🆔 Identity & Profile — Hardware Fingerprint & Browser Settings

Piggy generates a persistent hardware fingerprint and browser profile on first run. This ensures consistent identity across restarts and bypasses fingerprint-based bot detection.

⚠️ Version Requirement: Binary v0.1.14+ | Library v0.0.21+

---

Overview

Two files control Piggy's identity in your working directory:

File	Purpose	Edit Safely?
identity.json	Hardware fingerprint (CPU, RAM, GPU, timezone, noise seeds)	❌ No (but you can delete it)
profile.json	Browser settings (UA, images, JS, localStorage)	✅ Yes

Look at these files. This is why Cloudflare trusts us.

---

File Locations

Both files are saved in your working directory (where your script runs):

/home/user/my-scraper/
├── nothing-browser-headless
├── identity.json          ← Hardware fingerprint (DO NOT EDIT)
├── profile.json           ← Browser settings (SAFE TO EDIT)
├── cookies.json           ← Persistent cookies
├── ws.json                ← WebSocket frames (opt-in)
└── pings.json             ← Ping log (opt-in)

---

identity.json — Hardware Fingerprint

What It Looks Like (Real Example)

{
    "audio_seed": 0.9924607627410863,
    "canvas_seed": 0.1052501868035769,
    "chrome_version": 124,
    "cpu_cores": 4,
    "font_seed": 0.3462124848953487,
    "generated_at": "2026-05-18T13:48:00Z",
    "gpu_renderer": "ANGLE (Intel, Mesa Intel(R) HD Graphics 3000 (SNB GT2), OpenGL 4.6)",
    "gpu_vendor": "Google Inc. (Intel)",
    "identity_id": "2ed6562e-0db2-4603-a05c-6071b0a6fc10",
    "language": "en-US",
    "os": "Windows NT 10.0; Win64; x64",
    "pixel_ratio": 1,
    "platform": "Win32",
    "ram_gb": 8,
    "screen_h": 768,
    "screen_w": 1366,
    "sec_ch_ua": "\"Google Chrome\";v=\"124\", \"Chromium\";v=\"124\", \"Not-A.Brand\";v=\"99\"",
    "timezone": "Africa/Nairobi",
    "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36",
    "webgl_seed": 0.8038608544726111
}

What Each Field Means

Field	Source	Purpose
cpu_cores	std::thread::hardware_concurrency()	Browser fingerprint
ram_gb	System memory detection	Browser fingerprint
screen_w / screen_h	Primary display resolution	Viewport spoofing
pixel_ratio	Device pixel ratio	Screen fingerprint
gpu_vendor	OpenGL query	WebGL spoofing
gpu_renderer	OpenGL query	WebGL spoofing
timezone	System timezone	Timezone spoofing
os / platform	OS detection	Platform fingerprint
user_agent	Built from identity	HTTP + JS fingerprint
sec_ch_ua	Chrome Client Hints	Modern browser fingerprint
canvas_seed	Random (0-1)	Canvas fingerprint noise
audio_seed	Random (0-1)	Audio fingerprint noise
webgl_seed	Random (0-1)	WebGL fingerprint noise
font_seed	Random (0-1)	Font fingerprint noise
identity_id	UUID	Unique identity tracking
generated_at	ISO timestamp	When this identity was created

Why Cloudflare Trusts Us

Look at this file. It's not fake. It's not generic.

"gpu_renderer": "ANGLE (Intel, Mesa Intel(R) HD Graphics 3000 (SNB GT2), OpenGL 4.6)"

That's a real GPU renderer string. Not "Chrome". Not "HeadlessChrome". Real hardware.

"os": "Windows NT 10.0; Win64; x64"
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36..."

Real OS. Real Windows UA. Not a generic Linux headless string.

"cpu_cores": 4
"ram_gb": 8
"screen_w": 1366
"screen_h": 768

Real hardware specs from YOUR machine. Not a datacenter VM default.

