vektor-slipstream 1.4.4 → 2.0.0

package/cloak-identity.js

@@ -1,484 +0,0 @@
-'use strict';
-
-/**
- * cloak-identity.js
- *
- * Persistent agent identity layer — full browser fingerprint storage,
- * not just cookies. Builds a convincing long-lived browser identity
- * that accumulates trust history on target sites.
- *
- * Stores per-identity:
- *   - User agent string (consistent Chrome version)
- *   - Viewport dimensions
- *   - WebGL renderer + vendor (spoofed consistently)
- *   - Canvas fingerprint noise seed (deterministic per identity)
- *   - Installed font set (subset of real fonts)
- *   - Timezone + locale + language
- *   - Hardware concurrency + device memory
- *   - Platform string
- *   - Screen dimensions + color depth
- *   - Cookie jar (per-domain)
- *   - Session history (URL visits with timestamps)
- *   - Creation date (age builds trust)
- *
- * Usage:
- *   const id = CloakIdentity.create('shopping-bot-1');
- *   await id.applyToPage(page);   // applies full fingerprint to Playwright page
- *   id.recordVisit('https://example.com');
- *   id.save();                    // persists to encrypted vault
- *
- *   const id2 = CloakIdentity.load('shopping-bot-1');
- *   await id2.applyToPage(page);  // same fingerprint, consistent identity
- */
-
-const crypto = require('crypto');
-const fs     = require('fs');
-const path   = require('path');
-const os     = require('os');
-
-const VAULT_DIR = path.join(os.homedir(), '.vektor', 'identities');
-const AES_KEY   = () => {
-  const keyPath = path.join(os.homedir(), '.vektor', 'identity.key');
-  if (fs.existsSync(keyPath)) return fs.readFileSync(keyPath);
-  const key = crypto.randomBytes(32);
-  fs.mkdirSync(path.dirname(keyPath), { recursive: true });
-  fs.writeFileSync(keyPath, key, { mode: 0o600 });
-  return key;
-};
-
-// ── Fingerprint pools (real-world distributions) ──────────────────────────────
-
-const UA_POOL = [
-  'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36',
-  'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36',
-  'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36',
-  'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
-  'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36',
-];
-
-const WEBGL_RENDERERS = [
-  { vendor: 'Google Inc. (NVIDIA)', renderer: 'ANGLE (NVIDIA, NVIDIA GeForce RTX 3070 Direct3D11 vs_5_0 ps_5_0, D3D11)' },
-  { vendor: 'Google Inc. (Intel)',  renderer: 'ANGLE (Intel, Intel(R) UHD Graphics 630 Direct3D11 vs_5_0 ps_5_0, D3D11)' },
-  { vendor: 'Google Inc. (AMD)',    renderer: 'ANGLE (AMD, AMD Radeon RX 580 Series Direct3D11 vs_5_0 ps_5_0, D3D11)' },
-  { vendor: 'Apple Inc.',           renderer: 'Apple M1' },
-  { vendor: 'Google Inc. (NVIDIA)', renderer: 'ANGLE (NVIDIA, NVIDIA GeForce GTX 1660 Direct3D11 vs_5_0 ps_5_0, D3D11)' },
-];
-
-const FONT_SETS = [
-  ['Arial', 'Arial Black', 'Comic Sans MS', 'Courier New', 'Georgia', 'Impact', 'Times New Roman', 'Trebuchet MS', 'Verdana', 'Calibri', 'Cambria', 'Segoe UI'],
-  ['Arial', 'Helvetica', 'Times New Roman', 'Courier New', 'Verdana', 'Georgia', 'Palatino', 'Garamond', 'Trebuchet MS', 'Arial Narrow'],
-  ['Arial', 'Arial Black', 'Courier New', 'Georgia', 'Impact', 'Lucida Console', 'Lucida Sans Unicode', 'Palatino Linotype', 'Tahoma', 'Times New Roman', 'Trebuchet MS', 'Verdana'],
-];
-
-const TIMEZONES = [
-  'America/New_York', 'America/Chicago', 'America/Los_Angeles', 'America/Denver',
-  'Europe/London', 'Europe/Paris', 'Europe/Berlin', 'Asia/Tokyo', 'Australia/Sydney',
-];
-
-const VIEWPORTS = [
-  { width: 1920, height: 1080 },
-  { width: 1440, height: 900  },
-  { width: 1366, height: 768  },
-  { width: 1280, height: 720  },
-  { width: 2560, height: 1440 },
-];
-
-const SCREEN_DEPTHS = [24, 24, 24, 32]; // weighted toward 24
-
-// ── CloakIdentity class ───────────────────────────────────────────────────────
-
-class CloakIdentity {
-  constructor(profile) {
-    this.profile = profile;
-  }
-
-  /**
-   * Create a new deterministic identity from a seed string.
