# Blog

102 articles.

### [RAG Pipeline Architecture: Chunking Strategies, Hybrid Search, Reranking, and Evaluation Frameworks](https://lucioduran.com/blog/rag-pipeline-architecture-chunking-reranking-evaluation)
2026-04-16 · AI/ML · 12 min

A production-focused guide to building Retrieval-Augmented Generation pipelines — from document ingestion and chunking strategies to hybrid search, cross-encoder reranking, and systematic evaluation with RAGAS and custom metrics.

### [TLA+ for Formal Verification: Catching Distributed Systems Bugs Before Writing a Single Line of Code](https://lucioduran.com/blog/formal-verification-tla-plus-distributed-systems)
2026-03-18 · Distributed Systems · 10 min

Modeling distributed systems with temporal logic, running the TLC model checker, and a real-world example of how TLA+ found a bug in a Kafka consumer group rebalancing protocol that testing would never have caught.

### [Agentic AI Architecture Patterns: Tool-Use Orchestration and Multi-Agent Coordination](https://lucioduran.com/blog/agentic-ai-architecture-patterns)
2026-03-16 · Agentic AI · 5 min

An analysis of the architecture patterns behind agentic AI systems — from tool-use orchestration to multi-agent coordination — with production-tested approaches and tradeoffs.

### [WebCodecs API: Hardware-Accelerated Video Encoding and Decoding in the Browser](https://lucioduran.com/blog/webcodecs-api-video-processing-browser)
2026-03-15 · Web APIs · 10 min

Low-level video encoding and decoding without [FFmpeg.wasm](https://ffmpegwasm.netlify.app/) — VideoEncoder, VideoDecoder, AV1 encoding, and building a real-time video effects pipeline entirely in the browser.

### [Service Mesh Evolution: Istio Ambient Mesh, Linkerd, and Sidecar-Less Architectures](https://lucioduran.com/blog/service-mesh-ambient-mesh-istio-linkerd)
2026-03-13 · Infrastructure · 9 min

Evaluating sidecar-less data planes: ztunnel, the L4/L7 processing split, mTLS without sidecars, and latency overhead measurements comparing Istio ambient vs sidecar mode vs Linkerd.

### [Drizzle ORM: Type-Safe SQL for PostgreSQL — Migrations, Prepared Statements, and Prisma Comparison](https://lucioduran.com/blog/drizzle-orm-type-safe-sql-postgresql)
2026-03-11 · Backend · 9 min

SQL-like syntax that's actually type-safe, zero runtime overhead, edge runtime support, and an honest comparison with Prisma and Kysely.

### [TLS 1.3 + Post-Quantum: ML-KEM (Kyber) Hybrid Key Exchange in the Real World](https://lucioduran.com/blog/tls-1-3-post-quantum-kyber-hybrid)
2026-03-10 · Security · 8 min

Inside the X25519Kyber768 hybrid handshake — how Chrome and Firefox implement post-quantum TLS, certificate transparency implications, and what you need to change today.

### [Model Context Protocol (MCP): The Missing Standardization Layer for AI-Tool Integration](https://lucioduran.com/blog/model-context-protocol-mcp-ai-integration)
2026-03-08 · AI/ML · 9 min

An examination of MCP's architecture — transport layers, resource/tool/prompt primitives, and how to build custom MCP servers that function reliably in production.

### [GPU Programming: CUDA vs ROCm vs Vulkan Compute — Warp Scheduling, Shared Memory, and Matrix Multiplication](https://lucioduran.com/blog/gpu-programming-cuda-vs-rocm-vulkan-compute)
2026-03-06 · GPU Computing · 12 min

Warp divergence, shared memory bank conflicts, occupancy tuning, and an optimized matrix multiplication kernel with benchmarks across NVIDIA, AMD, and Vulkan Compute.

### [Speculation Rules API: Prerendering Pages Before Navigation and Measured Core Web Vitals Impact](https://lucioduran.com/blog/speculation-rules-api-prerender-navigation)
2026-03-05 · Web Performance · 9 min

A technical examination of the Speculation Rules API for prerender and prefetch, confidence-based speculation strategies, Chrome's implementation details, and measurable Core Web Vitals improvements including INP optimization.

### [RISC-V + Rust Firmware: Building an IoT Sensor Node with Embassy-rs on the ESP32-C6](https://lucioduran.com/blog/risc-v-embedded-systems-rust-firmware)
2026-03-03 · Embedded · 9 min

A practical guide to writing no_std Rust firmware for RISC-V targets using embassy-rs async runtime, HAL abstractions, and a real IoT project with the ESP32-C6 running WiFi 6 and BLE 5.

### [ClickHouse: Columnar OLAP for Real-Time Analytics on 10 Billion Rows](https://lucioduran.com/blog/clickhouse-olap-real-time-analytics-architecture)
2026-03-01 · Databases · 8 min

An architecture guide to ClickHouse for real-time analytics: MergeTree engine internals, materialized views for pre-aggregation, query optimization on 10B+ row tables, and comparative analysis with DuckDB and Druid.

### [Temporal.io: Replacing Message Queues with Durable Execution for Complex Orchestration](https://lucioduran.com/blog/temporal-workflow-engine-durable-execution)
2026-02-28 · Backend · 10 min

An analysis of Temporal's durable execution model, workflow determinism constraints, activity retries, saga patterns, and why durable execution supersedes orchestration built on top of message queues.

