt.- Supported limits and features form a high-cardinality fingerprint on their own, even without reading the vendor string directly.
- Compute-shader benchmarks produce hardware-dependent floating-point output that can be hashed into a stable per-device token, analogous to the WebGL rendered-pixel hash.
- Most anti-detect tools focus on WebGL, leaving WebGPU signals unprotected in the majority of privacy-hardened setups.
- Consistent spoofing is hard: falsifying the adapter info while leaving compute output intact makes you more identifiable, not less.
How WebGPU Exposes GPU Identity
WebGL needed a special extension — WEBGL_debug_renderer_info — to reveal the real GPU vendor and renderer strings. WebGPU requires no such workaround. Calling navigator.gpu.requestAdapter() returns a GPUAdapter whose synchronous .info property surfaces a GPUAdapterInfo object with four fields: vendor, architecture, device, and description. On a typical desktop these fields name the GPU manufacturer, the microarchitecture family, the device model, and sometimes a driver build tag — all without any user prompt.
Beyond the identity strings, the adapter exposes:
limits— aGPUSupportedLimitsobject with over 30 numeric capability values: maximum texture dimension, maximum buffer size, maximum compute workgroup counts, maximum bind groups, and more. These numbers reflect the physical GPU and driver, and they differ enough across hardware families to add significant entropy.features— aGPUSupportedFeaturesset listing optional capabilities the GPU and driver support, such asfloat32-filterable,timestamp-query, orshader-f16. The precise feature set depends on the GPU family and driver version.isFallbackAdapter— a boolean flag that istruewhen the browser has fallen back to a software renderer. A software renderer is a strong signal of a headless or virtualized environment, much like thellvmpiperenderer string in WebGL.
Together these properties produce a fingerprint richer than most WebGL implementations, and they are accessible synchronously after the initial async adapter request.
Reading the Adapter in Practice
The code below shows how little it takes to collect the core WebGPU hardware signals.
async function getWebGPUFingerprint() {
if (!navigator.gpu) return { supported: false };
const adapter = await navigator.gpu.requestAdapter();
if (!adapter) return { supported: false, reason: 'no-adapter' };
// Direct hardware identity — no extension required
const { vendor, architecture, device, description } = adapter.info;
// Numeric capability limits (30+ values, all hardware-dependent)
const limits = {};
const limitKeys = [
'maxTextureDimension2D',
'maxBufferSize',
'maxComputeWorkgroupSizeX',
'maxComputeWorkgroupsPerDimension',
'maxBindGroups',
];
for (const key of limitKeys) {
limits[key] = adapter.limits[key];
}
// Optional feature set
const features = [...adapter.features];
return {
supported: true,
isFallback: adapter.isFallbackAdapter,
info: { vendor, architecture, device, description },
limits,
features,
};
}
You can inspect your own browser's WebGPU adapter values live using BrowserInsight's fingerprint detection tool.
Compute-Shader Output Hashing
The most powerful WebGPU fingerprinting technique goes beyond metadata. A script can request a device from the adapter, upload a compute shader that performs floating-point arithmetic, execute it on the GPU, and read the output back to JavaScript. Because GPUs implement floating-point rounding, precision, and clamping slightly differently across architectures and driver versions, the numerical results differ between hardware families — and stay stable for the same device across page loads.
async function computeHash(device) {
// A small buffer for the shader to write results into
const outputBuffer = device.createBuffer({
size: 16,
usage: GPUBufferUsage.STORAGE | GPUBufferUsage.COPY_SRC,
});
// Shader does floating-point math that varies by GPU implementation
const shaderCode = `
@group(0) @binding(0) var<storage, read_write> out: array<f32>;
@compute @workgroup_size(1)
fn main() {
out[0] = sqrt(2.0) * sin(1.5707963);
out[1] = log(exp(1.0)) + pow(2.0, 0.5);
}
`;
// ... compile, dispatch, readback, hash
}
The practical result is a stable device-specific number that correlates with — but adds entropy beyond — the adapter info strings. Sites can combine the two for a higher-confidence GPU ID.