-   * Same seed always produces the same fingerprint.
-   */
-  static create(name, seed = null) {
-    const identitySeed = seed || crypto.randomBytes(16).toString('hex');
-    const rng          = _seededRng(identitySeed);
-
-    const ua       = UA_POOL[rng(UA_POOL.length)];
-    const webgl    = WEBGL_RENDERERS[rng(WEBGL_RENDERERS.length)];
-    const fonts    = FONT_SETS[rng(FONT_SETS.length)];
-    const tz       = TIMEZONES[rng(TIMEZONES.length)];
-    const vp       = VIEWPORTS[rng(VIEWPORTS.length)];
-    const hwConc   = [2, 4, 4, 8, 8, 8, 12, 16][rng(8)];
-    const devMem   = [2, 4, 4, 8, 8, 16][rng(6)];
-    const platform = ua.includes('Windows') ? 'Win32' : ua.includes('Mac') ? 'MacIntel' : 'Linux x86_64';
-
-    const profile = {
-      name,
-      seed:              identitySeed,
-      createdAt:         new Date().toISOString(),
-      lastUsedAt:        null,
-      visitCount:        0,
-
-      // Browser identity
-      userAgent:         ua,
-      platform,
-      vendor:            'Google Inc.',
-      appVersion:        ua.replace('Mozilla/', ''),
-      language:          'en-US',
-      languages:         ['en-US', 'en'],
-
-      // Hardware
-      hardwareConcurrency: hwConc,
-      deviceMemory:      devMem,
-
-      // Screen
-      viewport:          vp,
-      screen: {
-        width:           vp.width,
-        height:          vp.height,
-        availWidth:      vp.width,
-        availHeight:     vp.height - 40, // taskbar
-        colorDepth:      SCREEN_DEPTHS[rng(SCREEN_DEPTHS.length)],
-        pixelDepth:      SCREEN_DEPTHS[rng(SCREEN_DEPTHS.length)],
-      },
-
-      // WebGL
-      webgl: {
-        vendor:   webgl.vendor,
-        renderer: webgl.renderer,
-      },
-
-      // Canvas noise seed (adds tiny deterministic noise to canvas fingerprint)
-      canvasNoiseSeed: rng(0xFFFFFF),
-
-      // Fonts
-      fonts,
-
-      // Timezone
-      timezone:      tz,
-      timezoneOffset: _tzOffset(tz),
-
-      // Plugin list (mimics real Chrome)
-      plugins: [
-        'PDF Viewer',
-        'Chrome PDF Viewer',
-        'Chromium PDF Viewer',
-        'Microsoft Edge PDF Viewer',
-        'WebKit built-in PDF',
-      ],
-
-      // Session data (accumulated over time)
-      cookies:    {},   // domain → cookie string
-      history:    [],   // [{ url, visitedAt, durationMs }]
-      trustScore: {},   // domain → estimated score
-    };
-
-    return new CloakIdentity(profile);
-  }
-
-  /**
-   * Load a saved identity by name.