### [SPDK + NVMe: Building a User-Space Storage Engine That Hits 10M IOPS](https://lucioduran.com/blog/spdk-nvme-storage-performance-optimization)
2026-02-26 · Systems Programming · 10 min

A technical walkthrough of SPDK's user-space NVMe drivers, polled I/O, zero-copy DMA, and building a storage engine that sustains 10 million IOPS on commodity hardware.

### [Homomorphic Encryption in Practice: TFHE, Concrete-ML, and ML Inference on Encrypted Data](https://lucioduran.com/blog/homomorphic-encryption-tfhe-concrete-ml)
2026-02-24 · Cryptography · 9 min

A practical guide to TFHE, Concrete-ML by Zama, computing on encrypted data, real ML inference on ciphertext, and the honest performance reality of homomorphic encryption.

### [Event Sourcing + CQRS: Event Store Design, Projections, Snapshots, and When NOT to Use It](https://lucioduran.com/blog/event-sourcing-cqrs-production-lessons)
2026-02-22 · Architecture · 8 min

Production lessons from building event-sourced systems — event store design, projection rebuilds, snapshot strategies, saga orchestration, and an honest assessment of when event sourcing makes things worse.

### [Content Layer API, Server Islands, and View Transitions in Astro 5](https://lucioduran.com/blog/astro-5-view-transitions-content-collections)
2026-02-21 · Frontend · 9 min

An analysis of Astro 5's content layer API, server islands architecture, and view transitions, with production benchmarks comparing performance against Next.js for content-heavy sites.

### [Supabase Realtime: Building Multiplayer Features Without Running a Single WebSocket Server](https://lucioduran.com/blog/supabase-realtime-presence-multiplayer)
2026-02-19 · Backend · 8 min

Presence tracking, broadcast channels, Postgres CDC, and scaling WebSocket connections — a practical guide to building multiplayer features with Supabase Realtime.

### [eBPF and XDP: High-Performance Packet Processing and DDoS Mitigation at Line Rate](https://lucioduran.com/blog/bpf-xdp-high-performance-packet-processing)
2026-02-17 · Networking · 9 min

High-performance packet processing with eBPF and XDP — writing XDP programs in C, AF_XDP sockets, DDoS mitigation at line rate, and peeking inside Cilium's dataplane.

### [Cloudflare Durable Objects: Building a Stateful Game Server at the Edge](https://lucioduran.com/blog/edge-computing-durable-objects-cloudflare)
2026-02-16 · Edge Computing · 10 min

Stateful edge computing with Cloudflare Durable Objects — WebSocket coordination, the actor model at the edge, and a multiplayer game server architecture running in 300+ locations.

### [Differential Privacy and Federated Learning: HIPAA-Compliant Healthcare ML Pipeline Architecture](https://lucioduran.com/blog/differential-privacy-federated-learning-production)
2026-02-14 · AI/ML · 9 min

Epsilon budgets, noise mechanisms, secure aggregation, and PySyft in practice — a federated learning pipeline architecture for medical imaging capable of passing HIPAA audits.

### [Structured Concurrency in Java 21: Virtual Threads and Server Architecture](https://lucioduran.com/blog/structured-concurrency-java-21-virtual-threads)
2026-02-12 · JVM · 9 min

An examination of Project Loom's structured concurrency, virtual threads, scoped values, and StructuredTaskScope — and how they fundamentally alter JVM server architecture.

### [Mojo as a Python Superset: Performance on Production ML Workloads](https://lucioduran.com/blog/mojo-language-python-superset-performance)
2026-02-11 · Programming Languages · 9 min

Benchmarking Mojo against Python, Rust, and C++ on actual ML inference pipelines. MLIR compilation, ownership model, SIMD types, and why the '68,000x faster than Python' claim needs serious context.

### [ARIA Live Regions, Screen Reader Internals, and Systematic Audit Methodology](https://lucioduran.com/blog/accessibility-aria-live-regions-screen-reader)
2026-02-09 · Accessibility · 8 min

A technical guide to web accessibility covering ARIA live regions, screen reader DOM parsing, focus management patterns, and systematic audit methodology with automated axe-core testing.

### [Scaling WebRTC to 10,000 Participants: mediasoup, LiveKit, and Janus Compared](https://lucioduran.com/blog/webrtc-media-servers-mediasoup-livekit)
2026-02-07 · Real-time · 11 min

A battle-tested comparison of WebRTC media servers. SFU vs MCU architecture, simulcast configuration, VP9/AV1 codec negotiation, and the scaling patterns that actually work when you need 10,000 concurrent participants.

### [Kubernetes Gateway API: Replacing Ingress with Envoy Gateway and Cilium](https://lucioduran.com/blog/kubernetes-gateway-api-envoy-cilium)
2026-02-06 · Infrastructure · 8 min

An analysis of migrating 200+ services from nginx-ingress to Gateway API with Envoy Gateway and Cilium mesh. HTTPRoute, TLS passthrough, traffic splitting, and why the Ingress resource was always a limited abstraction.

