As a follow-on to these questions:
What unique fingerprinting information can an iOS7 app collect?
What unique device fingerprinting information can an iOS8 app collect?
What unique device fingerprinting information can an iOS9 app collect?
What unique fingerprinting information can an iOS 10 app collect?
What unique device fingerprinting information can an iOS 11 app collect?
Apple Progress since iOS 11:
re: Motion Sensors (accelerometer, gyroscope, magnetometer): "On iOS 12 12.2, Apple adopted our suggestion (§VI) and added random noise to the ADC outputs. Apple also removed access to motion sensors from Mobile Safari by default." SENSORID: Sensor Calibration Fingerprinting for Smartphones It's unclear if Apple removed access to motion sensors from apps, or if sensors are covered by the "Motion and Fitness" privacy setting.
In iOS 12, Apple has introduced device fingerprinting protections in Safari "by only sharing a simplified system profile". However, it's unclear the extent of these protections, and the extent to which they carry over to app web views or other app system profile access.
Other Open Questions:
As always there is basic system info available similar to what any web page can access: IP address, HTTP headers, etc. Many of these are low entropy or can be changed by the user through various means, but it may be possible to combine enough for a reasonable identification. Or for reasonable enough correlation for cross-device tracking.
It appears that apps can only get enhanced information about a Wi-Fi hotspot with a special entitlement from Apple (it's not clear to the layperson exactly what information). However, there does appear to be a way to obtain network name of the current Wi-Fi network, which is a problem because it can allow location tracking and therefore also correlations to other people or sensitive places. [See UPDATE below]
What uses exist of persistent data stores by apps, or by apps across an app group, that survive app (or app group) deletion? Are there any persistent data stores that survive device erase and restore, that can be accessed by an app after restore?
Are there any other fingerprinting vectors or open questions?
In general, what remaining device fingerprinting privacy / security vulnerabilities still exist as of iOS 12, particularly those that have no user settings or user actions that can thwart them?
UPDATE: Since it's late in the upgrade cycle, some new WWDC information on iOS 13:
Location access permission will be required to access the Wi-Fi AP name and MAC address (unless the app is the current VPN or hotspot app). p.86
User consent is now required for all CoreBluetooth API’s, "to find and connect to Bluetooth accessories, and allow your device to be found over Bluetooth." p.43