-   */
-  static load(name) {
-    const filePath = path.join(VAULT_DIR, `${_sanitiseName(name)}.enc`);
-    if (!fs.existsSync(filePath)) return null;
-    try {
-      const enc     = fs.readFileSync(filePath);
-      const profile = _decrypt(enc);
-      return new CloakIdentity(profile);
-    } catch { return null; }
-  }
-
-  /**
-   * List all saved identities.
-   */
-  static list() {
-    if (!fs.existsSync(VAULT_DIR)) return [];
-    return fs.readdirSync(VAULT_DIR)
-      .filter(f => f.endsWith('.enc'))
-      .map(f => f.replace('.enc', ''));
-  }
-
-  /**
-   * Delete a saved identity.
-   */
-  static delete(name) {
-    const filePath = path.join(VAULT_DIR, `${_sanitiseName(name)}.enc`);
-    if (fs.existsSync(filePath)) fs.unlinkSync(filePath);
-  }
-
-  /**
-   * Apply this identity to a Playwright browser context/page.
-   * Call before page.goto().
-   */
-  async applyToPage(page) {
-    const p = this.profile;
-
-    // Set user agent
-    await page.setExtraHTTPHeaders({
-      'User-Agent':        p.userAgent,
-      'Accept-Language':   p.language,
-      'Accept':            'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',
-      'Accept-Encoding':   'gzip, deflate, br',
-      'Sec-CH-UA-Platform': `"${p.platform === 'Win32' ? 'Windows' : p.platform === 'MacIntel' ? 'macOS' : 'Linux'}"`,
-    });
-
-    // Inject fingerprint overrides via evaluateOnNewDocument
-    await page.addInitScript(({ profile }) => {
-      // Navigator overrides
-      Object.defineProperties(navigator, {
-        userAgent:           { get: () => profile.userAgent,           configurable: true },
-        platform:            { get: () => profile.platform,            configurable: true },
-        vendor:              { get: () => profile.vendor,              configurable: true },
-        language:            { get: () => profile.language,            configurable: true },
-        languages:           { get: () => profile.languages,           configurable: true },
-        hardwareConcurrency: { get: () => profile.hardwareConcurrency, configurable: true },
-        deviceMemory:        { get: () => profile.deviceMemory,        configurable: true },
-        webdriver:           { get: () => undefined,                   configurable: true },
-        plugins: {
-          get: () => {
-            const arr = profile.plugins.map(name => ({ name, filename: name.toLowerCase().replace(/ /g, '-') + '.dll' }));
-            arr.__proto__ = PluginArray.prototype;
-            return arr;
-          },
-          configurable: true,
-        },
-      });
-
-      // Screen overrides
-      Object.defineProperties(screen, {
-        width:       { get: () => profile.screen.width,       configurable: true },
-        height:      { get: () => profile.screen.height,      configurable: true },
-        availWidth:  { get: () => profile.screen.availWidth,  configurable: true },
-        availHeight: { get: () => profile.screen.availHeight, configurable: true },
-        colorDepth:  { get: () => profile.screen.colorDepth,  configurable: true },
-        pixelDepth:  { get: () => profile.screen.pixelDepth,  configurable: true },
-      });
-
-      // WebGL renderer spoofing
-      const getParam = WebGLRenderingContext.prototype.getParameter;
-      WebGLRenderingContext.prototype.getParameter = function(param) {
-        if (param === 37445) return profile.webgl.vendor;    // UNMASKED_VENDOR_WEBGL
-        if (param === 37446) return profile.webgl.renderer;  // UNMASKED_RENDERER_WEBGL
-        return getParam.call(this, param);
-      };
-      const getParam2 = WebGL2RenderingContext.prototype.getParameter;
-      WebGL2RenderingContext.prototype.getParameter = function(param) {
-        if (param === 37445) return profile.webgl.vendor;
-        if (param === 37446) return profile.webgl.renderer;
-        return getParam2.call(this, param);
-      };
-