### [Zig's Comptime: A Unified Approach to Compile-Time Systems Programming](https://lucioduran.com/blog/zig-language-comptime-system-programming)
2026-02-04 · Systems Programming · 10 min

Compile-time code execution in Zig replaces macros, generics, and conditional compilation in one unified mechanism. Rebuilding a packet parser in Zig reveals how comptime challenges assumptions embedded in traditional C project maintenance.

### [Valkey vs Redis: Migrating 14TB of Production Data — What the Documentation Doesn't Cover](https://lucioduran.com/blog/valkey-redis-fork-performance-analysis)
2026-02-02 · Databases · 9 min

An analysis of Valkey's multi-threaded I/O, RESP3 protocol, and memory optimizations. Includes a real migration from Redis 7.2, benchmark methodology, and the gotchas encountered in production.

### [Signals and Fine-Grained Reactivity: Angular, SolidJS, Preact, and the Shift from Virtual DOM Diffing](https://lucioduran.com/blog/signals-reactivity-angular-solid-preact)
2026-02-01 · Frontend · 10 min

Fine-grained reactivity is winning. I traced the signal pattern from SolidJS through Angular 17+ and Preact Signals, dug into the TC39 proposal, and benchmarked why virtual DOM diffing is becoming an expensive relic.

### [Load Balancing Algorithms: Maglev Hashing, Consistent Hashing with Bounded Loads, and P2C](https://lucioduran.com/blog/load-balancing-algorithms-maglev-consistent-hashing)
2026-01-30 · Infrastructure · 9 min

An analysis of modern load balancing algorithms — Google's Maglev hashing, consistent hashing with bounded loads, power of two choices, and production HAProxy/Envoy configurations.

### [WireGuard Mesh Networking: Tailscale and Headscale Internals Explained](https://lucioduran.com/blog/wireguard-mesh-networking-tailscale-internals)
2026-01-28 · Networking · 11 min

How Tailscale builds a mesh network on top of WireGuard. DERP relay servers, NAT traversal, MagicDNS, and a hands-on guide to building your own private network overlay with Headscale.

### [LLVM MLIR: Building Custom Compiler Dialects for Domain-Specific Optimization](https://lucioduran.com/blog/llvm-mlir-compiler-infrastructure-custom-dialects)
2026-01-27 · Compilers · 11 min

An examination of MLIR's multi-level intermediate representation architecture, custom dialect construction, and the convergence of ML compilers, hardware accelerators, and DSLs on the MLIR framework.

### [HSMs and Cloud KMS: PKCS#11, Envelope Encryption, and Real Secrets Management Architecture](https://lucioduran.com/blog/hardware-security-modules-hsm-cloud-kms)
2026-01-25 · Security · 8 min

A deep technical walkthrough of hardware security modules, cloud KMS services, PKCS#11 interfaces, envelope encryption patterns, and building a secrets management architecture that actually survives audit.

### [CSS Anchor Positioning and Popover API: Implementing Tooltips Without JavaScript](https://lucioduran.com/blog/css-anchor-positioning-popover-api-2026)
2026-01-23 · Frontend · 9 min

Build tooltips, dropdowns, and floating UI entirely in CSS with the anchor() function, position-try-fallbacks, and the Popover API. An examination of current browser support and remaining specification gaps.

### [Kafka vs Redpanda: Event Streaming Benchmarks and Migration Analysis](https://lucioduran.com/blog/kafka-vs-redpanda-event-streaming-benchmarks)
2026-01-22 · Infrastructure · 9 min

A head-to-head comparison between Apache Kafka and Redpanda. Raft vs ZooKeeper, C++ vs JVM overhead, tail latency at p99, schema registry compatibility, and a detailed analysis of migrating 2TB/day of event streams.

### [WASM GC: Garbage-Collected Reference Types in WebAssembly](https://lucioduran.com/blog/wasm-gc-garbage-collection-browser-runtimes)
2026-01-20 · WebAssembly · 8 min

The WASM GC proposal brings struct and array types with automatic garbage collection to WebAssembly. This article examines its impact on Kotlin/WASM, Dart/WASM, and browser runtime architecture.

### [AI Orchestration Frameworks: Semantic Kernel vs LangChain vs LlamaIndex](https://lucioduran.com/blog/semantic-kernel-langchain-ai-orchestration)
2026-01-18 · AI/ML · 8 min

A real comparison of AI orchestration frameworks — plugin architectures, memory management, and building a RAG pipeline with each to see where they actually differ when the rubber meets the road.

### [LLM Function Calling Patterns for Reliable Tool Use in AI Agents](https://lucioduran.com/blog/llm-function-calling-tool-use-patterns)
2026-01-17 · AI/ML · 12 min

A technical guide to LLM tool use — structured output, parallel tool calls, retry strategies, error recovery, orchestration patterns, and lessons from production AI agent development.

### [Automated Code Review: Semgrep Custom Rules, AST Pattern Matching, and Building Org-Specific Security Scanners](https://lucioduran.com/blog/ai-code-review-ast-analysis-semgrep-custom-rules)
2026-01-15 · Developer Tools · 5 min

A practical guide to automated code review with Semgrep — writing custom rules with AST pattern matching, taint analysis for tracking untrusted data, building organization-specific security scanners, and integrating everything into CI for automated enforcement.

