Agent-First Browser

We rebuilt Chrome from scratch.
For agents, not humans.

Every browser today was designed for people clicking buttons. We ripped out the parts agents don't need and rebuilt the rest in C++ — 18 Chromium patches, a custom CDP domain invisible to every anti-bot system on the internet, and a page understanding engine that tells your agent exactly what every element does before it touches anything. No JavaScript injection. No DOM polling. No detection. Just a browser that sees the web the way an agent should.

Live BenchmarksData from browser.arena.academy

#1 on Browser Arena

Head-to-head against BrowserBase, Anchor, and Kernel on real websites with real anti-bot protection. TinyFish dominates every metric.

Average page load time (ms) — lower is betterTinyFish1,461msKernel3,703msAnchor5,898msBrowserBase13,458msTinyFish: 9.2× faster than BrowserBase
Win Rate
0%
Arena head-to-head wins
Page Load
0ms
72.5% faster than mean
Memory Footprint
0MB
Per browser session
Cost / Run
0.00¢
663× cheaper than BrowserBase
ProviderPage LoadWin RateData TransferCost/Run
TinyFish1,461ms95%7.7 KB0.007¢
Kernel3,703ms163 KB0.082¢
Anchor5,898ms428 KB2.80¢
BrowserBase13,458ms1,117 KB4.65¢

Browser Arena runs identical tasks on real websites with production anti-bot protection. Each provider gets the same URLs, same actions, same success criteria. TinyFish's custom C++ browser delivers 9× faster page loads at a fraction of the cost.

Why Build a Custom Browser?

Standard automation tools inject JavaScript, subscribe to CDP events, and poll the DOM. Every one of those operations is a detection vector and a performance penalty. We eliminated all of them.

Page observation latency (ms) — lower is betterStandard PuppeteerRuntime.evaluate + DOM query200msPlaywrightJS injection + selector engine150msAgent.extractABoxSingle C++ call, zero JS15msPage observation speedup: 10-13x
Zero JavaScript Injection

100% C++ Custom Logic

Every Agent.* command runs in Blink's C++ rendering engine. No eval(), no injected scripts, no MutationObservers. The page's JS context is never touched — invisible to anti-bot detection AND faster because there's no JS-to-C++ bridge overhead.

One Round-Trip

Single Call = Full Page

One Agent.extractABox call returns everything: all interactive elements (50+ fields each), page structure, scroll info, blocking overlays, content markdown. Standard tools need 10-50 separate DOM queries. One round-trip vs many.

Blink-Level Probes

Native Settle Detection

Blink-level probes monitor DOM mutations, network requests, and microtask queues. No setTimeout polling. No arbitrary 2-second waits. The browser itself tells you when the page is done reacting. Average settle: 200-400ms instead of 2000-5000ms fixed waits.

ABox Extraction
<0ms
Single C++ call
Settle Detection
~0ms
avg vs 2-5s polling
Cold Start
<0ms
Session ready
Memory Footprint
~0MB
Per session

Core Capabilities

Invisible to Detection

Custom Agent.* CDP domain is invisible to anti-bot systems. 28 fingerprint mechanisms hardened at the C++ level. Passes DataDome, Akamai, and PerimeterX on production sites including Expedia, American Airlines, and BrowserScan.

28 Mechanisms5 Layers
Understands Every Element

ABox extraction returns 50+ fields per element including action types, settle hints, fingerprints, and interaction modes. Know what an element does — form submit, trigger API, open datepicker — before touching it. No DOM queries needed.

50+ FieldsC++ Extraction
Learns & Replays

Codification system learns site patterns, builds state machines from observed page transitions, and replays workflows with 3-layer element resolution. Fingerprint match first, behavioral verification second, LLM fallback third. Gets better with every visit.

AdaptiveState Machines

Architecture Flow

Every agent command flows through a clean pipeline. No event subscriptions, no long-lived connections — pull-based request/response all the way down.

