1. C1: System Context Design

1.1. Overview

System design is a series of decisions optimising for:

Profit: Functionality, Scalability, Speed
Loss: Security, Robustness, Observability, Cost

[Functionality] Does the system work?
[Compliance] Is the system compliant?
[Security] Is the system secure?
[Robustness] How does the system handle failures?
[Scalability] Does the system scale?
[Speed] What are the bottlenecks?
[Observabilty] Is the system observable?
[Cost] Is there anything we can simplify do decrease cost?

1.2. Functionality

1.2.1. Types of Development

Web
- Frontend
- Backend
Mobile
Game
Desktop
Embedded
DevOps
Data
ML / AI
Security

1.2.2. CAP Theorem

Characteristic	Description	Use Case
Consistency	All nodes in the system see the same data at the same time	Usually preferred for financial systems
Availability	System remains operational even if some nodes fail	Usually preferred for social media / streaming apps
Partition Tolerance	System remains operational even if network communication with some nodes fail	Non-optional because networks are not reliable, so the tradeoff is usually between C and A.

1.2.3. Duplexity: Initiation of communication + Sending of data + Concurrency

Duplexity	Who can initiate communication?	Who can send data?	Can both send at the same time?	Example	Use Case
Simplex	One side only	One side only	N/A	Webhooks	Event notifications
Half-duplex	Typically one side at a time (often client-first)	Both sides	No	HTTP	APIs
Full-duplex	Both sides	Both sides	Yes	WebSocket	Chat, collaboration

1.2.4. Message Distribution / Fanout Patterns

Key question: For one event,

who should receive it,
- this determines fanout appraoch
how many recipients at peak
- if >1000, avoid broadcast and look into group fanout strategies

Fanout Patterns	Description	Use Case	Typical Implementation
1:1 (simple fanout/targeted routing)	One sender → one recipient	Notifications, replies	Connection registry + routing
1:many (group/complex)	One sender → defined subset	Chat rooms, teams	Group registry or pub/sub topics
1:all (simple fanout/broadcast)	One sender → everyone	Live feeds, system events	Pub/sub broadcast

Group Fanout Patterns	Description	Example KV Shape	Use Case	Typical Implementation	Registry Shape
Conditional	Send to subset matching a condition	All users with role=admin	Admin alerts	Attribute filters	attr → [connectionId]
Hierarchical	Topics arranged in a tree	region.eu.fr.paris	Geo updates	Topic hierarchy	topicPath → [connectionId]
Partitioned	Split audience for scale/performance	Shard users across partitions	Massive scale	Hashing / partitions	shardId → [connectionId]

Fanout Implementation	Advantages	Disadvantages	Use Case
In-memory	Fast, simple	Single node only	MVPs, single-node WS
Registry	Scales, targeted delivery	Registry complexity	Chat, notifications
Pubsub Broker	Massive fanout, decoupled	Wasteful for 1:1, infra cost	Feeds, live updates

1.3. Compliance

1.3.1. MIFID

Markets in Financial Instruments Directive (MIFID) is a EU compliance standard for financial systems

Key Requirements:

Be synchronised to UTC
Stay within strict accuracy limits (e.g. milliseconds or microseconds depending on system)

Common implementations: NTP = Network Time Protocol

It keeps a machine’s clock accurate and synced with official time servers
Prevents clock drift (when a system slowly becomes a few seconds/minutes off)
Used everywhere in infrastructure (servers, containers, databases)

1.3.2. PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a security compliance standard governed by major card brands (Visa, Mastercard, Amex) relevant to credit/debit card data

Prefer using payment providers (e.g. Stripe) to avoid handling card data
If unavoidable:
1. Never store sensitive authentication data (CVV, PIN, track data)
2. Isolate the Card Data Environment (CDE) via network segmentation
3. Encrypt cardholder data in transit and at rest
4. Strict access control + audit logging for in-scope systems

