This work addresses the limitations of existing differential privacy (DP) auditing methods, which predominantly rely on batch sampling and are confined to $(\varepsilon, \delta)$-DP, thereby failing to comprehensively evaluate privacy guarantees under $f$-DP. To overcome this, we propose the first adaptive sequential auditing framework capable of full-spectrum privacy behavior detection for $f$-DP mechanisms without requiring a pre-specified sample size. Our approach operates in both white-box and black-box settings and constructs a sequential hypothesis test grounded in statistical significance theory, leveraging the trade-off function inherent to $f$-DP to identify privacy violations. Theoretical analysis and empirical evaluations demonstrate that our method significantly reduces sampling costs while maintaining statistical power, achieving substantial efficiency gains—particularly in high-overhead scenarios such as DP-SGD—by markedly decreasing the number of required samples.

We present new auditors to assess Differential Privacy (DP) of an algorithm based on output samples. Such empirical auditors are common to check for algorithmic correctness and implementation bugs. Most existing auditors are batch-based or targeted toward the traditional notion of $(\varepsilon,\delta)$-DP; typically both. In this work, we shift the focus to the highly expressive privacy concept of $f$-DP, in which the entire privacy behavior is captured by a single tradeoff curve. Our auditors detect violations across the full privacy spectrum with statistical significance guarantees, which are supported by theory and simulations. Most importantly, and in contrast to prior work, our auditors do not require a user-specified sample size as an input. Rather, they adaptively determine a near-optimal number of samples needed to reach a decision, thereby avoiding the excessively large sample sizes common in many auditing studies. This reduction in sampling cost becomes especially beneficial for expensive training procedures such as DP-SGD. Our method supports both whitebox and blackbox settings and can also be executed in single-run frameworks.