@svrnsec/pulse 0.3.1 → 0.5.0

package/src/collector/canvas.js

@@ -0,0 +1,239 @@
+/**
+ * @sovereign/pulse — GPU Canvas Fingerprint
+ *
+ * Collects device-class signals from WebGL and 2D Canvas rendering.
+ * The exact pixel values of GPU-rendered scenes are vendor/driver-specific
+ * due to floating-point rounding in shader execution.  Virtual machines
+ * expose software renderers (LLVMpipe, SwiftShader, Microsoft Basic Render
+ * Driver) whose strings and output pixels are well-known and enumerable.
+ *
+ * NO persistent identifier is generated – only a content hash is retained.
+ */
+
+import { blake3Hex } from '../proof/fingerprint.js';
+
+// ---------------------------------------------------------------------------
+// Known software-renderer substrings (VM / headless environment indicators)
+// ---------------------------------------------------------------------------
+const SOFTWARE_RENDERER_PATTERNS = [
+  'llvmpipe', 'swiftshader', 'softpipe', 'mesa offscreen',
+  'microsoft basic render', 'vmware svga', 'virtualbox',
+  'parallels', 'angle (', 'google swiftshader',
+];
+
+// ---------------------------------------------------------------------------
+// collectCanvasFingerprint
+// ---------------------------------------------------------------------------
+
+/**
+ * @returns {Promise<CanvasFingerprint>}
+ */
+export async function collectCanvasFingerprint() {
+  const result = {
+    webglRenderer:      null,
+    webglVendor:        null,
+    webglVersion:       null,
+    webglPixelHash:     null,
+    canvas2dHash:       null,
+    extensionCount:     0,
+    extensions:         [],
+    isSoftwareRenderer: false,
+    available:          false,
+  };
+
+  if (typeof document === 'undefined' && typeof OffscreenCanvas === 'undefined') {
+    // Node.js / server-side with no DOM – skip gracefully.
+    return result;
+  }
+
+  // ── WebGL fingerprint ────────────────────────────────────────────────────
+  try {
+    const canvas = _createCanvas(512, 512);
+    let   gl     = canvas.getContext('webgl2') || canvas.getContext('webgl');
+
+    if (gl) {
+      result.webglVersion = gl instanceof WebGL2RenderingContext ? 2 : 1;
+      result.available    = true;
+
+      // Renderer info
+      const dbgInfo = gl.getExtension('WEBGL_debug_renderer_info');
+      if (dbgInfo) {
+        result.webglRenderer = gl.getParameter(dbgInfo.UNMASKED_RENDERER_WEBGL);
+        result.webglVendor   = gl.getParameter(dbgInfo.UNMASKED_VENDOR_WEBGL);
+      }
+
+      // Extension list (fingerprints driver capabilities)
+      const exts = gl.getSupportedExtensions() ?? [];
+      result.extensions    = exts;
+      result.extensionCount = exts.length;
+
+      // Software-renderer detection
+      const rendererLc = (result.webglRenderer ?? '').toLowerCase();
+      result.isSoftwareRenderer = SOFTWARE_RENDERER_PATTERNS.some(p =>
+        rendererLc.includes(p)
+      );
+
+      // ── Render a Mandelbrot fragment scene ───────────────────────────────
+      // Floating-point precision differences in the GPU's shader ALU cause
+      // per-pixel rounding variations that are stable per device but differ
+      // across GPU vendors, driver versions, and software renderers.
+      const pixels = _renderMandelbrot(gl, canvas);
+      result.webglPixelHash = pixels ? blake3Hex(pixels) : null;
+
+      gl.getExtension('WEBGL_lose_context')?.loseContext();
+    }
+  } catch (_) {
+    // WebGL blocked (privacy settings, etc.) – continue with 2D canvas.
+  }
+
+  // ── 2D Canvas fingerprint ────────────────────────────────────────────────
+  try {
+    const c2   = _createCanvas(200, 50);
+    const ctx2 = c2.getContext('2d');
+
+    if (ctx2) {
+      // Text rendering differences: font hinting, subpixel AA, emoji rasterisation
+      ctx2.textBaseline = 'top';
+      ctx2.font         = '14px Arial, sans-serif';
+      ctx2.fillStyle    = 'rgba(102,204,0,0.7)';
+      ctx2.fillText('Cwm fjordbank glyphs vext quiz 🎯', 2, 5);
+
+      // Shadow compositing (driver-specific blur kernel)
+      ctx2.shadowBlur   = 10;
+      ctx2.shadowColor  = 'blue';
+      ctx2.fillStyle    = 'rgba(255,0,255,0.5)';
+      ctx2.fillRect(100, 25, 80, 20);
+
+      // Bezier curve (Bézier precision varies per 2D canvas implementation)
+      ctx2.beginPath();
+      ctx2.moveTo(10, 40);
+      ctx2.bezierCurveTo(30, 0, 70, 80, 160, 30);
+      ctx2.strokeStyle = 'rgba(0,0,255,0.8)';
+      ctx2.lineWidth   = 1.5;
+      ctx2.stroke();
+
+      const dataUrl = c2.toDataURL('image/png');
+      // Hash the data URL (not storing raw image data)
+      const enc = new TextEncoder().encode(dataUrl);
+      result.canvas2dHash = blake3Hex(enc);
+
+      result.available = true;
+    }
+  } catch (_) {
+    // 2D canvas blocked.
