Bun's startup time is already fast, but a serverless platform still pays a cold-start tax on the first request after idle, exactly when a provider's webhook retry can least afford it. On a DenkOps slot the Hono app is already running, so Bun's speed advantage compounds with zero cold start instead of being reset every time traffic goes quiet.
import { Hono } from "hono";
const app = new Hono();
app.post("/hook", async (c) => {
const raw = await c.req.text();
const sig = c.req.header("x-signature") ?? "";
const expected = await crypto.subtle.digest("SHA-256", new TextEncoder().encode(raw + Bun.env.WEBHOOK_SECRET));
// compare expected to sig ...
return c.json({ ok: true });
});
export default { port: 3000, fetch: app.fetch };Deploy it: install the plugin, say "deploy on DenkOps", and get a live SSL URL.
Start on DenkOps →No. The Bun process behind Hono stays resident in your slot, so incoming webhook calls are answered immediately, even after long idle periods.
Yes, c.req.text() gives you the untouched body before any parsing, which is exactly what HMAC signature verification needs.