### [PostgreSQL CDC with Debezium: Logical Replication, WAL Decoding, and Real Event-Driven Architecture](https://lucioduran.com/blog/postgres-logical-replication-cdc-debezium)
2026-01-13 · Databases · 6 min

A deep technical guide to PostgreSQL Change Data Capture with Debezium — logical replication slots, WAL decoding internals, the transactional outbox pattern, and building production event-driven architecture with Kafka Connect. With real configurations and gotchas from production.

### [Linux io_uring: Async I/O Architecture and Node.js Integration](https://lucioduran.com/blog/linux-io-uring-async-io-nodejs-integration)
2026-01-11 · Systems Programming · 10 min

A systems-level analysis of io_uring — submission/completion queues, registered buffers, fixed files, kernel-side polling, and benchmarks comparing io_uring against epoll and synchronous I/O for various workloads.

### [Time Series Databases: TimescaleDB Hypertables, QuestDB Columnar Ingestion, and InfluxDB IOx](https://lucioduran.com/blog/time-series-databases-timescaledb-questdb-influx)
2026-01-10 · Databases · 9 min

Building a real IoT data pipeline that handles 1M inserts/sec — comparing TimescaleDB hypertables, QuestDB's columnar engine, and InfluxDB IOx with actual benchmarks and production gotchas.

### [DNS Privacy Stack: DoH, DoT, DNSSEC, Encrypted Client Hello, and Comparative Privacy Analysis](https://lucioduran.com/blog/dns-over-https-encrypted-client-hello-privacy)
2026-01-08 · Networking · 7 min

A comprehensive guide to the DNS privacy stack — DNS-over-HTTPS, DNS-over-TLS, DNSSEC validation, Encrypted Client Hello (ECH), Oblivious DoH, with honest analysis of what each protocol actually protects against and a practical implementation guide.

### [gRPC + Protobuf + ConnectRPC: Type-Safe Streaming APIs with Code Generation](https://lucioduran.com/blog/grpc-protobuf-connectrpc-api-design)
2026-01-06 · API Design · 11 min

A practical guide to gRPC, Protocol Buffers, and ConnectRPC for building type-safe streaming APIs — with comparisons to REST and tRPC, reflection setup, load balancing considerations, and production-ready code.

### [Apache Arrow DataFusion: Building Custom Query Engines in Rust](https://lucioduran.com/blog/arrow-datafusion-query-engine-rust)
2026-01-05 · Data Engineering · 7 min

A hands-on guide to Apache Arrow DataFusion — building custom query engines in Rust with columnar execution, push-based vs pull-based models, custom table providers, user-defined functions, and real-world performance tuning for analytical workloads.

### [Streaming HTML: Out-of-Order Streaming, Island Architecture, and Selective Hydration](https://lucioduran.com/blog/streaming-html-out-of-order-island-architecture)
2026-01-03 · Frontend · 9 min

An analysis of streaming HTML strategies across Marko, Qwik, and Astro — out-of-order streaming, island architecture internals, and why progressive hydration changes everything about web performance.

### [React Server Components: Streaming Architecture, Performance Tradeoffs, and Migration Patterns](https://lucioduran.com/blog/react-server-components-streaming-architecture)
2026-01-01 · Frontend · 10 min

A deep dive into React Server Components, streaming SSR, Suspense boundaries, and server actions — with honest benchmarks on the real cost of client components and practical migration patterns.

### [Supply Chain Security: Sigstore, SLSA, SBOMs, and Securing the Build Pipeline End-to-End](https://lucioduran.com/blog/supply-chain-security-sigstore-slsa-sbom)
2025-12-31 · Security · 9 min

A technical guide to software supply chain security — from Sigstore cosign keyless signing and SLSA framework compliance to SBOM generation with CycloneDX, npm provenance, and building a defensible pipeline that catches the attacks that matter.

### [Passkeys and WebAuthn: A Production Implementation Guide for FIDO2 Passwordless Authentication](https://lucioduran.com/blog/passkeys-webauthn-passwordless-implementation)
2025-12-29 · Security · 10 min

A brutally honest walkthrough of implementing FIDO2 passkeys with WebAuthn — resident credentials, cross-device auth, attestation ceremonies, and all the edge cases that will ruin your weekend.

### [Platform Engineering: Building Internal Developer Platforms with Backstage and Port](https://lucioduran.com/blog/platform-engineering-idp-backstage-port)
2025-12-27 · DevOps · 8 min

A hands-on guide to building IDPs that developers actually want to use, covering Backstage plugins, Port blueprints, golden paths, and the developer experience metrics that matter.

### [GPU Rendering Pipeline: Blend Modes, Porter-Duff Compositing, and Tile-Based Rendering](https://lucioduran.com/blog/blend-mode-compositing-gpu-rendering-pipeline)
2025-12-26 · Graphics · 10 min

A deep dive into the GPU rendering pipeline — from blend modes and Porter-Duff compositing to tile-based rendering, Skia's GPU backend, Vello's compute-shader approach, and practical GPU profiling techniques for web content.