+  }
+
+  return result;
+}
+
+/**
+ * @typedef {object} CanvasFingerprint
+ * @property {string|null}  webglRenderer
+ * @property {string|null}  webglVendor
+ * @property {1|2|null}     webglVersion
+ * @property {string|null}  webglPixelHash
+ * @property {string|null}  canvas2dHash
+ * @property {number}       extensionCount
+ * @property {string[]}     extensions
+ * @property {boolean}      isSoftwareRenderer
+ * @property {boolean}      available
+ */
+
+// ---------------------------------------------------------------------------
+// Internal helpers
+// ---------------------------------------------------------------------------
+
+function _createCanvas(w, h) {
+  if (typeof OffscreenCanvas !== 'undefined') {
+    return new OffscreenCanvas(w, h);
+  }
+  const c = document.createElement('canvas');
+  c.width  = w;
+  c.height = h;
+  return c;
+}
+
+/**
+ * Render a Mandelbrot set fragment using WebGL and read back pixels.
+ * The number of iterations is fixed (100) so that rounding differences in
+ * the smooth-colouring formula are the primary source of per-GPU variation.
+ *
+ * @param {WebGLRenderingContext} gl
+ * @param {HTMLCanvasElement|OffscreenCanvas} canvas
+ * @returns {Uint8Array|null}
+ */
+function _renderMandelbrot(gl, canvas) {
+  const W = canvas.width;
+  const H = canvas.height;
+
+  // Vertex shader – full-screen quad
+  const vsSource = `
+    attribute vec4 a_pos;
+    void main() { gl_Position = a_pos; }
+  `;
+
+  // Fragment shader – Mandelbrot with smooth colouring
+  // Floating-point precision in the escape-radius and log() calls differs
+  // between GPU vendors / drivers, producing per-device pixel signatures.
+  const fsSource = `
+    precision highp float;
+    uniform vec2 u_res;
+    void main() {
+      vec2 uv  = (gl_FragCoord.xy / u_res - 0.5) * 3.5;
+      uv.x    -= 0.5;
+      vec2 c   = uv;
+      vec2 z   = vec2(0.0);
+      float n  = 0.0;
+      for (int i = 0; i < 100; i++) {
+        if (dot(z, z) > 4.0) break;
+        z = vec2(z.x*z.x - z.y*z.y, 2.0*z.x*z.y) + c;
+        n += 1.0;
+      }
+      float smooth_n = n - log2(log2(dot(z,z))) + 4.0;
+      float t = smooth_n / 100.0;
+      gl_FragColor = vec4(0.5 + 0.5*cos(6.28318*t + vec3(0.0, 0.4, 0.7)), 1.0);
+    }
+  `;
+
+  const vs = _compileShader(gl, gl.VERTEX_SHADER,   vsSource);
+  const fs = _compileShader(gl, gl.FRAGMENT_SHADER, fsSource);
+  if (!vs || !fs) return null;
+
+  const prog = gl.createProgram();
+  gl.attachShader(prog, vs);
+  gl.attachShader(prog, fs);
+  gl.linkProgram(prog);
+  if (!gl.getProgramParameter(prog, gl.LINK_STATUS)) return null;
+
+  gl.useProgram(prog);
+
+  // Full-screen quad
+  const buf = gl.createBuffer();
+  gl.bindBuffer(gl.ARRAY_BUFFER, buf);
+  gl.bufferData(gl.ARRAY_BUFFER,
+    new Float32Array([-1,-1, 1,-1, -1,1, 1,1]), gl.STATIC_DRAW);
+  const loc = gl.getAttribLocation(prog, 'a_pos');
+  gl.enableVertexAttribArray(loc);
+  gl.vertexAttribPointer(loc, 2, gl.FLOAT, false, 0, 0);
+
+  const resLoc = gl.getUniformLocation(prog, 'u_res');
+  gl.uniform2f(resLoc, W, H);
+
+  gl.viewport(0, 0, W, H);
+  gl.drawArrays(gl.TRIANGLE_STRIP, 0, 4);
+
+  // Read back a 64×64 centre crop (reduces data without losing discriminating power)
+  const x0 = Math.floor((W - 64) / 2);
+  const y0 = Math.floor((H - 64) / 2);
+  const pixels = new Uint8Array(64 * 64 * 4);
+  gl.readPixels(x0, y0, 64, 64, gl.RGBA, gl.UNSIGNED_BYTE, pixels);
+
+  return pixels;
+}
+
+function _compileShader(gl, type, source) {
+  const s = gl.createShader(type);
+  gl.shaderSource(s, source);
+  gl.compileShader(s);
+  return gl.getShaderParameter(s, gl.COMPILE_STATUS) ? s : null;
+}

package/src/collector/dram.js

@@ -0,0 +1,203 @@
+/**
+ * @sovereign/pulse — DRAM Refresh Cycle Detector
+ *
+ * DDR4 DRAM refreshes every 7.8 ms (tREFI per JEDEC JESD79-4). During a
+ * refresh, the memory controller stalls all access requests for ~350 ns.