1.4. Security

1.5. Robustness

1.6. Scalability

1.7. Speed

1.8. Observabilty

1.9. Cost

1.9.1. Infrastructure as a Service (IaaS) vs Platform as a Service (PaaS)

Approach	Use Case	Adv.	Disadv.
IaaS	Large-scale / custom apps	Flexibility, Pay-as-you-go	Setup & maintenance, steeper learning curve
PaaS	MVPs	Faster dev + CI/CD + easy deployment & scaling + security out of the box	Vendor lock-in, less flexibility

1.9.2. Tenancy

A tenant is a customer/organisation space with its own users, data, config

	Single-tenant	Multi-tenant
Definition	One tenant per isolated stack	Multiple tenants per stack
Isolation	Strong	Weak
Per-tenant customisation	Easy	Harder
OpEx	Higher	Lower
Scale	Worse (under-utilised)	Better (pooling)
Compliance / Data residency	Easier	Harder (needs partitioning)
Onboarding Speed	Slower	Faster

2. C2: Container Design

2.1. Functionality

2.1.1. Typical Cloud Infrastructure

Layer	Component	Description	Use Case	E.g.
Edge	DNS	Resolves domain name		AWS Route53, GCP DNS

Gateway	Gateway	Routing to different services, security	Typically used to route to serverless, not usually needed for servers + ALB	AWS API Gateway
		Protocol Translation (HTTP to gRPC, REST to GraphQL)

Compute	Servers	Physical servers (bare metal)	Ultra-low latency, specialized hardware (GPU/FPGA), compliance, predictable performance	AWS Bare Metal (EC2 metal), on-prem
	VMs	Long-running VM that provides environment configuration	Steady high throughput, long-lived connections, heavy local state, custom networking, predictable workloads, higher memory/CPU/GPU, strict latency floors	AWS EC2
	Serverless (Container Runtimes)	Fully managed container environments	Long-running microservices, multi-language, complex dependencies	AWS Fargate
	Serverless Functions	Event-driven functions	Spiky demand, MVP: Pay-per-use makes it more suitable, short, event-driven logic	AWS Lambdas

Relational Data Store	Relational DBs		Scale-up: Easier to manage schema as compared to Document DBs	AWS RDS, AWS Aurora (Serverless RDS)
Not Only Relational Data Store	Document DBs		MVP: Pay-per-use	DynamoDB
	KV DBs / Caches			AWS ElastiCache (Redis)
Object Data Store	Object Storage		Storing large immutable objects	AWS S3
File Data Store	File Storage		Share mutable files within private network	AWS EFS
	DSQL	Distributed SQL Query Engine	Query large-scale data across object storage/ data lake with SQL	AWS Athena
	Data Lake	Centralised storage for raw data	analytics, ML workloads, batch processing	AWS Lake Formation, Iceberg on S3

Messaging	PubSub Broker	Fanout messages to subscribers	Live updates, events	SNS, Redis PubSub
	Message Broker / Message Queue	One message → one consumer	Async jobs, retries	SQS, RabbitMQ
	Stream / Event Queue	Durable ordered event log	Event sourcing, analytics	Kafka, Kinesis

Integrations	Email Delivery (ESP)	Sends emails via API/SMTP	Password resets/receipts, notifications	AWS SES, SendGrid, Mailgun, Postmark

2.1.2. Options for storing data

Storage = Abstraction + Deployment

Storage Abstraction	Stores data as	Data is organised by	Partial updates
Block	Fixed-size blocks (address + bits)	Application / file system	Yes (block-level)
File	Files (path + blob + metadata)	File system	Yes
Object	Objects (key + blob + metadata)	Object storage system	No (rewrite required)

Deployment	Storage Abstraction	E.g.	Adv (vs others at same level)	Disadv (vs others at same level)	Use Case
Local	Block Storage	??	Lowest latency, full control	High complexity	I am building a DB or FS
Local	File System	ext4, APFS, NTFS	No implementation needed, mutability	Less control than block
Local	Object Storage	MinIO local		No partial updates, higher overhead

