February 8, 2026
Fast perms, faster memes
SpiceDB Query Planner
SpiceDB’s new query planner vows speed; devs shout “finally” vs “prove it”
TLDR: AuthZed unveiled a query planner for SpiceDB to speed up permission checks by using the shape of your data. The community is split between cheering practical speed gains and demanding hard benchmarks, with extra drama over vendor lock-in vs DIY performance—important because faster checks mean snappier apps and lower costs.
SpiceDB just dropped a “query planner” meant to make permission checks way faster by understanding the shape of your data—think who’s linked to what and how deep the connections go. In plain English: fewer wasted trips to the database, more instant yes/no answers. The crowd? Loud. Split. Entertained. Fans cheered that AuthZed is bringing Google’s Zanzibar smarts (now with a Kelsey Hightower foreword cameo) to the masses, calling it “a real, practical speed-up” instead of more theory. Skeptics rolled in with the classic: “benchmarks or it didn’t happen.” One snarky thread claimed this is just fancy graph-walking with better shortcuts, while others argued the planner finally stops doing “all the work for nothing” when a user belongs to zero groups.
Memes flew: “Is this ReBAC (relationship-based access control) or ReBLAZING?” and “Arrow ops? More like Cupid hitting cache.” People link-dropped github.com/authzed/spicedb and the annotated Zanzibar paper like trading cards. The juiciest drama: vendor-lock-in vs self-hosted bragging rights, and a heated “just buy a bigger database” vs “smart planning beats raw horsepower” spat. Meanwhile, practical folks begged for live dashboards and perf charts, while the hype squad declared this the moment permission checks stop being slow-motion.
Key Points
- •Authzed introduced the SpiceDB Query Planner to reduce authorization-check latency.
- •SpiceDB previously implemented multiple performance strategies, including request deduplication, sub-problem caching, consistent hashing, query batching, type-based skipping, and extensive SQL optimizations.
- •Datastore access is identified as the primary bottleneck for low-latency authorization checks.
- •The article emphasizes using the shape of customer data (relationship cardinality/fan-out) to guide more efficient execution paths.
- •A schema example demonstrates that recognizing extremes (e.g., zero links or massive fan-out) can allow early exits and avoid unnecessary work in CheckPermission queries.