A new browser automation library called Mochi.js has arrived on GitHub, offering a Bun-native framework built on raw Chrome DevTools Protocol. Unlike traditional tools like Playwright and Puppeteer that leave measurable fingerprints, Mochi.js generates relationally-coherent browser sessions from a single profile and seed pair through a 48-rule directed acyclic graph. Every fingerprint surface—canvas, WebGL, audio, fonts, and MediaDevices—derives from this unified system, preventing the "Frankenstein" problem where mismatched signals (like a Mac user agent paired with Linux WebGL) trigger detection.

The library includes behavioral synthesis that simulates human interaction using Bezier curves with overshoot and correction, Fitts-law movement times, and lognormal digraph delays for typing. Network requests route through Chromium itself via CDP rather than a parallel HTTP layer, producing authentic Chrome JA4/JA3/H2 fingerprints by default. The developer claims the tool solves Turnstile automatically and achieved a suspect_score of 8 against FingerprintJS Pro v4 on a Linux datacenter IP.

The project is MIT-licensed and runs on stock Chromium with no proprietary components. The developer frames the tool as a philosophical response to the bot detection industry, arguing that WAFs extract data from user hardware without consent—a practice they characterize as "trespassing." While the tool aims to bypass security measures, the author emphasizes it's designed for legitimate automation use cases rather than malicious activity.