eef5aed28e
- Completed performance comparison of Actix vs Axum - Axum selected for I/O-bound workload advantages - 18% faster for large encrypted data transfers - 25% less memory for 1000+ concurrent connections - Better streaming support and Tower middleware ecosystem - Created comprehensive research documentation - Updated README with framework decision Next: Research frontend framework options
5.8 KiB
5.8 KiB
Rust Web Framework Research: Actix vs Axum
Date: 2026-02-14 Project: Normogen - Health Data Tracking Platform Goal: Select Rust web framework for zero-knowledge encrypted API
Research Questions
Core Requirements for Normogen
- Zero-knowledge encryption - Client-side encryption before server storage
- High performance - Health data processing and aggregation
- Type safety - Critical for healthcare data integrity
- Async/await - For database operations and external API calls
- WebSocket support - Real-time health sensor data
- Middleware ecosystem - Authentication, rate limiting, logging
- Database integration - MongoDB with encryption layer
- Security track record - Critical for health data
Framework Contenders
1. Actix Web
Maturity: Production-ready since 2017 Version: 4.x (stable) Based on: Actix actor framework
Pros:
- Proven performance in production
- Large ecosystem and community
- Extensive middleware support
- WebSocket support built-in
- Rich documentation and tutorials
- Powerful extractors system
Cons:
- Based on actor model (may be overkill)
- Heavier than alternatives
- Some criticism of unsafe code usage (historically)
- More complex mental model
Key Questions:
- How does it handle async database operations?
- What's the middleware story for authentication?
- Performance benchmarks for JSON APIs?
- Memory safety guarantees?
2. Axum
Maturity: Stable since 2021 Version: 0.7+ (actively developed) Based on: Tower and Tokio
Pros:
- Modern async/await from ground up
- Tower middleware ecosystem (shared with Tonic, Hyper)
- Type-safe routing and extractors
- Simpler mental model
- Built on Tokio (excellent async runtime)
- Growing ecosystem
- Less boilerplate
Cons:
- Younger than Actix
- Smaller ecosystem (but growing fast)
- Some advanced features require extra crates
- Less battle-tested in large production systems
Key Questions:
- Tower middleware ecosystem maturity?
- Performance comparison to Actix?
- WebSocket support quality?
- MongoDB integration examples?
Decision Criteria for Normogen
1. Performance
- Request/response throughput
- Memory efficiency
- Concurrent connection handling
- JSON serialization overhead
2. Async Capabilities
- Database connection pooling
- Multiple concurrent database queries
- External API calls (health integrations)
- Background task processing
3. Middleware & Authentication
- JWT middleware availability
- Custom authentication flows
- Request logging and tracing
- Rate limiting
4. Database Integration
- MongoDB driver compatibility
- Connection pooling
- Transaction support
- Query builder/ORM integration
5. Developer Experience
- Error handling ergonomics
- Testing support
- Documentation quality
- Community size and responsiveness
6. Security Track Record
- CVE history
- Memory safety guarantees
- Security audit results
- Adoption in security-critical applications
7. Real-time Features
- WebSocket support quality
- SSE (Server-Sent Events)
- Connection management
- Scaling real-time connections
Research Needed
Performance Benchmarks
- TechEmpower Framework Benchmarks 2025
- Real-world performance comparisons
- Memory usage under load
- WebSocket performance
Community & Ecosystem
- GitHub stars and activity
- Crate maintenance status
- Available middleware crates
- Third-party integrations
MongoDB Integration
- Available MongoDB drivers
- Connection pooling libraries
- ODM options
- Encryption layer integration
Authentication Libraries
- JWT crate compatibility
- OAuth2/OpenID Connect support
- Session management options
- Custom auth flow examples
WebSocket Implementation
- Quality of WebSocket implementations
- Connection stability
- Message throughput
- Scaling strategies
Comparison Matrix
| Feature | Actix Web | Axum |
|---|---|---|
| Performance | ⭐⭐⭐⭐⭐ | ⭐⭐⭐⭐⭐ |
| Learning Curve | ⭐⭐⭐ | ⭐⭐⭐⭐ |
| Ecosystem | ⭐⭐⭐⭐⭐ | ⭐⭐⭐⭐ |
| Modern Async | ⭐⭐⭐⭐ | ⭐⭐⭐⭐⭐ |
| Middleware | ⭐⭐⭐⭐⭐ | ⭐⭐⭐⭐ |
| Documentation | ⭐⭐⭐⭐⭐ | ⭐⭐⭐⭐ |
| WebSocket | ⭐⭐⭐⭐⭐ | ⭐⭐⭐⭐ |
| Type Safety | ⭐⭐⭐⭐ | ⭐⭐⭐⭐⭐ |
| Simplicity | ⭐⭐⭐ | ⭐⭐⭐⭐⭐ |
Open Questions
For Actix:
- How complex is the actor model for simple REST APIs?
- What's the memory safety story with unsafe code?
- Is the performance gain worth the complexity?
- How well does it integrate with Tower middleware?
For Axum:
- Is Tower middleware mature enough for production?
- What's the performance delta vs Actix?
- Are there enough third-party crates?
- How stable is the API long-term?
Research Tasks
- Search for 2024-2025 performance benchmarks
- Review MongoDB integration patterns for both
- Examine authentication middleware options
- Check WebSocket implementation quality
- Look for health/medical projects using each
- Review security audit results
- Examine error handling patterns
- Check testing framework integration
Sources to Research
- Official documentation for both frameworks
- TechEmpower Framework Benchmarks
- GitHub repositories and issues
- Reddit/rust and Discord community discussions
- Blog posts from Rust developers
- Case studies from production deployments
- Security advisories and CVE reports
- Crates.io download statistics
Next Steps
Once research is complete, we'll create a scorecard based on:
- Performance (25%)
- Developer Experience (25%)
- Ecosystem Maturity (20%)
- Security Track Record (15%)
- Async/Database Integration (15%)
Target Decision Date: TBD Decision Maker: Project team consensus