This is why Cloudflare trusts Piggy. The fingerprint looks like a real person's computer — because it IS a real person's computer.

⚠️ DO NOT EDIT THIS FILE

┌─────────────────────────────────────────────────────────────────┐
│                                                                 │
│   WARNING: Do NOT modify identity.json manually                │
│                                                                 │
│   - Breaks fingerprint consistency                             │
│   - May make browser detectable                                │
│   - Invalid values cause crashes                               │
│                                                                 │
│   Delete it → Piggy regenerates fresh identity on next run     │
│   Keep it → Consistent fingerprint across restarts             │
│                                                                 │
└─────────────────────────────────────────────────────────────────┘

Reset Identity

# Stop Piggy
pkill nothing-browser-headless

# Delete identity.json
rm identity.json

# Restart — new identity generated
./nothing-browser-headless

Delete it as much as you want. Piggy will regenerate a fresh identity on next run. Looking at these files, you'll understand why Cloudflare trusts us.

---

profile.json — Browser Settings

What It Looks Like

{
    "imagesEnabled": true,
    "javascriptEnabled": true,
    "language": "en-US",
    "localStorageEnabled": true,
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36",
    "webglEnabled": true
}

What Each Field Does

Field	Type	Description
imagesEnabled	boolean	Load images on page
javascriptEnabled	boolean	Execute JavaScript
language	string	Browser language (Accept-Language header)
localStorageEnabled	boolean	Enable localStorage API
userAgent	string	Browser user agent string
webglEnabled	boolean	Enable WebGL (for fingerprinting)

✅ SAFE TO EDIT

You can modify profile.json while Piggy is running:

# 1. Stop or pause scraper
# 2. Edit profile.json
nano profile.json

# 3. If running, reload
await piggy.site.session.reload();

# 4. Changes take effect immediately

Common Profile Tweaks

Disable Images (Faster Scraping)

{
    "imagesEnabled": false
}

Change Language

{
    "language": "ja-JP",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
}

Note: Language change alone doesn't fully spoof locale. For full locale spoofing, you'd also need to modify identity.json (which you shouldn't). Delete identity.json and restart to regenerate with different language.

---

How Piggy Uses These Files

On First Run

1. identity.json is generated — reads real hardware values from your system
2. profile.json is created — built from identity values
3. Fingerprint spoofing is active — injected at DocumentCreation

On Subsequent Runs

1. Load existing identity.json — same fingerprint across restarts
2. Load profile.json — same browser settings
3. Continue scraping with consistent identity

Hot Reload

// After editing profile.json
await piggy.site.session.reload();
console.log("Profile reloaded!");

---

Real-World Examples

Example 1: Check Your Identity

import { readFileSync } from "fs";

const identity = JSON.parse(readFileSync("./identity.json", "utf-8"));
console.log("Your hardware fingerprint:");
console.log(`  CPU Cores: ${identity.cpu_cores}`);
console.log(`  RAM: ${identity.ram_gb}GB`);
console.log(`  Screen: ${identity.screen_w}x${identity.screen_h}`);
console.log(`  GPU: ${identity.gpu_renderer}`);
console.log(`  Timezone: ${identity.timezone}`);
console.log(`  Identity ID: ${identity.identity_id}`);

Example 2: Persistent Identity Across Restarts

// First run — identity.json generated
// Second run — same identity loaded automatically

await piggy.launch();

const fingerprint = await piggy.site.evaluate(() => ({
  userAgent: navigator.userAgent,
  platform: navigator.platform,
  webglVendor: document.createElement('canvas').getContext('webgl')?.getParameter(37445)
}));

console.log("Same fingerprint every run:", fingerprint);

Example 3: Different Identities for Different Projects

# Project A — uses its own identity
cd /home/user/project-a
./nothing-browser-headless  # Generates identity.json here

# Project B — separate identity
cd /home/user/project-b
./nothing-browser-headless  # Generates different identity.json here

Each project directory has its own identity.json and profile.json.