### [TypeScript 5.5: Inferred Type Predicates, Isolated Declarations, and Real-World Gotchas](https://lucioduran.com/blog/typescript-5-5-type-predicates-inference)
2025-12-24 · TypeScript · 10 min

Analysis of TypeScript 5.5's biggest features: inferred type predicates that actually work, isolated declarations for faster builds, config extends improvements, regex type narrowing, and patterns that will bite you.

### [LLM Inference Optimization: KV-Cache, PagedAttention, and GPU Memory Efficiency](https://lucioduran.com/blog/llm-inference-optimization-kv-cache-paged-attention)
2025-12-22 · AI/ML · 10 min

An analysis of LLM inference optimization mechanics — from KV-cache management and PagedAttention in vLLM to continuous batching, speculative decoding, and FlashAttention-3, with throughput measurements from production deployments.

### [Immutable Infrastructure: Packer Golden Images, AMI Pipelines, Blue-Green Deployments, and the Real Migration from Mutable Servers](https://lucioduran.com/blog/immutable-infrastructure-packer-golden-images)
2025-12-21 · DevOps · 7 min

A practical guide to immutable infrastructure — building golden images with Packer, automating AMI pipelines, implementing blue-green deployments, eliminating configuration drift, and the honest story of migrating a production system from mutable servers.

### [Container Runtime Internals: runc, youki, kata-containers, and Sandbox Isolation Models](https://lucioduran.com/blog/container-runtime-internals-runc-youki-kata)
2025-12-19 · Containers · 10 min

Deep dive into container runtime internals — runc vs youki (Rust), kata-containers microVMs, gVisor sandboxing, cgroup v2 resource control, and namespace isolation with real syscall traces.

### [Next.js 15 PPR: Partial Prerendering, Static Shells, and the End of the ISR vs SSR Debate](https://lucioduran.com/blog/next-js-15-ppr-partial-prerendering)
2025-12-17 · Frontend · 8 min

How Next.js 15's Partial Prerendering combines static and dynamic rendering in a single request. Static shell + dynamic holes via Suspense, real TTFB measurements, and a practical migration guide from ISR.

### [CRDTs for Local-First Software: Building Collaborative Apps Without Servers](https://lucioduran.com/blog/crdts-local-first-software-architecture)
2025-12-16 · Distributed Systems · 10 min

Deep dive into CRDTs with Yjs and Automerge 2.0. Operation-based vs state-based approaches, conflict resolution strategies, and real patterns for building collaborative applications that work offline.

### [WebNN API: Hardware-Accelerated ML in the Browser, NPU Access, and Real On-Device Inference Benchmarks](https://lucioduran.com/blog/webnn-api-hardware-accelerated-ml-browser)
2025-12-14 · AI/ML · 6 min

A hands-on exploration of the WebNN API — accessing NPUs and GPUs from the browser for ML inference, ONNX model execution, real benchmark comparisons with WASM and WebGPU, and privacy-preserving AI patterns that keep data on the device.

### [Column-Oriented Storage Formats: Parquet, Lance, Delta Lake, and Iceberg Architecture and Optimization](https://lucioduran.com/blog/column-oriented-storage-parquet-lance-delta)
2025-12-12 · Data Engineering · 9 min

Understanding column-oriented storage formats from the inside: row groups, predicate pushdown, dictionary encoding, and practical query optimization across Apache Parquet, Lance, Delta Lake, and Apache Iceberg.

### [OpenTelemetry in Production: Distributed Tracing Implementation and Cost Control](https://lucioduran.com/blog/opentelemetry-distributed-tracing-microservices)
2025-12-11 · Observability · 8 min

Auto-instrumentation gotchas, custom spans that actually help, baggage propagation patterns, Jaeger vs Tempo showdown, trace-based testing, and how to not go bankrupt on observability costs.

### [Unikernels vs MicroVMs: Firecracker Internals, Unikraft, and the Real Cost of Serverless Isolation](https://lucioduran.com/blog/unikernels-firecracker-microvm-serverless)
2025-12-09 · Infrastructure · 9 min

A comprehensive comparison of Firecracker MicroVMs and Unikraft unikernels: boot time benchmarks, memory footprint analysis, KVM internals, and what actually provides isolation for serverless functions in production.

### [TCP vs QUIC vs HTTP/3: Kernel Bypass, Zero-Copy, and Latency Optimization](https://lucioduran.com/blog/tcp-quic-http3-kernel-bypass-performance)
2025-12-07 · Networking · 8 min

Real benchmarks comparing TCP, QUIC, and HTTP/3 with io_uring, DPDK, and zero-copy networking. Congestion control algorithms dissected with actual latency measurements from production.

### [Cell-Based Architecture: Blast Radius Isolation, Shuffle Sharding, and How AWS and Slack Reduce Failure Domains](https://lucioduran.com/blog/cell-based-architecture-blast-radius-isolation)
2025-12-06 · Architecture · 8 min

A deep technical look at cell-based architecture — how to isolate failures to a fraction of users through independent cells, shuffle sharding, cell routing, and real implementation patterns drawn from AWS, Slack, and production systems.

### [Scroll-Driven Animations with CSS scroll-timeline, ViewTimeline, and the Web Animations API](https://lucioduran.com/blog/web-animations-api-scroll-driven-animations)
2025-12-04 · Frontend · 8 min

Building performant scroll-driven animations without JavaScript using CSS scroll-timeline, animation-range, and the Web Animations API. Production examples replacing [GSAP](https://gsap.com/) ScrollTrigger and Intersection Observer.

