An HTTP server written from scratch in Rust. Zero heap allocations on the hot path. Built for a web where bots already outnumber humans.
An AI agent doing its job can fire thousands of HTTP requests per second. To nginx, that looks like a DDoS. The connection gets rate-limited or dropped.
Existing servers allocate memory on every request, box async futures onto the heap, and set rate limits around human browsing speeds. That made sense ten years ago. It doesn't anymore.
AI agent traffic grew 1,300% between January and August 2025. The servers haven't kept up.
What happens inside a typical HTTP server on every request. Even "hello world" pays this tax.
// Every request triggers this cascade:
BytesMut::reserve() ← heap alloc for read buffer
String::from(method) ← heap alloc for method
Uri::from_parts() ← heap alloc for URI
HeaderMap::new() ← heap alloc for headers
Box::pin(future) ← heap alloc per task
Arc::new(body) ← heap alloc + atomic refcount
tower::Layer::call() ← heap alloc per middleware
// Result at 10K concurrent connections:
// Memory: 3MB → 1.1GB (actix-web #1946)
// Latency: p50 ok, p99.9 = 💀
// Agents: mistakenly rate-limited// Same request. Zero allocations:
Span { off: u16, len: u16 } ← 4 bytes, stack, Copy
parse(buf, &mut req) ← stack-allocated output
[Header; 64] ← stack array, 640 bytes
io_uring provided buffers ← kernel picks from pool
io_uring SPLICE ← zero-copy to socket
thread-per-core ← no Arc, no mutex, no Send
proxy_pass → upstream pool ← keepalive reuse, no alloc
// Result at 10K concurrent connections:
// Memory: flat ±5% over 30 minutes
// Latency: p99.9 < 1ms
// Proxy: load balanced, auto-failoverWe didn't patch nginx or wrap tokio. We wrote an HTTP server from scratch, assuming most clients are software, not people.
Parsed requests live on the stack. Spans instead of string copies. The kernel manages I/O buffers directly via io_uring. No allocator pressure, no latency spikes.
Architecture designed for IETF Web Bot Auth (Signature-Agent headers), MCP Streamable HTTP, Google A2A discovery, and SSE token streaming. Agents are the primary design target, not an afterthought.
Thread-per-core with io_uring. No Arc, no Mutex, no Send bounds. Each core owns its connections and buffers. p99.9 stays flat because there's nothing shared to contend over.
Memory safety without a GC. The borrow checker enforces zero-copy at compile time. No runtime, no VM.
Linux 6.1+ required. macOS/Windows support planned post-1.0. Multishot accept, provided buffer rings, zero-copy send. One submission queue per core — minimal syscall overhead.
Each core owns its connections, buffers, and allocator. No locks, no contention. Scales linearly with cores.
AVX2/SSE4.2/NEON accelerated header scanning with runtime detection. 16-32 bytes checked per cycle. Combined with span output — parse results never leave registers.
TLS 1.3 via rustls, then kernel takes over encryption. SEND_ZC and SPLICE remain zero-copy through the TLS layer.
Industry standard for 20 years. Written in C with manual memory management. 6 memory-corruption CVEs in 2024 including use-after-free (CVE-2024-24990) and buffer overwrite (CVE-2024-32760). No native agent protocol support.
Good libraries on tokio's async runtime. Both use httparse for HTTP/1.x parsing (Axum transitively via Hyper). Pin<Box<dyn Future>> per connection (tower #753). 42% of heap traced to per-connection I/O buffers (hyper #1790).
All three Rust frameworks share the same HTTP/1.x parser: httparse. Our parser is faster — see the head-to-head benchmarks.
TLS termination, virtual hosts, reverse proxy with load balancing, SPA mode, pre-compressed assets. One config file, no modules to install.
server:
listen_https: "0.0.0.0:443"
listen_http: "0.0.0.0:80" # HTTP + HTTPS on one instance
workers: auto
tls:
cert: /etc/ssl/certs/fullchain.pem
key: /etc/ssl/private/privkey.pem
upstreams:
api_backend:
balancer: least_conn
servers:
- addr: "10.0.1.10:3000"
weight: 5
- addr: "10.0.1.11:3000"
weight: 5
- addr: "10.0.1.12:3000"
backup: true # failover only
keepalive: 64
next_upstream: [error, timeout, http_502]
hosts:
api.example.com: # reverse proxy to backend pool
locations:
"/v1/":
proxy_pass: api_backend
proxy_set_header:
X-Real-IP: "$remote_addr"
app.example.com: # static files + SPA
root: /var/www/app
spa: true # 404 → index.html
compression:
enabled: true
precompressed: [br, gzip]faster than nginx on small files. 205K vs 115K req/s.
faster than nginx on medium files. 179K vs 110K req/s.
median latency. 3.2x faster than nginx p50 of 1.78ms.
