JS-engine stack API (Error.stackTraceLimit = V8) contradicts the UA engine

br.engine_stack_vs_ua  ·  convicts

browserlayer
coherencecategory
1evaders caught

What it catches

CreepJS: a V8-only Error stack API; a Chrome UA without it (or a Firefox UA with it) is an engine spoof deeper than navigator.vendor. v0.74.27 FP FIX (GROUNDED on stock Firefox 152 + a real Mullvad Browser 140): the original discriminator was Error.captureStackTrace, but SpiderMonkey ADDED that natively in Firefox 122 (Jan 2024) — both real Firefoxes report it 'function', so the firefox arm convicted EVERY modern real Firefox/Tor/Mullvad (a convicting coherence FP; the committed Firefox captures missed it because Playwright's Firefox is Juggler-patched and camoufox pins an older build, both reporting it undefined). Switched to Error.stackTraceLimit, which stays V8-exclusive — grounded Chromium === 'number' (10), stock Firefox 152 === undefined, JSC has none — so it fixes the FP while PRESERVING both spoof directions (a V8 engine faking Firefox still trips it; a non-V8 engine faking Chrome still trips it). A Chromium-faking-Firefox is also independently caught by firefox_ua_nongecko (Gecko buildID).

Signals it reads

browser.engine_stack_mismatch

How it fires

present

Evaders it caught 1

Bypassed by 10

Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.

← all detections