### [Vector Databases Compared: Running the Same RAG Pipeline on pgvector, Qdrant, Pinecone, and Weaviate](https://lucioduran.com/blog/vector-databases-pgvector-qdrant-pinecone)
2025-12-02 · AI/ML · 9 min

Honest benchmarks comparing pgvector 0.8, Qdrant, Pinecone, and Weaviate for a real RAG pipeline. HNSW vs IVF indexing, quantization tradeoffs, latency at scale, and practical recommendations for different use cases.

### [MLOps Feature Stores: Feast, Tecton, Real-Time Features, and Production ML Pipeline Architecture](https://lucioduran.com/blog/mlops-feature-stores-feast-tecton-production)
2025-11-30 · AI/ML · 7 min

A technical guide to feature stores in production ML — covering Feast and Tecton, point-in-time joins, real-time feature serving, feature drift detection, and the architecture that makes it all work without collapsing under its own complexity.

### [Deterministic Simulation Testing: Fault Injection Methodology in TigerBeetle and FoundationDB](https://lucioduran.com/blog/deterministic-simulation-testing-tigerbeetle)
2025-11-29 · Testing · 9 min

Seed-based fault injection, deterministic scheduling, and the methodology behind finding impossible bugs in distributed systems. Real techniques from TigerBeetle and FoundationDB's testing frameworks.

### [Effect-TS: Algebraic Effects and Typed Error Handling in TypeScript](https://lucioduran.com/blog/effect-ts-algebraic-effects-error-handling)
2025-11-27 · TypeScript · 9 min

An examination of Effect-TS: algebraic effects for TypeScript, structured concurrency, typed errors, Fiber-based scheduling, and why replacing try-catch chaos with a real effect system makes code dramatically more reliable.

### [Capability-Based Security with WASI Preview 2: Least-Privilege Plugin Systems at the Runtime Level](https://lucioduran.com/blog/capability-based-security-wasi-preview2)
2025-11-25 · Security · 7 min

How WASI Preview 2's capability-based model enforces least-privilege at the runtime level. Filesystem sandboxing, network capabilities, wasi-http, and production-grade secure plugin architectures.

### [Graph Databases: Neo4j vs SurrealDB vs Apache AGE — Cypher, GQL, and Real Social Network Query Optimization](https://lucioduran.com/blog/graph-databases-neo4j-surrealdb-age-comparison)
2025-11-24 · Databases · 8 min

A hands-on comparison of three graph database approaches — Neo4j (native graph), SurrealDB (multi-model), and Apache AGE (PostgreSQL extension). Covers Cypher vs emerging GQL standard, property graph models, and real query optimization from a social network project.

### [Graviton4 ARM64 Migration Benchmarks: Real Production Performance Data](https://lucioduran.com/blog/arm64-graviton4-server-migration-benchmarks)
2025-11-22 · Infrastructure · 9 min

Production benchmarks from migrating workloads to AWS Graviton4 ARM64 instances. Node.js, Go, and Rust performance differences, NEON SIMD gotchas, compiler flags that matter, and actual cost savings after 4 months.

### [ScyllaDB: Cassandra-Compatible Low-Latency Database Architecture and Migration](https://lucioduran.com/blog/scylladb-cassandra-compatible-low-latency)
2025-11-20 · Databases · 8 min

A deep dive into ScyllaDB's shard-per-core architecture, Seastar framework internals, and real p99 latency benchmarks against Apache Cassandra. Plus a battle-tested migration guide.

### [Nix Flakes as a Docker Replacement for Local Development Environments](https://lucioduran.com/blog/nix-flakes-reproducible-dev-environments)
2025-11-19 · DevOps · 9 min

A practical guide to Nix Flakes for reproducible dev environments: flake.nix anatomy, devShells, replacing Docker for local development, cross-compilation, and a documented project migration with all the pain points.

### [Crossplane: Infrastructure Composition on Kubernetes, Replacing Terraform with GitOps-Native IaC](https://lucioduran.com/blog/crossplane-infrastructure-composition-kubernetes)
2025-11-17 · DevOps · 7 min

A practitioner's guide to Crossplane — infrastructure composition on Kubernetes using XRDs, compositions, and provider-aws. How we replaced Terraform with a GitOps-native IaC approach and what we learned in the process.

### [Async Rust Internals: Tokio Runtime Design, Work-Stealing, and Building a Minimal Runtime from Scratch](https://lucioduran.com/blog/async-rust-tokio-internals-runtime-design)
2025-11-15 · Rust · 8 min

A deep technical exploration of how Tokio actually works — the work-stealing scheduler, I/O driver, timer wheel, waker mechanism, and the Pin story. Then we build a minimal async runtime from scratch to solidify the mental model.

### [HTMX 2.0: Hypermedia-Driven Applications in Production](https://lucioduran.com/blog/htmx-2-hypermedia-driven-applications)
2025-11-14 · Frontend · 7 min

A technical analysis of HTMX 2.0's hypermedia-driven approach, hx-boost, WebSocket extensions, and server-sent events. Includes benchmarks against React and an assessment of when the approach is appropriate.

