v2.5 | Types, Bridge v2, Maid, Debounce Read the journey to get here ↗

The complete networking
stack for Roblox

Every direction covered | client requests in, server push out, real-time binary channels, and outbound HTTP to external APIs. Every layer built in | routing, rate limiting, exploit detection, compression, and automatic retry. No other Roblox library does all of this.

Read the docs → Get on Roblox
GET / POST / PUT / DELETE Deflate compression Middleware pipeline Automatic retry Wally support 15 modules MIT licensed
15
modules
~1800
lines of source
5 yr
in development
MIT
free forever

Less boilerplate. More structure.

Typed routes, middleware guards, and reliable push | wired up in the same lines it used to take just to create a RemoteEvent.
ServerScriptService / Server.luau
local RoExpress = require(game.ReplicatedStorage.RoExpress)
local app       = RoExpress("App")

-- typed route params, auto-converted on arrival
app:Get("player/:userId=number", function(req, res)
    res:Send(PlayerData[req.params.userId])
end)

-- middleware | return false to reject with 403
app:Use("auth", function(Player, Payload)
    if BanList[Player.UserId] then return false end
end)

-- reliable server push | same remote, zero extra setup
app:PushAll("round.start", { duration = 120 })

-- Deflate compression opt-in per route (v2.4)
app:Get("leaderboard", handler, { compress = true })

Why should I use RoExpress?

Fifteen modules, every networking layer covered. Use one or all fifteen | each does one job and stays out of your way.

App server

Express-style route handler. GET / POST / PUT / DELETE, typed params, wildcards, middleware, and server push on one RemoteEvent.

Network + Listener client

Client-side request with callbacks and query strings. Listener subscribes to push events and broadcasts | zero boilerplate.

Stream v2.4

Schema-defined typed channels. One packed buffer, one FireAllClients per tick. Built-in lag compensation via position history rewind.

Codec shared

Deflate compression (LZ77 + Huffman) for route payloads. Opt-in per route with { compress = true } | no API change for callers.

Tamper server

Automatic strike tracking on malformed requests. Manual strikes from your handlers. Kick on configurable threshold.

TokenBucket server

RFC 2697 token bucket per player. Handles legitimate bursts, catches sustained exploit fire. Grant tokens as a gameplay reward.

Bridge server

Named internal event bus for server modules. Decouples your controllers and services | no circular requires.

Broadcast server

Unreliable UnreliableRemoteEvent channel with per-event and per-player rate limiting. For HUD pings, position hints, and ticks.

Ports isolation

Isolated App instances each on their own RemoteEvent. Separate rate limiting, middleware, and push channels per system.

RTTP outbound

Server-to-external HTTP client. Set a base URL and headers once | GET, POST, PUT, DELETE with automatic retry and a chainable Promise API.

Hook inbound

Priority-ordered event dispatcher for every Roblox built-in signal plus a custom event bus. Multiple systems can subscribe to the same event and run in a guaranteed order — no more arbitrary connection ordering.

Cross cross-server

Cross-server messaging and shared state in one module. Publish and subscribe to real-time events across every server in your game via MessagingService.

Debounce utility

Cooldown wrappers for functions. Two variants: a global cooldown for a single shared timer, and a per-key cooldown where each unique key (typically a player) has its own independent timer.

Maid utility

Lifecycle cleanup utility. Track connections, threads, instances, and teardown functions — then clean them all up at once. Works with any object that has a natural teardown.

Benchmark analysis

Performance testing and benchmarking tools. Measure and compare the performance of different parts of your game or application.

How it compares.

The only Roblox library that covers every layer | routing, security, streaming, compression, and outbound HTTP in one place.
Feature RoExpress BridgeNet2 ByteNet Zap QuickNet Warp
HTTP-style routing
Middleware
Rate Limiting
Server push (reliable)
Deflate compression
Lag compensation
Exploit detection
Automatic retry
Outbound HTTP client ✓ RTTP
Tick-rate channel sync ✓ Stream
Binary serialization ✓ Codec
Code generation

From the blog.

Design notes, release breakdowns, and guides | written alongside the code.
Release June 2026

What's new in v2.5 | Types, Bridge v2, Maid, Debounce

Fully typed RoExpress("App") call form with autocomplete, Bridge renamed to On/Once/Emit with connection objects, plus new Maid and Debounce utilities.

Read the changelog →
Devlog Design notes

Why RoExpress uses a single RemoteEvent

Every non-obvious decision behind the framework | single remote, token bucket, HTTP verbs, and why middleware returns false instead of nil.

Read the design notes →
Guide Patterns

Route-scoped middleware: auth guards without boilerplate

How to lock down admin routes, log analytics, and validate payloads in a few lines | without repeating yourself in every handler.

Read the guide →

Start in five minutes.

Free on the Roblox Creator Store. MIT licensed. No strings.

Get on Roblox Creator Store Read the docs