# mochi.js

> A Bun-native, raw-CDP browser automation framework that generates relationally-coherent fingerprints to evade detection probes, with behavioral synthesis and Chromium-native fetch.

mochi.js is a Bun-native browser automation framework built on raw Chrome DevTools Protocol (CDP) that produces stealth sessions indistinguishable from real Chrome. It derives every fingerprint surface — canvas, WebGL, audio, fonts, MediaDevices, WebGPU — from a single (profile, seed) pair through a 48-rule DAG, ensuring relational consistency across all detection vectors. Released under the MIT license, it targets developers who need to automate Chromium without leaving measurable traces for anti-bot systems.

- **Relational Consistency Engine** — *every fingerprint surface derives from a single (profile, seed) pair via a 48-rule DAG, eliminating mismatched "Frankenstein" fingerprints across canvas, WebGL, audio, fonts, and more.*
- **Chromium-native Fetch** — *`session.fetch()` routes through Chromium itself via CDP, so JA4/JA3/H2 signatures are real Chrome by definition — no parallel HTTP layer or FFI required.*
- **Behavioral Synthesis** — *`humanClick`, `humanType`, and `humanScroll` use biomechanical models (Bezier paths with overshoot/correction, Fitts-law timing, lognormal digraph delays) parameterized by hand, tremor, wpm, and scrollStyle profiles.*
- **Probe-Manifest Harness** — *captured baselines from real devices live in the repo; every PR diffs the live session's Probe Manifest against the baseline, with Zero-Diff enforced as a CI gate.*
- **Turnstile Challenge Handling** — *built-in `autoClick` for visible-checkbox Turnstile with an `onEscalation` callback for harder variants.*
- **Custom Init Scripts** — *inject JIT-friendly proxy traps before any page script runs via `page.addInitScript()`, removable at any time with `page.removeInitScript()`.*
- **One Coherent Stack** — *replaces the typical hand-stitched pipeline (Patchright + fingerprint-injector + curl-impersonate) with a single library; Bun-only, no Node, no Python sidecars, no proprietary bits.*
- **Playwright-compatible API** — *familiar `session.newPage()`, `page.goto()`, and `page.evaluate()` muscle memory with none of the fingerprint leakage.*

To get started, install with `bun add @mochi.js/core`, then call `mochi.launch({ profile, seed })` to boot a stealth browser session in three lines.

## Features
- Relational consistency engine (48-rule DAG)
- Chromium-native fetch via CDP
- Behavioral synthesis (humanClick, humanType, humanScroll)
- Probe-Manifest CI harness with Zero-Diff gate
- Turnstile challenge auto-click with escalation callback
- Custom init script injection and removal
- Profile-parameterized fingerprints (hand, tremor, wpm, scrollStyle)
- Bun-native runtime (no Node, no Python sidecars)
- MIT licensed open source
- Stock Chromium — no patched browser binary

## Integrations
Bun, Chromium, Chrome DevTools Protocol (CDP), Turnstile

## Platforms
WINDOWS, MACOS, LINUX, API, DEVELOPER_SDK, CLI

## Pricing
Open Source

## Version
0.9.3

## Links
- Website: https://mochijs.com
- Documentation: https://mochijs.com/docs/getting-started/install
- Repository: https://github.com/0xchasercat/mochi
- EveryDev.ai: https://www.everydev.ai/tools/mochijs