### [JIT Compilation Techniques: Cranelift, Copy-and-Patch, and CPython 3.13](https://lucioduran.com/blog/jit-compilation-cranelift-copy-patch-techniques)
2025-11-12 · Compilers · 8 min

An examination of modern JIT compilation techniques — Cranelift's approach to fast code generation, copy-and-patch compilation, tiered compilation strategies, register allocation, and the internal architecture of CPython 3.13's experimental JIT compiler.

### [CSS :has() Selector: Quantity Queries, Parent Selection, and Previously Impossible Patterns](https://lucioduran.com/blog/css-has-selector-quantity-queries-patterns)
2025-11-10 · Frontend · 7 min

An examination of CSS :has() — from parent selection and sibling combinators to quantity queries and responsive patterns that genuinely could not exist before this selector shipped. Plus performance considerations that matter at scale.

### [Deno 2: Full Node Compatibility, Fresh 2.0, and Comparative Benchmarks Against Node 22 and Bun](https://lucioduran.com/blog/deno-2-node-compat-fresh-framework)
2025-11-09 · JavaScript Runtimes · 8 min

An honest technical assessment of Deno 2's Node.js compatibility layer, npm specifiers, Fresh 2.0's island architecture, and performance benchmarks that tell a more nuanced story than the marketing suggests.

### [Smithy: AWS's API Modeling Language and Building Your Own SDK Generator](https://lucioduran.com/blog/smithy-api-modeling-aws-sdk-generation)
2025-11-07 · API Design · 8 min

An examination of Smithy — AWS's protocol-agnostic API modeling language, its code generation pipeline, custom validators, trait system, and how to build a custom SDK generator from a Smithy model.

### [S3-Compatible Object Storage: MinIO, Tigris, R2, and Multipart Upload Internals](https://lucioduran.com/blog/object-storage-s3-compatible-minio-tigris)
2025-11-05 · Infrastructure · 9 min

A technical walkthrough of S3-compatible object storage internals — from multipart upload mechanics and presigned URL security to building your own CDN layer with edge caching on top of MinIO, Tigris, and Cloudflare R2.

### [Zero-Knowledge Proofs for Authentication: Privacy-Preserving Identity Verification](https://lucioduran.com/blog/zero-knowledge-proofs-web3-authentication)
2025-11-04 · Cryptography · 9 min

How to implement ZK-based authentication using zk-SNARKs, Groth16, and Plonk. Circom circuit design, practical examples of proving identity without revealing credentials, and why ZK auth is useful far beyond Web3.

### [Micro-Frontends in 2026: Module Federation 2.0, Native Federation, and Import Maps](https://lucioduran.com/blog/micro-frontends-module-federation-native-federation)
2025-11-02 · Frontend · 9 min

A comprehensive guide to micro-frontend architecture in 2026 — Module Federation 2.0, Native Federation, import maps, shared state management, and a documented migration from a monolith SPA to independently deployable frontends.

### [WASI Threads: Shared Memory Parallelism Comes to WebAssembly](https://lucioduran.com/blog/wasi-threads-shared-memory-parallel-wasm)
2025-10-31 · WebAssembly · 7 min

Shared memory WebAssembly, atomics, parallel computation, SharedArrayBuffer — exploring WASM threads through a ray tracer implementation to separate reality from hype.

### [SQLite at the Edge: LiteFS, Turso, and Why Postgres Isn't Always the Answer](https://lucioduran.com/blog/sqlite-litefs-distributed-edge-databases)
2025-10-30 · Databases · 9 min

A practical guide to running SQLite as a distributed edge database. LiteFS replication internals, libSQL extensions, Turso's architecture, and real benchmarks showing when SQLite obliterates Postgres for read-heavy edge workloads.

### [Consensus Algorithms Compared: Raft, Multi-Paxos, Viewstamped Replication, and EPaxos](https://lucioduran.com/blog/consensus-algorithms-raft-paxos-viewstamped)
2025-10-28 · Distributed Systems · 11 min

An implementation-focused comparison of distributed consensus algorithms — Raft, Multi-Paxos, Viewstamped Replication, and EPaxos — covering leader election, log compaction, liveness guarantees, and the nuances that only surface when you build them.

### [OpenAPI 4.0 (Moonwalk): The Spec Rewrite That Actually Matters](https://lucioduran.com/blog/openapi-4-moonwalk-api-specification)
2025-10-26 · API Design · 6 min

New overlay mechanism, first-class webhooks, reusable workflows, comparison with 3.1, and a real migration path from Swagger — OpenAPI 4.0 is the biggest API spec change in a decade.

### [eBPF in Production: Building Kernel-Level Observability for Kubernetes Without the Overhead](https://lucioduran.com/blog/ebpf-observability-production-kubernetes)
2025-10-25 · Infrastructure · 8 min

How to use eBPF for production-grade observability in Kubernetes clusters. Cilium, Tetragon, custom kprobes, and why traditional monitoring is leaving performance on the table.

### [Browser Storage APIs: OPFS, IndexedDB, and SQLite-over-WASM for Offline-First Applications](https://lucioduran.com/blog/browser-storage-apis-opfs-indexeddb-sqlite-wasm)
2025-10-23 · Web APIs · 11 min

An analysis of modern browser storage APIs — Origin Private File System, IndexedDB transaction semantics, SQLite compiled to WASM, storage quotas, and offline-first architecture design.