+ * In a tight sequential memory access loop this appears as a periodic
+ * slowdown — detectable as a ~128Hz peak in the autocorrelation of access
+ * timings.
+ *
+ * Virtual machines do not have physical DRAM. The hypervisor's memory
+ * subsystem does not reproduce the refresh cycle because:
+ *   1. The guest never touches real DRAM directly — there is always a
+ *      hypervisor-controlled indirection layer.
+ *   2. EPT/NPT (Extended/Nested Page Tables) absorb the timing.
+ *   3. The hypervisor's memory balloon driver further smooths access latency.
+ *
+ * What we detect
+ * ──────────────
+ *   refreshPeriodMs     estimated DRAM refresh period (should be ~7.8ms on real DDR4)
+ *   refreshPresent      true if the ~7.8ms periodicity is statistically significant
+ *   peakLag             autocorrelation lag with the highest power (units: sample index)
+ *   peakPower           autocorrelation power at peakLag (0–1)
+ *   verdict             'dram' | 'virtual' | 'ambiguous'
+ *
+ * Calibration
+ * ───────────
+ * We allocate a buffer large enough to exceed all CPU caches (typically
+ * L3 = 8–32 MB on consumer parts). Sequential reads then go to DRAM, not
+ * cache. The refresh stall is only visible when we're actually hitting DRAM —
+ * a cache-resident access loop shows no refresh signal.
+ *
+ * Buffer size: 64 MB — comfortably above L3 on all tested platforms.
+ * Sampling interval: ~1 ms per iteration (chosen to resolve 7.8ms at ≥8 pts).
+ * Total probe time: ~400 ms — well within the fingerprint collection window.
+ */
+
+const DRAM_REFRESH_MS    = 7.8;   // JEDEC DDR4 nominal
+const DRAM_REFRESH_SLACK = 1.5;   // ±1.5 ms acceptable range for real hardware
+const BUFFER_MB          = 64;    // must exceed L3 cache
+const PROBE_ITERATIONS   = 400;   // ~400 ms total
+
+/* ─── collectDramTimings ─────────────────────────────────────────────────── */
+
+/**
+ * @param {object} [opts]
+ * @param {number} [opts.iterations=400]
+ * @param {number} [opts.bufferMb=64]
+ * @returns {{ timings: number[], refreshPeriodMs: number|null,
+ *             refreshPresent: boolean, peakLag: number, peakPower: number,
+ *             verdict: string }}
+ */
+export function collectDramTimings(opts = {}) {
+  const {
+    iterations = PROBE_ITERATIONS,
+    bufferMb   = BUFFER_MB,
+  } = opts;
+
+  // ── Allocate cache-busting buffer ────────────────────────────────────────
+  const nElements  = (bufferMb * 1024 * 1024) / 8;  // 64-bit doubles
+  let   buf;
+
+  try {
+    buf = new Float64Array(nElements);
+    // Touch every cache line to ensure OS actually maps the pages
+    const stride = 64 / 8; // 64-byte cache lines, 8 bytes per element
+    for (let i = 0; i < nElements; i += stride) buf[i] = i;
+  } catch {
+    // Allocation failure (memory constrained) — cannot run this probe
+    return _noSignal('buffer allocation failed');
+  }
+
+  // ── Sequential access loop ───────────────────────────────────────────────
+  // Each iteration does a full sequential pass over `passElements` worth of
+  // the buffer. Pass size is tuned so each iteration takes ~1 ms wall-clock,
+  // giving us enough resolution to see the 7.8 ms refresh cycle.
+  //
+  // We start with a small pass and auto-calibrate to hit the 1 ms target.
