Benchmarks
Why xxhash64?
Section titled “Why xxhash64?”The fingerprint detects file content changes — it does not protect against attackers. xxhash64 is a non-cryptographic hash that is ~11x faster than SHA-256, zero allocations, and hits ~27 GB/s throughput.
Results
Section titled “Results”xxhash64 vs crypto/sha256 — 100K iterations per benchmark, single core.
Hardware: AMD Ryzen AI MAX+ 395, Go 1.26.3, linux/amd64
| Hash | Size | ns/op | Throughput | Allocations |
|---|---|---|---|---|
| xxhash64 | 1 KB | 42 | 24,443 MB/s | 0 |
| SHA-256 | 1 KB | 486 | 2,106 MB/s | 1 × 32 B |
| xxhash64 | 10 KB | 383 | 26,708 MB/s | 0 |
| SHA-256 | 10 KB | 4,253 | 2,408 MB/s | 1 × 32 B |
| xxhash64 | 100 KB | 3,744 | 27,349 MB/s | 0 |
| SHA-256 | 100 KB | 41,760 | 2,452 MB/s | 1 × 32 B |
| xxhash64 | 1 MB | 37,954 | 27,628 MB/s | 0 |
| SHA-256 | 1 MB | 429,268 | 2,443 MB/s | 1 × 32 B |
xxhash64 is ~11x faster than SHA-256, zero allocations, and hits ~27 GB/s — effectively RAM bandwidth. No hardware accelerator exists or is needed; the hash is memory-bound, not compute-bound. SHA-256 results already include SHA-NI hardware acceleration.
Reproducing
Section titled “Reproducing”go test -bench=. -benchmem -benchtime=100000xInterpretation
Section titled “Interpretation”At ~27 GB/s, the hash is memory-bound — it runs at the speed of RAM. The CPU spends most of its time waiting for memory, not computing. This means:
- Fingerprinting a 1 MB config file: ~38 microseconds
- Fingerprinting a 10 KB config file: ~383 nanoseconds
- Zero heap allocations — no GC pressure
For a read-modify-write cycle, the fingerprint adds negligible overhead compared to the I/O of reading and writing the file itself.