February 20, 2026

Bubble sort, but make it hot

Article URL →HN comments →

Fast Sorting, Branchless by Design

Bubble sort gets a glow‑up; Zig devs split on speed vs secrecy

TLDR: A branchless, constant‑time sorting approach promises crypto‑safe speed by avoiding timing leaks and sometimes beating popular fast sorts. Comments erupted over upstreaming it to Zig, a possible overflow gotcha, and whether radix sort belongs, turning bubble sort’s “worst” rep into the week’s most divisive glow‑up.

Branchless sorting just went from nerd footnote to headline act, and the crowd is loud. The story: a constant‑time, data‑oblivious sort—built like a fixed “circuit” called a sorting network—keeps secrets safe by doing the same steps no matter what’s inside. That matters because timing differences can leak data, especially in post‑quantum crypto. The twist? It can be fast, even beating the usual pdqsort in benchmarks. Cue applause from Zig fans: one cheerleader asked, “Are there plans to upstream this into the Zig std library?” The hint it’s “often faster” lit a fuse: speed and secrecy—why not both?

Then the plot thickened. A sharp‑eyed commenter poked the fallback code with a stick—“this will only work if the subtraction doesn’t overflow”—and suddenly it was branchless bros vs bounds‑checkers. Another voice tossed a grenade: does radix sort also solve this? That spun up the classic “actually…” replies. Meanwhile, memes flowed: “Bubble Sort: Redemption Arc,” “My branch predictor left the chat,” and “constant‑time is the new black.” Fans want it shipped; skeptics want every bit audited. The vibe? A rare crypto meets compiler crossover where bubble sort isn’t the butt of the joke—it’s the headline, and the comments are the afterparty.

Key Points

  • Traditional sorting algorithms can leak information via data-dependent branching and memory access, enabling timing side-channel attacks.
  • Post-quantum cryptosystems like Classic McEliece and NTRU Prime rely on sorting; leaks in sorting can compromise the entire system.
  • Data-oblivious sorting requires a fixed operation sequence determined solely by input size, not values.
  • Sorting networks provide a fixed compare-and-swap schedule, achieving branchless, constant-time behavior suitable for cryptography.
  • Bubble sort is a sorting network but has O(n²) complexity; odd-even transposition sort is noted as a natural improvement.

Hottest takes

“Are there plans to upstream this into the Zig std library?” — jstrieb
“will only work if the subtraction doesn’t overflow” — rep_lodsb
“Radix sort also seems to fit the bill?” — user____name

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.