2.1.3. Options for structuring data

Paradigm	Examples	Use Case	Adv	Disadv
SQL	PostgreSQL, MySQL, MSSQL	Structured relationships + strong consistency e.g. financial data	Powerful Querying + ACID	Slower writes due to B-Trees, slower reads/writes due to stronger consistency/locks,
Key-Value	RocksDB, DynamoDB, Cassandra	High-throughput writes, caching	Extremely fast writes + BASE	Slower writes due to LSMT
Document	MongoDB, Firestore	Semi-structured JSON-like data, e.g. mobile/web apps	Flexible schema + BASE	Slower writes due to LSMT
Columnar	Cassandra	Time series data, e.g. analytics, event logging	Fast on columnar queries, aggregations	Slower writes due to LSMT
Graph	Neo4j	Social graphs, recommendation engines	Optimised for graph traversal and relationship modeling	Limited for heavy aggregations
TypeDB		Complex knowledge graphs, strongly typed and structured relationships		Small eco system

2.1.4. File Transfer Options

Approach	Adv	Disadv	Typical Use Case
Direct Host-to-Host (SSH over TCP)	Simple setup, built into most servers, strong authentication, good CLI tooling	Slight protocol overhead, less optimized for massive distribution	Dev → server transfers, admin workflows, secure server-to-server transfers
Client-server based (TCP with TLS)	Internet-standard security model, firewall-friendly, highly scalable infrastructure	More setup (certificates, servers), less integrated with shell workflows	Cloud uploads/downloads, APIs, large-scale file distribution
Peer-to-Peer	Parallel downloads from many peers, scales with number of participants	More complex coordination, uncommon for private 1-to-1 transfers	Large-scale distributed file sharing

H2H Protocol	Transport	Resume Support	Adv	Disadv	Typical Use Case
SFTP	SSH over TCP	Requires setup	Simple setup, single port, strong authentication model	Slight protocol overhead	Secure server-to-server or dev-to-server transfers
SCP	SSH over TCP	No	Very simple, minimal setup	No resume support, limited features	Quick ad-hoc file copy
rsync (over SSH)	SSH over TCP	Built-in	Efficient delta transfer, resume support	Slightly more complex usage	Large file sync, repeated transfers

Client-server Protocol	Transport	Resume Support	Adv	Disadv	Typical Use Case
FTP / FTPS	TCP / with TLS	Requires setup	Widely supported, simple client/server model	Legacy design, complex firewall/NAT handling	Legacy enterprise integrations
HTTP / HTTPS	TCP / with TLS	Requires setup	Firewall-friendly, scalable, cloud-native	Stateless, whole-object transfers	Cloud uploads/downloads (e.g. object storage)

P2P Protocol	Transport	Resume Support	Adv	Disadv	Typical Use Case
BitTorrent	TCP / µTP over UDP	Built-in	Parallel P2P transfer, scales with peers	More complex setup, uncommon for private transfers	Large-scale distributed file sharing

2.1.5. Operating Systems

Stack Size
- Linux: 8MB
- macOS: 8MB
- Windows: 1MB

2.1.6. Transport Models

Model
TCP
UDP
Quick UDP Internet Connections (QUIC)

2.1.7. API Architectural Styles

What API architectural style is optimal for functionality (speed) and cost (DevX, maintenance, opex)?

Style	Description	Use Case	Adv	Disadv
REST	Perform HTTP verbs on resources. Entity based, e.g. POST /users	Most common	Universally understood + docgen tools e.g. Swagger, OpenAPI	Slowest - One request for each entity unlike GraphQL + less space efficient than RPC
GraphQL	Query or mutate entities. Entity based, e.g. mutation CreateUser() {...}	APIs for FE	Faster - One request for multiple entities	More setup e.g. defining the schema, resolvers + less standardised docgen e.g. GraphiQL
RPC	Call functions remotely. Action based, e.g. await client.createUser()	Internal APIs	Fastest and most space efficient because it uses binary instead of text payloads	Only for internal use, requires HTTP2^
tRPC	Type-safe RPC framework that auto-generates client and server	Typescript Apps	Can run on HTTP1 because of text payload	Tied to Typescript ecosystem + limited language interoperability + difficult to debug

2.1.8. Transport Protocols

What transport protocol is optimal for functionality (user experience) and cost (DevX, maintenance, opex)?