ABox JSON responseGatewayPython aiohttpWebSocketCDP transportChrome 14518 patchesAgent.* CDP24 commandsWebData FlowRequest (Agent command)Response (ABox / result)Sessions, proxies, replayBinary CDP protocolBlink rendering engineC++ extraction logic

Key Metrics

Stealth Mechanisms
0
Across 5 detection layers
CDP Commands
0
20 commands + 4 events
ABox Fields
0+
Per interactive element
Chromium Patches
0
Applied to Chrome 145

Detection Test Results

SiteProtectionResult
ExpediaDataDome5/5 pass
AA.comAkamai100% (112 actions)
BrowserScanBot detection suite"Normal"
SannySoftHeadless detection testsAll passed
TLS JA4Fingerprint analysisMatches real Chrome

Standard CDP vs Agent.* Domain

Standard CDP (Detected)Agent.* Domain (Invisible)
Page.navigateAgent.navigate
Runtime.evaluateAgent.extractABox
DOM.querySelector(not needed — ABox returns all)
Network.enable(no subscription needed)
Page.enable(no events, pull-based)
Input.dispatchMouseEventAgent.click
Input.dispatchKeyEventAgent.type

Standard CDP domains are detection vectors — anti-bot systems check for CDP usage via JavaScript timing, object presence, and protocol events. The Agent.* domain operates entirely at the C++ level, never exposing itself to page JavaScript. The only standard CDP call allowed is Page.captureScreenshot (one-shot, no Page.enable needed).

5-Layer Stealth Stack

Detection evasion is not a single trick — it is five concentric layers, each handling a different class of detection signal. A failure at any layer exposes the agent.

STEALTH28 mechanismsL5: OperationalL4: NetworkL3: CDP InvisibilityL2: API SpoofingL1: Fingerprint HardeningTraffic patternsC++ proxy authAgent.* domain onlywindow.chromeCanvas
L5
Operational

Human-like timing, variable delays, mouse jitter, realistic viewport sizes

L4
Network

C++ HttpAuthController for proxy, 49K domain filter, WebRTC IP leak prevention

L3
CDP Invisible

Agent.* domain only. No Page.enable, Network.enable, or Runtime.evaluate

L2
API Spoofing

window.chrome shimmed, navigator.webdriver removed, plugins array populated

L1
Fingerprint

Canvas noise, WebGL params, font enumeration, AudioContext, ClientRects

Design Philosophy

Observe First, Act Second

Every interaction starts with ABox extraction. The agent sees all interactive elements, their types, predicted behaviors, and settle times before taking any action. No blind clicking, no querySelector guessing.

Pull-based observation

Pull-Based, Not Event-Based

No event subscriptions, no Page.enable, no Network.enable. Every CDP call is one-shot: request data, get response. This eliminates the protocol-level fingerprint that anti-bot systems use to detect automation.

Zero subscriptions

C++ All The Way Down

Agent.* commands execute in Blink's C++ layer, not via JavaScript injection. No Runtime.evaluate, no injected scripts, no MutationObservers. The page's JavaScript context is never modified.

Blink-native

Settle-Aware Actions

Actions don't just fire and return. They wait for the page to settle — DOM mutations stop, network quiets, microtasks drain. The agent gets the post-action state, not a half-loaded page.

200-400ms avg

Active Projects

Current engineering focus areas and their status.

Settlement ImprovementsIn Progress

Reducing average settle time, improving DOM mutation probe accuracy, and adding network-quiet heuristics for SPAs.

ABox Deep ProbeIn Progress

Extending element classification with deeper V8 source scanning, shadow DOM support, and iframe traversal.

Stealth HardeningShipped

28 stealth mechanisms across 5 layers. Passing DataDome, Akamai, PerimeterX, BrowserScan, and SannySoft.

IP Proxy / JITIn Progress

Dynamic proxy switching per-request via content_shell. JIT proxy resolution with geo-targeting and rotation pools.

PerformancePlanned

ABox extraction optimization, memory pool tuning, session pre-warming, and binary size reduction.

Horizontal ScalePlanned

Multi-instance gateway, session migration, load balancing across Chrome instances, and health monitoring.