nyasa
BetaBrowser SDK that classifies sessions as human, authorized AI agent, or unauthorized bot. 24 signals, 6 detection rules, published to npm.
13
Behavioral Signals
8
Fingerprint Signals
6
Detection Rules
3
Actor Types
@devanshhq/nyasa
npm
ESM + IIFE
Bundle
Highlights
- →Built isLLMAgent detection using 7 independent behavioral signals including machine-speed keystroke bursts under 20ms and mouse stillness above 70%, catching LLM agents that pass every fingerprint check
- →Feature extraction layer computes 8 shared derived metrics once per session so no detection rule duplicates the same math or risks diverging from a sibling rule
- →Near-miss composition in isMultimodalBot reads sibling DetectionResults directly rather than re-sampling raw signals, eliminating an entire class of cross-rule inconsistency
- →Ships as ESM for bundlers and IIFE for script tags from a single tsup build, covering both install paths without forking the source
The Problem
CAPTCHA and device fingerprinting were built for a world where bots were clumsy. Today, LLM agents fill forms with realistic typing cadence, headless browsers patch out webdriver flags, and CAPTCHA farms solve challenges at $0.50 each. But the deeper issue is the actor model. Almost every detection system treats sessions as human or bot. That breaks in 2026 because there is now a third category: AI agents acting legitimately on behalf of real users. A shopping assistant, an automated onboarding flow, a fintech API integration. These look like bots by every traditional signal. Blocking them means turning away real business.
What I Built
Three-Actor Classification
Every session gets one verdict: Human (no rules fired), AuthorizedAgent (valid cryptographic identity claim via window.__nyasaAgentSignature or meta tag), or UnauthorizedBot (one or more rules fired). The third bucket is the product differentiation. Authorized AI agents are not threats and should not be blocked.
Behavioral Collectors (13)
Keystroke dwell and flight time, mouse path and curvature, touch, paste ratio, scroll depth, backspace corrections, click precision (center offset), session rhythm (burst-pause gaps), field-level timing, input origin (typed vs pasted vs dropped vs programmatic), file upload mechanics, and tab visibility. All attach to the mount element or document and accumulate silently.
Fingerprint Signals (8)
Webdriver and CDP markers, iframe vs parent plugin consistency, canvas fingerprint hash, WebGL renderer string (SwiftShader and LLVMpipe detection), audio fingerprint via OfflineAudioContext, incognito mode via storage quota probe, timezone vs navigator.language region consistency, and a persistent device UUID in localStorage with an isNew flag.
Detection Rules (6)
isHeadless catches automation markers. isScripted catches bot-like typing patterns. isLLMAgent catches LLM behavioral fingerprints via 7 signals including machine-speed bursts and mouse stillness. isAuthorizedAgent reads the agent signature claim. isUploadAutomation catches programmatic file attachment. isMultimodalBot catches cross-signal contradictions and near-miss compositions from sibling rules.
Client Verdict (noisy-OR scoring)
deriveVerdict applies noisy-OR weighting over fired rules. More rules firing increases confidence non-linearly. isAuthorizedAgent short-circuits to AuthorizedAgent when detected. Consumers get a verdict type, confidence score, and badge labels. Client-side triage only. The scoring API stays authoritative for production.
Dual Packaging and sendBeacon Delivery
Ships ESM for bundlers (Vite, webpack, esbuild) and IIFE for script-tag installs (window.BehaviorSDK) from one tsup build. Payload delivered via navigator.sendBeacon: non-blocking, survives page unload, cannot be cancelled. collect(selector, options) returns flush and stop handles for SPA flows without a form submit.
Tech Stack
All projects- TypeScript
- tsup
- Next.js
- Tailwind CSS
- Fumadocs
- npm
- Web APIs
Related Projects
Interested in working together?