Transport Protocols	Adv	Disadv	Use Case
HTTP
gRPC
WS

What common combinations are there?

Edge	Core	Use Case
HTTP	HTTP	Traditional API
WS	HTTP
WS	RPC
WS	MQTT
MQTT	MQTT

2.1.9. Scheduler

Scheduler

Does
- Assign task to node
Does not
- Start or manage the workload

Orchestrator

Does
- Scheduler
- Provisioning and starting workloads on nodes
- Scaling workloads up/down based on demand
- Health monitoring and self-healing
- Rolling updates and rollback management
- Managing networking, storage and service discovery

2.1.10. WebRTC

If asked: “How would you design WhatsApp voice calls?”

Signaling: WebSockets (or SIP for enterprise VoIP).
Transport: RTP/SRTP for media.
NAT traversal: STUN + TURN fallback.
Encryption: SRTP end-to-end.
QoS handling: Adaptive bitrate, jitter buffer.

If asked: “How does WebRTC work?”

WebRTC = framework, uses:
Signaling (custom, often WebSocket)
RTP/SRTP for audio/video streams
STUN/TURN for NAT traversal
DTLS/SRTP for security
Adaptive bitrate + codec negotiation.

2.1.11. Websockets

2.1.11.1. Single-Node

At high level design, a single-node WebSocket system can often handle up to ~10k concurrent connections, but to maintain a margin of safety, it’s reasonable to start thinking about distributed WebSocket systems above ~1k connections. At that point, distributed systems also bring benefits like better fault tolerance and operational robustness. When calculating costs

At a lower level, websocket soak test tools can be used to validate these assumptions by observing system behaviour over time (CPU/memory usage, message latency, connection health (success/lifetime/dropped), network egress), identifying which part of the system becomes a bottleneck and needs to be scaled. The goal at this stage is typically to meet some kind of SLO, e.g.:

99.9% of WebSocket messages delivered within 200ms
99% of API requests complete under 500ms
< 0.1% connection drops per hour

2.1.12. Pubsub

What types of pubsub brokers are there?

Pub/Sub Message Delivery Characteristic	Description	Advantages	Disadvantages	Typical Use Case
At-most-once	Message is delivered zero or one time; no retries	Very low latency; simple; minimal overhead	Messages can be lost silently	Metrics, logs, realtime notifications where loss is acceptable
At-least-once	Message is delivered one or more times; retries on failure	Higher reliability; simple retry model	Duplicate messages; consumers must be idempotent	Event propagation, cache invalidation, background jobs
Exactly-once (logical)	System ensures message effects occur exactly once (often via deduplication)	Strong correctness guarantees	High complexity; coordination overhead	Financial transactions, billing, inventory updates
Best-effort broadcast	Message is pushed to all subscribers with no persistence	Extremely fast; simple fan-out	No durability; subscribers must be online	Realtime websocket fan-out, multiplayer state updates
Durable pub/sub	Messages are persisted until acknowledged by subscribers	Survives subscriber crashes	Higher latency; storage cost	Critical event distribution, audit logs

2.2. Compliance

2.3. Security

2.3.1. Auth

The process of designing an auth system involves two categories,

Authentication
Authorisation

and four key questions:

What type of token do we want to use / Where is auth state stored?
Who issues the token?
Who validates the token?
How do we want to maintain auth state over time?

2.3.1.1. What type of token do we want to use / Where is auth state stored?

Auth Token Types	Auth state stored in	Example Payload	Adv	Disadv	Use Case
Opaque	Server-side	`<hash>`	No data exposure + Small + easy revocation	Requires lookup	High security systems, traditional web apps, centralised auth
Self-contained (e.g. JWT)	Token (Client-side)	Encoded: `<header hash>.<payload hash>.<signature hash>` -> Decoded: `{ sub: ..., iss: ..., exp: ... }`	No lookup	Harder to revoke + readable claims	APIs + microservices (e.g. Cognito, Entra)

