Pace Cloud
Pace Cloud Private Beta

Drop malicious traffic.

Pace protects Node.js and Python applications with local-first rate limiting, live threat detection, and zero-Redis architecture — without a database in your hot path.

>npm i pace-node
Available for:
One protection layer

Fast where it matters.
Visible everywhere else.

Pace separates request-time decisions from analysis and management, so protection stays fast without becoming a black box.

Core Engine
01

Rust Native Addon

Written in native compiled Rust using napi-rs bindings. Executes rate-limiting decisions directly inside the Node.js process space, bypassing JavaScript V8 engine garbage collection pauses.

Decision Latency< 0.001ms
Memory Footprint< 2MB
Data Plane
02

Local-First Execution

Request validation is performed in process memory utilizing high-performance sliding window logs and token bucket algorithms. Completely eliminates Redis latency.

Network Hops0 Hops
Redis Dependency0ms Overhead
Control Plane
03

Async Telemetry Sync

Request metadata is batched out-of-band onto an off-thread lock-free telemetry queue and synchronized asynchronously to Pace Cloud. Your main loop stays clean.

Enforcement ModesActive / Shadow
Heartbeat ProtocolAsync heartbeat
Access Control
04

Spoof-Proof IP Protection

Neutralize rate-limit bypasses and header-injection attacks. Pace automatically prioritizes cryptographically verified client-side headers (Cloudflare CF-Connecting-IP, Vercel/Nginx X-Real-IP) before falling back to socket details.

Resolution ChainCF / Real-IP / XFF
Header HijackingZero Trust / Blocked
Observability
05

Live Threat Telemetry

Turn raw traffic logs into actionable data. Watch brute-force credential stuffing and volumetric API abuse drop in real-time on a data-dense WAF dashboard before they crash your database.

Log IngestionReal-time Stream
Alert RoutingEmail / Webhook
Distributed State
06

Microsecond Cluster Sync

When Server 1 blocks an attacking IP, the central aggregator instantly broadcasts the threat matrix. Servers 2, 3, and 4 preemptively drop that IP before the attacker's next request even arrives.

Sync ProtocolWebSocket / gRPC
Redis Needed?Absolutely Zero
Pace Engine Core Specifications

No black boxes. A transparent look at the performance metrics that power our Rust-based engine.

Decision Latency< 0.001msNative machine speed

Executes in native Rust thread, completely bypassing JavaScript V8 engine garbage collection pauses.

Network Hops0 HopsIn critical hot path

Runs fully in-process. Never blocks requests on roundtrips to Redis or external databases.

Redis Dependency0ms OverheadFully local first

State is held in thread-safe memory, syncing out-of-band to prevent connection pool exhaustion.

Memory Footprint< 2MBNo Node.js heap bloat

Zero V8 overhead. Built with strict memory bounds so it never contributes to memory leaks.

Enforcement ModesActive / ShadowStaging-safe testing

Test new rate limits in dry-run Shadow mode with real-world traffic before enforcing blocks.

Supported Algorithms4 Native Alg.Custom rate limiting

Includes native implementations of Token Bucket, Sliding Window, Leaky Bucket, and Fixed Window.

From install to insight

A simpler way to secure request traffic.

Keep enforcement close to your code while Pace handles the distributed synchronization, logging, and rules behind the scenes.

Your request data stays under your control.
TSmain.ts
$npm i pace-node
1
import express from "express";
2
import { Pace } from "pace-node";
3
 
4
const app = express();
5
const pace = new Pace({ mode: "active"});
6
 
7
// Protect expensive AI endpoints instantly
8
app.post(
9
"/generate",
10
pace.limit({
11
algorithm: "fixed-window",
12
limit: 5,
13
window: "1m",
14
}),
15
async(req, res) => {
16
const data = await runExpensiveAIModel();
17
res.json({ success: true, data });
18
}
19
);
UTF-8TypeScript
Limited early access

Protect the next request.
Not the next deployment.

Join the teams getting early access to Pace Cloud.