Unless the ad provider proxy the site instead of the ads. That way they get more control/data.

It's only a matter of time before someone develops a wasm browser engine that renders to canvas and provides "trusted" delivery of ad assets over a websocket.

How could that be any more “trusted” than doing it without wasm and websocket?

As long as the user still has control over their machine (i.e. the browser) this approach doesn't work very well. You can't really run trusted code on an untrusted machine.

No, it does work well. When they deliver the website as obfuscated binary code, it's much harder for user to change its behavior. Notice parent quoted the word "trusted" so you disagree with something other than they meant.

That would be nice since you could just block canvas by default and only allow it for a few site that have legitimate use for it.

like AMP

That’s great if you’re right, because it means it is a fundamental limitation that can’t easily be worked around.

They will work around it by being your DNS provider and proxy for your site.