CottonPerformance
Performance

Fast because the main path is the optimized path.

Cotton is designed so safety features stay enabled during real transfers. Uploads, encryption, compression, previews, and range reads all use the same storage pipeline instead of bouncing through temporary whole-file workflows.

Parallel uploadsBenchmark baselines2.5 GbE and 10 GbEHTTP Range

Sustained uploads

The frontend splits files into chunks, hashes them in a worker, uploads multiple chunks in parallel, and retries only missing pieces. The goal is stable throughput across the whole transfer, not a fast-looking first burst that collapses during finalization.

No full-file buffering

Cotton's upload and storage path is designed around small streaming buffers, ArrayPool-style reuse, and pipeline stages that work continuously. A 500 MB file and a much larger file have the same shape: more chunks, not a fundamentally different memory problem.

Encryption headroom

Reviewed machine baselines publish local stage numbers instead of only broad crypto claims. The conservative read is whether the slowest write-path stage - SHA-256, Zstd compression, AES-GCM encryption, or filesystem I/O - stays ahead of the network link.

Compression in the path

Cotton compresses before encryption, so storage savings happen during ingest. Zstd compression is tuned for cloud-storage throughput rather than archival maximum ratio. Deduplication still works because identity is content-addressed before encrypted blob bytes are written.

Hardware reality

Weak NAS hardware, cloud VMs, and high-end desktops will hit different ceilings. Cotton's performance story is tracked as a growing table of device baselines, with raw 100 MbE, 1 GbE, 2.5 GbE, and 10 GbE ceilings shown beside the measured MB/s values.

Seekable reads

Large downloads, video seeking, preview extraction, and HTTP range responses can read from chunked encrypted storage without reassembling an entire file into a temp object first.

Preview work

Images, SVG, HEIC, PDF, text, audio, video, and 3D model previews exist because the storage engine can expose the right streams without making the UI wait on full-file rebuilds.

Operational footprint

The deployment shape stays deliberately small: one Cotton Docker image plus Postgres, with EF migrations on startup and a setup wizard for storage, email, timezone, and telemetry choices.

Measured stage proof

The public performance story is tied to measured stages and visible network ceilings. Cotton compares SHA-256, Zstd compression, AES-GCM encryption, filesystem I/O, and synthetic pipeline numbers instead of pretending one isolated crypto number explains deployment throughput.

  • Network fit is calculated from the slowest local write-path stage.
  • Rows are sorted from weakest to strongest write-path processing limit.
  • The table shows raw stage values beside practical 100 MbE, 1 GbE, 2.5 GbE, and 10 GbE ceilings.

Fast path without feature panic

Cotton's performance pitch is simple: safety features belong in the fast path. Cotton does not ask admins to choose between encryption, previews, resumability, and throughput for normal file cloud work.

Benchmarks are not promises

Benchmarks are local baselines, not a promise that every deployment saturates a link. Browser behavior, HTTP/TLS overhead, databases, disks, VM noise, file types, and concurrent users can all move the real ceiling.

Performance proof

The fast path is also the normal path.

Cotton is not chasing a synthetic number at the cost of the product path. The same model that enables encryption, compression, previews, sharing, restore, and range reads is the path users hit during normal file work.

01Chunk
02Worker SHA
03Parallel POST
04Zstd
05AES-GCM
06Range read

Upload stays incremental

The browser hashes chunks outside the main UI path, uploads several chunks at once, and retries only missing pieces.

Transforms are in-path

Zstd compression runs before streaming AES-GCM, so storage savings and encryption happen during ingest instead of later.

Reads do not rebuild files

Seekable chunk streams can serve downloads, previews, video seeking, ETags, and Range responses without temp-file reassembly.

Benchmarks have scope

Public network-fit claims use the slowest measured local write stage, not isolated crypto speed or a vague hero number.

Benchmark conclusion

Speed claims are only useful when the measured path is named.

Cotton performance copy now separates local processing evidence from live deployment behavior. That keeps the marketing sharp without pretending a machine-mode benchmark includes every HTTP and database step.

  • Machine baselinesSHA-256, Zstd, AES-GCM, filesystem I/O, and synthetic pipeline numbers are kept separate.
  • Network ceilings100 MbE, 1 GbE, 2.5 GbE, and 10 GbE are shown beside results so deployment limits are readable.
  • Real-world caveatBrowser upload, HTTP, TLS, PostgreSQL, manifest creation, and concurrency still matter in live deployments.
Named path

Cotton is built for sustained file-cloud behavior: chunk upload, inline compression, streaming encryption, seekable reads, and benchmark baselines that make hardware fit easy to discuss.

Deployment reality

Real throughput still depends on CPU, file type, disk, S3 latency, Docker settings, TLS, database work, and client concurrency. Cotton exposes the path instead of hiding that complexity behind one inflated number.

FAQ

Direct answers

Why mention benchmark numbers at all?

They explain why encryption can stay enabled by default. The point is not to promise every server will hit the same number; it is to show that the crypto path is not meant to be the bottleneck.

Does performance only matter for huge files?

No. The same chunk and manifest model also helps normal folders, previews, deduplication, snapshots, resume behavior, and background integrity checks stay predictable.

Why use 1 GbE as the default network context?

It is the safer baseline for many home NAS and small-office deployments. Faster links still matter, but 1 GbE avoids defaulting to a network most visitors do not actually run.