+  const passElements = _calibratePassSize(buf);
+
+  const timings = new Float64Array(iterations);
+  let   checksum = 0;
+
+  for (let iter = 0; iter < iterations; iter++) {
+    const t0 = performance.now();
+    for (let i = 0; i < passElements; i++) checksum += buf[i];
+    timings[iter] = performance.now() - t0;
+  }
+
+  // Prevent dead-code elimination
+  if (checksum === 0) buf[0] = 1;
+
+  // ── Autocorrelation over timings ─────────────────────────────────────────
+  // The refresh stall appears as elevated autocorrelation at lag ≈ 7.8 / Δt
+  // where Δt is the mean iteration time in ms.
+  const meanIterMs = _mean(timings);
+  if (meanIterMs <= 0) return _noSignal('zero mean iteration time');
+
+  const targetLag  = Math.round(DRAM_REFRESH_MS / meanIterMs);
+  const maxLag     = Math.min(Math.round(50 / meanIterMs), iterations >> 1);
+
+  const ac = _autocorr(Array.from(timings), maxLag);
+
+  // Find the peak in the range [targetLag ± slack]
+  const slackLags = Math.round(DRAM_REFRESH_SLACK / meanIterMs);
+  const lagLo     = Math.max(1, targetLag - slackLags);
+  const lagHi     = Math.min(maxLag, targetLag + slackLags);
+
+  let peakPower = -Infinity;
+  let peakLag   = targetLag;
+  for (let l = lagLo; l <= lagHi; l++) {
+    if (ac[l - 1] > peakPower) {
+      peakPower = ac[l - 1];
+      peakLag   = l;
+    }
+  }
+
+  // Baseline: average autocorrelation outside the refresh window
+  const baseline = _mean(
+    Array.from({ length: maxLag }, (_, i) => ac[i])
+      .filter((_, i) => i + 1 < lagLo || i + 1 > lagHi)
+  );
+
+  const snr              = baseline > 0 ? peakPower / baseline : 0;
+  const refreshPresent   = peakPower > 0.15 && snr > 1.8;
+  const refreshPeriodMs  = refreshPresent ? peakLag * meanIterMs : null;
+
+  const verdict =
+    refreshPresent && refreshPeriodMs !== null &&
+    Math.abs(refreshPeriodMs - DRAM_REFRESH_MS) < DRAM_REFRESH_SLACK
+      ? 'dram'
+      : peakPower < 0.05
+        ? 'virtual'
+        : 'ambiguous';
+
+  return {
+    timings:         Array.from(timings),
+    refreshPeriodMs,
+    refreshPresent,
+    peakLag,
+    peakPower:       +peakPower.toFixed(4),
+    snr:             +snr.toFixed(2),
+    meanIterMs:      +meanIterMs.toFixed(3),
+    verdict,
+  };
+}
+
+/* ─── helpers ────────────────────────────────────────────────────────────── */
+
+function _noSignal(reason) {
+  return {
+    timings: [], refreshPeriodMs: null, refreshPresent: false,
+    peakLag: 0, peakPower: 0, snr: 0, meanIterMs: 0,
+    verdict: 'ambiguous', reason,
+  };
+}
+
+/**
+ * Run a quick calibration pass to find how many elements to read per
+ * iteration so each iteration takes approximately 1 ms.
+ */
+function _calibratePassSize(buf) {
+  const target  = 1.0; // ms
+  let   n       = Math.min(100_000, buf.length);
+  let   elapsed = 0;
+  let   dummy   = 0;
+
+  // Warm up
+  for (let i = 0; i < n; i++) dummy += buf[i];
+
+  // Measure
+  const t0 = performance.now();
+  for (let i = 0; i < n; i++) dummy += buf[i];
+  elapsed = performance.now() - t0;
+  if (dummy === 0) buf[0] = 1; // prevent DCE
+
+  if (elapsed <= 0) return n;
+  return Math.min(buf.length, Math.round(n * (target / elapsed)));
+}
+
+function _mean(arr) {
+  if (!arr.length) return 0;
+  return arr.reduce((s, v) => s + v, 0) / arr.length;
+}
+
+function _autocorr(data, maxLag) {
+  const n    = data.length;
+  const mean = _mean(data);
+  let   v    = 0;
+  for (let i = 0; i < n; i++) v += (data[i] - mean) ** 2;
+  v /= n;
+
+  const result = new Float64Array(maxLag);
+  if (v < 1e-14) return result;
+
+  for (let lag = 1; lag <= maxLag; lag++) {
+    let cov = 0;
+    for (let i = 0; i < n - lag; i++) {
+      cov += (data[i] - mean) * (data[i + lag] - mean);
+    }
+    result[lag - 1] = cov / ((n - lag) * v);
+  }
+  return result;
+}