Hi,
I guess you could say that wolfSSL “silently” have released a fork of WireGuard that can potentially utilize hardware crypto (accleration) which should be faster at the expensive of a different philosophy.
Out of curiosity, has anyone looked into WolfGuard and how it performs compared to WireGuard?
Upstream hasn't published anything meaningful, so why swap? 
While you won't see dedicated chacha-poly hardware acceleration, Intel/AMD AVX and Arm SVE do optimise throughput.
The upcoming socs based on 4 x A73 Arm cores have no problem doing 2 Gb/s WireGuard throughput and more if you enable hardware acceleration which frees the CPU to do WireGuard.
So the need to make a WG implementation based on AES because of better throughput is diminishing.
I don't disagree in principal but until there are verifiable benchmarks comparing wg to this fork, any gains remain theoretical.
But it might be interesting on hardware that’s still very capable but isn’t latest and greatest such as the dual core Filogic platforms etc.
I just fundamentally have a problem with changing the crypto primitives. I guess it depends on what kind of data you’re sending and how fat the pipe is.
From the usability point of view, I'd be mostly worried about the ABI side of it and stable bugfixes within a stable version. Using wolfssl in a stable release didn't work out all that well, when it was attempted (yes, both parties share some blame here, the release processes just don't align, but it didn't work out for OpenWrt).