Example 4: Disable Images for Faster Scraping

# Edit profile.json
nano profile.json

{
    "imagesEnabled": false,
    "javascriptEnabled": true,
    "language": "en-US",
    "localStorageEnabled": true,
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36...",
    "webglEnabled": true
}

// Reload without restart
await piggy.site.session.reload();

// Images are now blocked — pages load faster
await piggy.site.navigate("https://image-heavy-site.com");

---

File Format Specifications

identity.json

interface Identity {
  audio_seed: number;           // 0-1 random seed for audio fingerprint
  canvas_seed: number;          // 0-1 random seed for canvas fingerprint
  chrome_version: number;       // Chrome version to spoof (e.g., 124)
  cpu_cores: number;            // 1-128
  font_seed: number;            // 0-1 random seed for font fingerprint
  generated_at: string;         // ISO timestamp
  gpu_renderer: string;         // Full GPU renderer string
  gpu_vendor: string;           // GPU vendor string
  identity_id: string;          // UUID v4
  language: string;             // BCP-47 language tag
  os: string;                   // Operating system string
  pixel_ratio: number;          // Device pixel ratio (1, 1.25, 1.5, 2, etc.)
  platform: string;             // Platform string (Win32, MacIntel, Linux x86_64)
  ram_gb: number;               // RAM in GB (0.5-512)
  screen_h: number;             // Screen height in pixels
  screen_w: number;             // Screen width in pixels
  sec_ch_ua: string;            // Sec-Ch-Ua header value
  timezone: string;             // IANA timezone (e.g., "Africa/Nairobi")
  user_agent: string;           // Full user agent string
  webgl_seed: number;           // 0-1 random seed for WebGL fingerprint
}

profile.json

interface Profile {
  imagesEnabled: boolean;       // Load images
  javascriptEnabled: boolean;   // Execute JavaScript
  language: string;             // Browser language
  localStorageEnabled: boolean; // Enable localStorage
  userAgent: string;            // User agent string
  webglEnabled: boolean;        // Enable WebGL
}

---

Troubleshooting

"identity.json not being generated"

Cause: Binary version too old or permissions issue

Fix:

# Check binary version
./nothing-browser-headless --version

# Ensure write permissions in current directory
chmod 755 .

"Different fingerprint on each run"

Cause: identity.json deleted or not readable

Fix: Keep identity.json — don't delete it between runs

"Website still detects automation"

Cause: Some bot detection looks for other signals

Check your fingerprint:

const fingerprint = await piggy.site.evaluate(() => ({
  webdriver: navigator.webdriver,
  plugins: navigator.plugins.length,
  languages: navigator.languages,
  webglVendor: document.createElement('canvas').getContext('webgl')?.getParameter(37445)
}));

console.log(fingerprint);
// webdriver: undefined ✅
// plugins: 3 ✅
// webglVendor: "Google Inc. (Intel)" ✅

"profile.json changes not applying"

Cause: Need to reload after editing

Fix:

await piggy.site.session.reload();

---

Why This Beats Puppeteer

Aspect	Puppeteer	Piggy
Fingerprint	Generic "HeadlessChrome"	Real hardware from YOUR machine
GPU string	Missing or fake	Real ANGLE renderer
Screen resolution	Fixed 800x600	Your actual screen size
CPU/RAM	Not spoofed	Your real CPU cores and RAM
Consistency	Same fake fingerprint for everyone	Unique per user
Cloudflare	❌ Blocked	✅ Passes

This is why Cloudflare trusts us. We don't look like a bot. We look like YOU.

---

Next Steps

• Cookies Hot Reload — Edit cookies while browser runs
• Session Persistence — Save WebSocket frames and pings
• Anti-Detection — Complete anti-detection guide

---

Nothing Ecosystem · Ernest Tech House · Kenya · 2026