WebGPU vs. WebGL as a Fingerprinting Surface
WebGPU and WebGL overlap in what they ultimately reveal — your GPU — but they differ in how much effort a tracker must invest and how robust the result is.
| Property | WebGL | WebGPU |
|---|---|---|
| Identity strings | Via WEBGL_debug_renderer_info extension | Built into GPUAdapter.info by default |
| Extension deprecation risk | WEBGL_debug_renderer_info is flagged for removal in some browsers | Not applicable — info is a core API |
| Numeric limits | ~15 capability values | 30+ structured limits |
| Optional feature set | Varies by driver | Explicit features set |
| Compute hash | Via readPixels() on a rendered scene | Via compute shader readBuffer() |
| Software renderer signal | llvmpipe or SwiftShader renderer string | isFallbackAdapter: true |
The key advantage for trackers is that WebGPU is a cleaner API: the metadata is structured rather than embedded in a freeform string, the limits are more numerous and precisely defined, and the compute path for output hashing is purpose-built rather than borrowed from a rendering pipeline. For a deeper look at the WebGL side, see our WebGL fingerprint deep dive. Both form part of the broader fingerprint picture covered in the browser fingerprinting guide.
The Emerging Threat Landscape
The WebGPU specification is a W3C standard, and its privacy implications have been discussed in the relevant Working Group — but the spec prioritizes enabling high-performance graphics and compute over minimizing hardware exposure. Tracker awareness of WebGPU is growing: it appears as a toggle in professional anti-detect browsers like Dolphin Anty precisely because operators know it can break their spoofing if left unsuppressed.
At the same time, most browser extensions and consumer privacy tools that add noise to WebGL signals have not yet been updated to cover WebGPU. This lag makes WebGPU fingerprinting effectively a fresh surface for most users today.
Mitigations and Their Trade-offs
Brave: farbling extended to WebGPU
Brave has extended its farbling system to WebGPU, adding per-origin, per-session randomization to the adapter info strings and compute output. The same model that governs WebGL farbling applies here: the noise is deterministic within a session (so pages don't break) but differs between origins and sessions (so a cross-site ID cannot be built). This is currently the most practical consumer-grade defense for daily browsing.
Tor Browser
Tor Browser restricts WebGPU access, treating it as a high-risk fingerprinting surface. The goal, as with WebGL, is uniformity rather than spoofing: every Tor user presents the same (absent) surface, which is stronger in theory but can break GPU-accelerated web applications.
Disabling WebGPU in Firefox
Firefox supports WebGPU behind a flag (dom.webgpu.enabled in about:config). Disabling it removes the surface entirely but, as with disabling WebGL, the absence of WebGPU becomes a distinguishing trait in a browser population where it is increasingly enabled by default.
Why ad-hoc spoofing backfires
If you change the vendor string returned by GPUAdapter.info but do not also alter the limits, the feature set, or the compute output, you create an internally inconsistent picture. A detector correlates these fields: an "Apple" vendor string paired with NVIDIA-shaped limits and compute results is immediately suspicious. Effective spoofing requires either full consistency across all signals or shared uniformity (the Tor and Brave approaches). Per-user ad-hoc changes with no coordination typically achieve the opposite of their intent.
Frequently Asked Questions
Does reading WebGPU adapter info require any permission?
No. Calling navigator.gpu.requestAdapter() does not trigger a permission prompt. The adapter metadata — vendor, architecture, device — is returned by default, just as screen resolution or timezone are. No user gesture is required.
Is WebGPU fingerprinting already in use on real sites?
Yes, at least in the fingerprinting research and anti-detect communities. Tools like BrowserLeaks include WebGPU readouts, and anti-detect browser vendors explicitly offer WebGPU spoofing as a feature, which confirms that active fingerprinters are already using it. Mainstream advertising and analytics scripts have been slower to add it, but that gap is closing.
Can I test my own WebGPU exposure?
BrowserInsight's fingerprint detection tool shows your live GPU signals including WebGPU adapter data where your browser supports it, alongside the rest of your fingerprint components.
How does WebGPU fingerprinting differ from WebGL?
WebGL exposes hardware metadata mainly through the WEBGL_debug_renderer_info extension, which some browsers restrict. WebGPU exposes structured adapter info — vendor, architecture, device, driver — through a core API property with no extension needed. WebGPU also offers more capability limits, a cleaner feature set enumeration, and a compute-oriented output path for behavior-based hashing.
Does disabling JavaScript stop WebGPU fingerprinting?
Yes, WebGPU is a JavaScript API, so disabling JavaScript removes the surface. However, disabling JavaScript also breaks the vast majority of modern web applications, making it an impractical defense for most users.
