Serialization Tradeoffs

RPC requires serializing parameters and return values to bytes for transport. Common formats are JSON, Protobuf, Hessian, and Kryo. This article compares performance, readability, cross-language support, and version compatibility with a selection table.

Overview

JSON: Text, readable, good cross-language support; larger size and slower serialize/deserialize. Suited for external APIs, debugging, compatibility-first.
Protobuf: Binary, compact, efficient; requires schema; good cross-language. Suited for high performance, multi-language, and well-defined contracts.
Hessian: Binary; good Java support; moderate cross-language. Used by Dubbo by default.
Kryo: High performance, small size; mainly Java; limited cross-language. Suited for Java-only, maximum performance.
Selection: Cross-language and contract-first → Protobuf/JSON. Java-only and performance-first → Kryo/Hessian. Readability and debugging → JSON.

Example

Example 1: Size and performance (qualitative)

Format	Size	Speed	Cross-language	Schema
JSON	Large	Slow	Good	No
Protobuf	Small	Fast	Good	Yes
Hessian	Medium	Medium	Moderate	No
Kryo	Small	Fast	Poor	No

Example 2: Version compatibility

Protobuf: Fields have numbers; adding optional or deprecating fields is compatible if you follow evolution rules.
JSON: Adding or removing fields is flexible; weak typing can cause client misinterpretation.
Kryo: Sensitive to class structure changes; field add/remove may break deserialization; upgrade with care.

Example 3: Dubbo configuration

XML
<dubbo:protocol name="dubbo" serialization="hessian2"/>
<!-- Or fastjson, kryo, protobuf -->

Example 4: Security

Deserialization can execute arbitrary code (e.g. Java native serialization). Use safe implementations and avoid deserializing untrusted data.

Core Mechanism / Behavior

Binary vs text: Binary formats (Protobuf, Hessian, Kryo) are smaller and faster; JSON is human-readable and widely supported.
Schema: Protobuf uses a schema for evolution and validation; schema-less formats (JSON, Hessian, Kryo) rely on conventions or code.

Key Rules

Cross-language and long-term evolution → Protobuf. Java-only and performance → Kryo or Hessian. External APIs and debugging → JSON.
Serialization changes are compatibility concerns; support multiple versions or gradual rollout during upgrades.
Security: Avoid deserializing untrusted data; use secure implementations.

What's Next

See Service Versioning and RPC Fundamentals. Kafka and RocketMQ also involve serialization choices.