Canvas/WebGL API tampering detected (getter override)
br.canvas_lie · convicts
What it catches
CreepJS lie-detection: HTMLCanvasElement.toDataURL.toString() must contain '[native code]'; a non-native override (a naive canvas-fingerprint blocker) lacks it. v0.74.22 FIRST LIVE POSITIVE: the new stealth CANVAS_LIE=1 evader (overrides toDataURL with a plain wrapper) tripped it through the live edge+detector; previously unexercised (constraint-#6 liability resolved). NEGATIVE: a plain STEALTH=1 run does NOT trip it, and zero of the 53 committed real/fleet captures do — a real toDataURL is native.
Signals it reads
browser.canvas_lie
How it fires
present
Evaders it caught 1
Bypassed by 10
Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.