RSS under load. 8 workers, 256 connections, zero-allocation serving.
Intel Core i7-8550U @ 1.80GHz
4 cores / 8 threads
8MB L3 cache
Linux 6.17.0-14-generic (Ubuntu)
wrk -t4 -c256 -d60s --latency
10s warmup per server per file size
8 workers, ETag & compression disabled
All servers localhost, same data directory
F5 paid $670M for nginx in 2019 — and that was for the human web. Now every cloud provider, every AI startup, every enterprise running agents needs HTTP infrastructure that actually understands agent traffic. The API gateway market alone hits $11B by 2030.
Drop-in replacement for nginx/Envoy at the edge. Reverse proxy with keepalive pooling, load balancing, and automatic failover.
Zero-copy SSE streaming for token delivery. SynapServe targets the HTTP transport layer for inference APIs — not inference compute itself.
Agents talking to agents over MCP and A2A. The server should help, not block them.
Span-based parsing, SIMD scanning, chunked decoding. Benchmarked at target throughput.
Multishot accept, provided buffer rings, zero-copy send, connection slab allocator.
Handler trait, radix-tree router, virtual hosts, static file serving with ETag/Range/Brotli.
Keepalive connection pooling, weighted round-robin / least-conn / IP hash, peer health tracking, automatic retry with next-upstream failover, backup servers, zero-copy splice relay, DNS re-resolution.
rustls handshake with kernel-mode encryption offload. Parallel HTTP + HTTPS listeners. TLS 1.3 early data support.
Native SSE for LLM token streaming. Zero-copy event dispatch.
Native MCP Streamable HTTP, Google A2A discovery, IETF Signature-Agent verification.
Full HTTP/2 with bounded flow control and stream multiplexing.
Full QUIC support via s2n-quic. SynapServe Cloud: managed agent gateway as a service.
51% of web traffic is now non-human. OpenAI, Anthropic, Google, Meta are all shipping agents that make HTTP calls. The shift already happened.
IETF Web Bot Auth, Anthropic's MCP, Google's A2A. The standards for agent-to-server communication are being written right now. Early support matters.
Linux 6.1+ finally has the primitives: multishot accept, provided buffer rings, zero-copy send. You couldn't build this server two years ago.
The core ships under an open-source license. Anyone can download it, deploy it, build on top of it. 80% of enterprise IT leaders are increasing open-source adoption — nobody pays for an HTTP server they haven't run in production first.
Money comes when teams go from “one engineer testing it” to “running it across the fleet.” That's when they need health checks, access control, dashboards, cloud integrations, and someone to call at 2 AM. That's the paid layer. Even at 1–5% conversion rates, open-core infrastructure companies have built multi-billion dollar businesses.
The full server. Not a demo, not a crippled version — the real thing.
Everything in Core, plus the stuff ops teams won't run without.
We run it. You send traffic. Pay for what you use.
Open-core infrastructure companies get acquired at 10–26× revenue — well above the 3.7× software median. Once teams build config, tooling, and operational knowledge around a server, they don't leave. The best open-core companies run 130–140% net dollar retention.
We start in API gateways and Kubernetes ingress — 93% of organizations already use or evaluate K8s. As agent traffic grows, we expand into cloud-native infrastructure and AI inference serving.
Technical Solo Founder
20 years in IT, the last 8 in fintech — trading platforms, payment gateways, the kind of systems that page you at 3 AM. Every stack I worked on hit the same allocation wall under load. At some point I stopped patching around it and wrote a server that doesn't have the problem.
First hires with the seed round: two senior Rust engineers to accelerate HTTP/2 and agent protocol work. Actively seeking a co-founder with go-to-market experience in infrastructure or developer tools.
Last 8 in fintech infrastructure
Plus payment gateways and everything around them
Every stack hit the same allocation bottleneck
The agent web needs different plumbing. We're raising $1.5M to ship HTTP/2-3, add agent protocol support, and land first production deployments.
Seed round to fund 18 months of development and first production deployments
HTTP/1.1 server, TLS 1.3 with kTLS, reverse proxy with load balancing, and io_uring I/O layer — built and benchmarked
HTTP/2-3, agent protocols, cloud offering, and first enterprise partnerships
Happy to talk. We reply fast.