WAB Benchmarks PRELIMINARY
Honest numbers from our reference deployment. Treat these as a starting point, not a marketing claim. The harness and raw data will be published alongside the v4 spec; until then, take every number with a grain of salt and reproduce it yourself.
Status: these results come from a single-region deployment on a 4 vCPU / 8 GB host
(Node.js 20, PostgreSQL 16, Cloudflare in front). They are preliminary in the literal sense:
we have not yet published the benchmarking harness, multi-region results, or adversarial stress tests.
Numbers will change. When they do, this page will be versioned.
1. Methodology (in progress)
- Hardware: 4 vCPU AMD EPYC, 8 GB RAM, NVMe storage, single region (us-east).
- Software: Node.js 20.x, Express, better-sqlite3 (dev) / PostgreSQL 16 (production), pm2 cluster mode (2 workers).
- Client:
autocannonfor HTTP load; custom Node.js harness for signature throughput. - Network: client co-located in the same region; cross-region numbers will be added.
- Warmup: 30 s discarded before measurement.
- Reproducibility: harness scripts will live at
bench/in the public repo. PRs that improve the harness are welcome.
2. Discovery latency
| Step | p50 | p95 | Notes |
|---|---|---|---|
| DNS TXT lookup (cached resolver) | < 2 ms | < 8 ms | Cloudflare 1.1.1.1, 300 s TTL. |
| DNS TXT lookup (cold) | ~ 25 ms | ~ 90 ms | Recursive resolution, varies wildly by network. |
Manifest fetch (/.well-known/wab.json) | ~ 18 ms | ~ 45 ms | Static, CDN-cacheable. |
| Manifest signature verify (Ed25519) | ~ 0.15 ms | ~ 0.3 ms | tweetnacl, single core. |
3. Signature throughput
| Operation | Throughput | p95 latency |
|---|---|---|
| Ed25519 sign (single) | ~ 20k ops/s | < 0.1 ms |
| Ed25519 verify (single) | ~ 7k ops/s | ~ 0.2 ms |
| Ed25519 verify (batch of 64) | ~ 22k ops/s effective | ~ 3 ms / batch |
| JCS canonicalization (intent ≈ 1 KB) | ~ 50k ops/s | < 0.05 ms |
Numbers from tweetnacl. Switching to a native binding (@noble/curves WASM or sodium-native) typically yields a 2–3× improvement; we will rerun once the bench harness lands.
4. ATP end-to-end
| Step | p50 | p95 | Notes |
|---|---|---|---|
| Authorize (signed intent → server, no payment) | ~ 18 ms | ~ 40 ms | Signature verify + DB insert. |
| Execute (no external rail) | ~ 22 ms | ~ 50 ms | Idempotent insert + state transition. |
| Execute (with Stripe PaymentIntent) | ~ 280 ms | ~ 480 ms | Bound by Stripe API latency. |
| Receipt sign + persist | ~ 1.5 ms | ~ 4 ms | JCS + Ed25519 + INSERT. |
| Receipt verify (public endpoint) | ~ 0.8 ms | ~ 2 ms | Stateless, cacheable. |
| Sustained throughput (authorize) | ~ 1.2k req/s | Two-worker pm2, single 4 vCPU host. | |
5. Replay detection
| Scenario | Detection rate | Notes |
|---|---|---|
| Exact replay within ±300 s window | 100 % | Nonce burn, structural. |
| Replay after window expiry | 100 % | Timestamp rejected before nonce check. |
| Replay with tampered body | 100 % | Signature verify fails. |
| Replay across regions (with shared nonce store) | 100 % | Requires strong-consistency nonce store; verified on PostgreSQL primary. |
| Replay across regions (eventual-consistency nonce store) | — unsupported — | Explicitly out of scope; do not deploy this way. |
6. Benchmark roadmap
- ☐ Publish the harness in the public repo under
bench/. - ☐ Multi-region results (us-east ↔ eu-west).
- ☐ Native crypto binding comparison (
tweetnaclvssodium-nativevs@noble/curves). - ☐ Adversarial flood: signed-but-bogus intents at 10× the normal rate.
- ☐ Reconciliation sweep cost at 100k stale rows.
- ☐ Mobile / low-bandwidth discovery latency (Lite manifest path).
7. Document history
- 2026-05-25 — Initial publication. Numbers are preliminary and will be revised once the harness ships.
Related: /atp-semantics · /security · /spec