Opaque Token Subtypes	Description	Example	Data stored in	Adv	Disadv	Use Case
Session	Token represents a server-side session storing user identity/state	Cookie: `session_id=abc123` -> App Server -> Data Store: `abc123 : {user_id: ...}`	Application service	Simple + easy revocation	Tied to one app	monoliths, SSR
Reference	Token is a pointer to auth data stored in auth server (introspection required)	Cookie: `reference_token=<hash>` -> App Server -> Auth Server	Authentication service	Centralised control + Works across services	Network call	OAuth, APIs, microservices

Self-contained Token Subtypes	Description	Example Payload	Data stored in	Adv	Disadv	Use Case	Example
Fat	identity + full authorisation data	`{ sub: ..., roles: ..., groups: ..., permissions: ..., resources: ... }`	JWT	Stateless + No network calls	Large tokens + Hard to revoke/update	Stable permissions, high-scale microservices	Azure EntraID
Thin	identity only	`{ sub: ... }`	Data store	Small tokens + Always up-to-date	Additional network call	Hierarchical access control, sensitive systems, frequently changing permissions	Custom BE auth
Hybrid	identity + coarse permissions, fine-grained resolved via BE	`{ sub: ..., roles: ..., scopes:... }`	Both	Best of both	More complex logic	Most modern APIs	Cognito

JWT Encryption Approach	Description	Adv	Disadv	Use Case
Unencrypted (JWS)	Signed token, payload is readable (encoded, not encrypted)	simple + fast + widely supported	visible info	default
Encrypted (JWE)	Token payload is encrypted (not readable without key)	hides claims	slower	sensitive info in token

2.3.1.2. Who issues the token to the client?

Who handles login and issues token	Example	Adv	Disadv	Use Case
API Gateway	AWS API Gateway + JWT/Cognito/Lambda Authoriser	Offload authn from BE + fast	Limited flexibility	Simple serverless setup
Application Server	Custom login endpoint	Full control	Reinventing the wheel + load on BE	Small systems, complex authn
Auth Server	Cognito, Entra, Auth0	Managed auth	External dep	Best practice

2.3.1.3. Who validates the client's token?

Who validates token before request proceeds	Example	Adv	Disadv	Use Case
CDN / Edge		Lower latency, offloads traffic from downstream, cache authenticated responses	Complex cache invalidation, limited auth logic	Global low-latency requirements, e.g. public content with lightweight auth
API Gateway	AWS API Gateway + JWT/Cognito/Lambda Authoriser	Offload authn from BE + fast	Limited flexibility	serverless / modern APIs / coarse grained auth
Load Balancer		Centralised	Limited to basic checks (signature, expiration)	Basic authentication before API Gateway / compute
Application Server	Middleware	Full control	higher latency + Reinventing the wheel + load on BE	Custom authn
Auth Server	OAuth /introspect	Immediate revocation	network call	Banking systems, enterprise APIs, zero-trust environments, Fine grained auth / resource-level gating

2.3.1.4. How do we want to maintain auth state over time?

Refresh Strategy	Description	Authorisation Token Lifetime	Adv	Disadv	Use Case
No Refresh Token	User re-authenticates after expiry	Short	Simple	Poor UX	Highly secure systems / short-lived tools
Refresh Token (Opaque)	Long-lived refresh token is used to obtain a new authz token on expiry	Short	Better UX	Refresh token is high-value target	SPAs / mobile apps / modern APIs
Sliding Session	Session expiry extended on each request	Medium	Best UX	Harder to control expiry	Server-rendered apps / monoliths
Silent Re-auth (OIDC)	Client re-authenticates via IdP session	Short	No refresh token in client	Complex, depends on IdP	Enterprise SSO, IdP-managed sessions

