np, the Ed25519 curve analysis so far puts the EC vs RSA technology in salt at several hundred times speed improvements (sign 160,000 keys per second as opposed to just around 100 with RSA 4096.). RSA is being caught up by maths quickly these days, discreet maths is a fast moving field.
AES ctr (authenticated) is also included. Salsa is considerably faster though, even Nacl implementation of AES128 ctr is around twice the speed of cryptopp in this case (see SUPERCOP benchmarks for much of this).
CPU’s handle AES ni and SHA256 (not 512) hashing very quickly these days. Many of the libs make use of this, but timing attacks etc. mean some libs will actually implement constant time primitives to avoid side attacks. It’s an enormous area that I think even a career in will not avoid error. At least Nacl has a decent vision, to make it hard to get wrong and that seems to work quite nicely.
In terms of hash, then it’s not encryption but always gets lumped in there for some reason (it’s very handy). SHA II hashes are pretty simple and generally implemented via dictionaries. SHA III or even blake II is probably a bettter choice in the very near future. So SHA256 may be fast in cpu’s but is getting old now (extension attacks, lack of sponginess etc.)
These days crypto is such a vital area we need all the expertise we can and the reason for Nacl is to improve upon that. IT’s still being tested by us though.
Motivation - speed, efficiency and allow farming on much smaller devices