-      // Canvas noise (deterministic per identity — consistent fingerprint)
-      const origToDataURL  = HTMLCanvasElement.prototype.toDataURL;
-      const origGetData    = CanvasRenderingContext2D.prototype.getImageData;
-      const seed           = profile.canvasNoiseSeed;
-      HTMLCanvasElement.prototype.toDataURL = function(...args) {
-        _addCanvasNoise(this, seed);
-        return origToDataURL.apply(this, args);
-      };
-      CanvasRenderingContext2D.prototype.getImageData = function(...args) {
-        const data = origGetData.apply(this, args);
-        // Add tiny deterministic noise to pixel values
-        for (let i = 0; i < data.data.length; i += 4) {
-          const noise = ((seed ^ i) & 0x3) - 1; // -1, 0, or 1
-          data.data[i]     = Math.max(0, Math.min(255, data.data[i]     + noise));
-          data.data[i + 1] = Math.max(0, Math.min(255, data.data[i + 1] + noise));
-          data.data[i + 2] = Math.max(0, Math.min(255, data.data[i + 2] + noise));
-        }
-        return data;
-      };
-
-      function _addCanvasNoise(canvas, seed) {
-        try {
-          const ctx = canvas.getContext('2d');
-          if (!ctx) return;
-          ctx.save();
-          ctx.globalAlpha = 0.002;
-          ctx.fillStyle = `rgb(${seed & 0xff},${(seed >> 8) & 0xff},${(seed >> 16) & 0xff})`;
-          ctx.fillRect(0, 0, 1, 1);
-          ctx.restore();
-        } catch { /* ignore */ }
-      }
-
-    }, { profile: p });
-
-    // Restore cookies if any
-    const domain = _extractDomain(page.url ? page.url() : '');
-    if (domain && p.cookies[domain]) {
-      try {
-        await page.context().addCookies(p.cookies[domain]);
-      } catch { /* ignore */ }
-    }
-  }
-
-  /**
-   * Apply identity to a Playwright BrowserContext (preferred — covers all pages).
-   */
-  async applyToContext(context) {
-    const p = this.profile;
-
-    await context.setExtraHTTPHeaders({
-      'User-Agent':      p.userAgent,
-      'Accept-Language': p.language,
-    });
-
-    await context.addInitScript(({ profile }) => {
-      Object.defineProperties(navigator, {
-        userAgent:           { get: () => profile.userAgent,           configurable: true },
-        platform:            { get: () => profile.platform,            configurable: true },
-        vendor:              { get: () => profile.vendor,              configurable: true },
-        language:            { get: () => profile.language,            configurable: true },
-        languages:           { get: () => profile.languages,           configurable: true },
-        hardwareConcurrency: { get: () => profile.hardwareConcurrency, configurable: true },
-        deviceMemory:        { get: () => profile.deviceMemory,        configurable: true },
-        webdriver:           { get: () => undefined,                   configurable: true },
-      });
-    }, { profile: p });
-
-    // Restore all saved cookies
-    const allCookies = Object.values(p.cookies).flat();
-    if (allCookies.length) {
-      try { await context.addCookies(allCookies); } catch { /* ignore */ }
-    }
-  }
-
-  /**
-   * Save cookies from a Playwright context back into this identity.
-   */
-  async saveCookiesFromContext(context) {
-    try {
-      const cookies = await context.cookies();
-      for (const cookie of cookies) {
-        const domain = cookie.domain.replace(/^\./, '');
-        if (!this.profile.cookies[domain]) this.profile.cookies[domain] = [];
-        // Upsert — replace if same name+domain
-        const idx = this.profile.cookies[domain].findIndex(
-          c => c.name === cookie.name && c.domain === cookie.domain
-        );
-        if (idx >= 0) this.profile.cookies[domain][idx] = cookie;
-        else this.profile.cookies[domain].push(cookie);
-      }
-    } catch { /* ignore */ }
-  }
-
-  /**
-   * Record a page visit in this identity's history.
-   * Builds session history that improves trust scores.