### [Rate Limiting Algorithms: From Token Buckets to Distributed Lua Scripts](https://lucioduran.com/blog/rate-limiting-algorithms-token-bucket-sliding-window)
2025-10-21 · Backend · 8 min

Token bucket, sliding window log, GCRA, distributed rate limiting with Redis — the algorithms behind every API gateway, with production-ready Lua script implementations.

### [V8 Maglev and Turboshaft: Mid-Tier and Backend Compiler Architecture](https://lucioduran.com/blog/v8-maglev-turboshaft-compiler-pipeline)
2025-10-19 · JavaScript Internals · 9 min

An analysis of V8's mid-tier JIT compiler Maglev and the Turboshaft IR that's quietly replacing Turbofan's Sea of Nodes. Real performance data, deoptimization mechanics, and why your 'optimized' code might be doing the opposite.

### [Memory-Safe C++ Alternatives: Carbon, Cpp2, Val, and Circle Compared](https://lucioduran.com/blog/memory-safe-c-alternatives-carbon-cpp2-val)
2025-10-18 · Programming Languages · 8 min

A technical comparison of the emerging C++ successor languages — Carbon, Cpp2/cppfront, Val, and Circle — with real interop examples, migration cost analysis, and objective assessments of current maturity.

### [GraalVM Native Image: From 8-Second Spring Boot Startup to 50ms](https://lucioduran.com/blog/graalvm-native-image-spring-boot-startup)
2025-10-16 · JVM · 7 min

AOT compilation for Spring Boot, reflection configuration challenges, memory footprint analysis, and production trade-offs from six months of operational experience.

### [PostgreSQL 17: Incremental Backup, Logical Replication Failover, and Operational Improvements](https://lucioduran.com/blog/postgresql-17-incremental-backup-logical-replication)
2025-10-14 · Databases · 10 min

A practical deep dive into PostgreSQL 17's most impactful features: incremental backup with pg_basebackup, logical replication failover, new JSON functions, pg_stat_io insights, and real migration strategies from PG 15/16.

### [Web Components in 2026: Declarative Shadow DOM, CSS Parts, and Framework Interoperability](https://lucioduran.com/blog/web-components-shadow-dom-custom-elements-2026)
2025-10-13 · Frontend · 8 min

Declarative Shadow DOM, CSS parts, Lit 4.0, and universal custom element support. An assessment of Web Component maturity in 2026, covering SSR, framework interop, and remaining friction points.

### [LLM Quantization Compared: GPTQ, AWQ, GGUF, and SqueezeLLM](https://lucioduran.com/blog/llm-quantization-gptq-awq-gguf-compared)
2025-10-11 · AI/ML · 9 min

A practical comparison of LLM quantization methods with real perplexity benchmarks, memory footprints, and inference speed. When to use each method, and the surprising cases where 4-bit beats 8-bit.

### [Chaos Engineering in Production: Steady-State Hypothesis, LitmusChaos, and Blast Radius Control](https://lucioduran.com/blog/chaos-engineering-litmus-chaos-monkey-production)
2025-10-09 · SRE · 8 min

LitmusChaos, Chaos Monkey, blast radius control, and the steady-state hypothesis — a technical guide to breaking things on purpose in controlled, productive ways.

### [Rust + WASM Component Model in Production: Polyglot Microservices That Actually Work](https://lucioduran.com/blog/rust-wasm-component-model-production)
2025-10-08 · WebAssembly · 8 min

Building production polyglot microservices with Rust, the WASM Component Model, and WIT interfaces. Cross-language composition, wasm-tools workflows, and hard lessons from running this at scale.

### [Incremental Computation with Salsa and Adapton Frameworks](https://lucioduran.com/blog/incremental-computation-salsa-adapton-frameworks)
2025-10-06 · Compilers · 8 min

An examination of demand-driven incremental computation as implemented in rust-analyzer — memoization with automatic invalidation, dependency tracking, and the architectural patterns that enable sub-millisecond IDE responses.

### [Bun v2 Runtime Internals: JavaScriptCore, Zig Allocators, and io_uring Syscall Batching](https://lucioduran.com/blog/bun-v2-runtime-internals-deep-dive)
2025-10-04 · JavaScript Runtimes · 9 min

An analysis of Bun v2's architecture: JavaScriptCore vs V8 tradeoffs, Zig's arena allocator design, syscall batching with io_uring, and the engineering decisions behind the 3x cold start improvements.

### [Serverless Cold Starts: A Comprehensive Optimization Playbook](https://lucioduran.com/blog/serverless-cold-starts-optimization-strategies)
2025-10-03 · Serverless · 8 min

Provisioned concurrency, SnapStart, LLRT, V8 snapshots — a thorough benchmark comparison revealing which cold start optimization strategies actually deliver measurable results.

### [WebGPU Compute Shaders for ML Inference: Client-Side Model Execution](https://lucioduran.com/blog/webgpu-compute-shaders-ml-inference)
2025-10-01 · WebGPU · 9 min

Running ML models directly in the browser with WebGPU compute shaders. WGSL implementation details, benchmarks against WebGL and server-side inference, and practical limitations of client-side model execution.