-   */
-  recordVisit(url, durationMs = null) {
-    this.profile.history.push({ url, visitedAt: new Date().toISOString(), durationMs });
-    this.profile.visitCount++;
-    this.profile.lastUsedAt = new Date().toISOString();
-
-    // Keep history to last 500 visits
-    if (this.profile.history.length > 500) {
-      this.profile.history = this.profile.history.slice(-500);
-    }
-  }
-
-  /**
-   * Get age of this identity in days.
-   * Older identities have higher trust scores.
-   */
-  get ageDays() {
-    const created = new Date(this.profile.createdAt);
-    return Math.floor((Date.now() - created.getTime()) / (1000 * 60 * 60 * 24));
-  }
-
-  /**
-   * Summary of this identity's trust profile.
-   */
-  get summary() {
-    return {
-      name:        this.profile.name,
-      ageDays:     this.ageDays,
-      visitCount:  this.profile.visitCount,
-      lastUsed:    this.profile.lastUsedAt,
-      ua:          this.profile.userAgent.slice(0, 60) + '...',
-      platform:    this.profile.platform,
-      webgl:       this.profile.webgl.renderer.slice(0, 50),
-      timezone:    this.profile.timezone,
-      domainsWithCookies: Object.keys(this.profile.cookies).length,
-    };
-  }
-
-  /**
-   * Persist this identity to the encrypted vault.
-   */
-  save() {
-    fs.mkdirSync(VAULT_DIR, { recursive: true, mode: 0o700 });
-    const encrypted = _encrypt(this.profile);
-    const filePath  = path.join(VAULT_DIR, `${_sanitiseName(this.profile.name)}.enc`);
-    fs.writeFileSync(filePath, encrypted, { mode: 0o600 });
-    return filePath;
-  }
-
-  /**
-   * Export identity as JSON (for backup/transfer).
-   */
-  export() {
-    return JSON.stringify(this.profile, null, 2);
-  }
-
-  /**
-   * Import identity from JSON string.
-   */
-  static import(json, overrideName = null) {
-    const profile = JSON.parse(json);
-    if (overrideName) profile.name = overrideName;
-    return new CloakIdentity(profile);
-  }
-}
-
-// ── Helpers ───────────────────────────────────────────────────────────────────
-
-/** Simple seeded PRNG (xorshift32) returning integers in [0, max) */
-function _seededRng(seed) {
-  let s = 0;
-  // Hash seed string to uint32
-  for (let i = 0; i < seed.length; i++) {
-    s = (Math.imul(31, s) + seed.charCodeAt(i)) | 0;
-  }
-  s = s >>> 0 || 1;
-  return function(max) {
-    s ^= s << 13; s ^= s >> 17; s ^= s << 5; s = s >>> 0;
-    return s % max;
-  };
-}
-
-function _sanitiseName(name) {
-  return name.replace(/[^a-zA-Z0-9_-]/g, '_').slice(0, 64);
-}
-
-function _extractDomain(url) {
-  try { return new URL(url).hostname; } catch { return ''; }
-}
-
-function _tzOffset(tz) {
-  const offsets = {
-    'America/New_York':    -300, 'America/Chicago':    -360,
-    'America/Los_Angeles': -480, 'America/Denver':     -420,
-    'Europe/London':       0,    'Europe/Paris':       60,
-    'Europe/Berlin':       60,   'Asia/Tokyo':         540,
-    'Australia/Sydney':    600,
-  };
-  return offsets[tz] || 0;
-}
-
-function _encrypt(obj) {
-  const key  = AES_KEY();
-  const iv   = crypto.randomBytes(16);
-  const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
-  const text   = JSON.stringify(obj);
-  const enc    = Buffer.concat([cipher.update(text, 'utf8'), cipher.final()]);
-  return Buffer.concat([iv, enc]);
-}
-
-function _decrypt(buf) {
-  const key   = AES_KEY();
-  const iv    = buf.slice(0, 16);
-  const enc   = buf.slice(16);
-  const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv);
-  const dec   = Buffer.concat([decipher.update(enc), decipher.final()]);
-  return JSON.parse(dec.toString('utf8'));
-}
-
-module.exports = { CloakIdentity };