2.3.1.5. Auth Implementations

2.3.1.5.1. What common combinations of authn/authz/refresh strategies are there?

Pattern	Access Token	Refresh Token	Auth Data	AuthZ Data	Validation	Use Case
Classic Session	Opaque (session ID)	None	Session store	Session store	Backend	Monoliths, SSR
OAuth (Opaque)	Opaque	Opaque	Auth server	Auth server	Introspection	High security APIs
JWT + Refresh	JWT (short-lived)	Opaque	JWT (`sub`)	JWT or backend	Gateway/API	Modern SPAs
Thin JWT	JWT (identity only)	Opaque	JWT	Backend	Lambda/backend	Complex permissions
Hybrid JWT	JWT (roles/scopes)	Opaque	JWT	JWT + backend	Gateway + backend	Most modern systems
Fat JWT	JWT (full permissions)	Optional	JWT	JWT	Gateway/API	Stable permissions

2.3.1.5.2. Which AWS API Gateway Authoriser should we use?

AWS API Gateway Authoriser Type	Description	Adv	Disadv	Use Case
JWT Authoriser	Validates JWT locally within API Gateway using signature and claims (`iss`, `aud`, `exp`)	fastest (no network call)	No custom logic + limited to JWT contents	Simple APIs, coarse-grained auth (roles/scopes in JWT)
Cognito Authoriser	JWT validation within API Gateway, tightly integrated with Cognito User Pools	fast + managed auth	no custom logic, limited to Cognito JWT contents	Apps using Cognito (SPAs, mobile apps, standard OAuth/OIDC flows)
Lambda Authoriser	Custom Lambda function invoked by API Gateway to evaluate request and return allow/deny policy	full flexibility (token type, logic etc.)	slowest (network + compute) + most complex	Thin tokens, hierarchical access, dynamic permissions, custom auth

2.3.2. Typical Cloud Infrastructure

Layer	Component	Description	Use Case	E.g.
Edge	DNS	Resolves domain name		AWS Route53, GCP DNS
	WAF / DDoS Protection	Protect from malicious acts		AWS WAF
	Edge Gateway	Routing/security/transform at the edge	API gateway-lite, auth, rate limiting, header rewrites	AWS API Gateway + Lambdas, Cloudflare Workers as gateway

Gateway	Gateway	Routing to different services, security	Typically used to route to serverless, not usually needed for servers + ALB	AWS API Gateway

Compute	Servers	Physical servers (bare metal)	Ultra-low latency, specialized hardware (GPU/FPGA), compliance, predictable performance	AWS Bare Metal (EC2 metal), on-prem
	VMs	Long-running VM that provides environment configuration	Steady high throughput, long-lived connections, heavy local state, custom networking, predictable workloads, higher memory/CPU/GPU, strict latency floors	AWS EC2
	Serverless (Container Runtimes)	Fully managed container environments	Long-running microservices, multi-language, complex dependencies	AWS Fargate
	Serverless Functions	Event-driven functions	Spiky demand, MVP: Pay-per-use makes it more suitable, short, event-driven logic	AWS Lambdas

Load Balancing	Gateway Load Balancer (GWLB)	Distributes traffic to third party security/network applicances using TCP/UDP info		AWS GWLB

Networking	VPC	Isolated virtual network for cloud resources	Define public/private subnets, control routing, isolation, multi-tier deployments	AWS VPC
	Subnets	Segments inside a VPC	Controls traffic flow and exposure of resources (e.g. public ALB, private DB)	AWS Subnets
	Security Groups	Virtual firewalls attached to resources	Control traffic at instance/service level	AWS Security Groups

2.3.3. Virtual Private Clouds (VPCs)

2.3.3.1. Connections

Connection Type	Description	Adv	Disadv	Use Case
VPC Endpoint	Privately connect VPC to AWS Services without traversing internet	Lower latency, higher security, lower data transfer costs

2.3.3.2. Subnets

Subnet Type	Description	Adv	Disadv	Use Case
Public	Has a route to an Internet Gateway (IGW)	Simpler setup + troubleshooting	Less safe	Load balancers, bastion hosts, public APIs
Private	Has no direct route to IGW. Outbound internet goes via NAT Gateway / egress-only IGW / VPN Direct Connect	Safer	Higher cost (Needs NAT + proxy, tricker troubleshooting)	Databases, app servers, microservices, caches/queues, internal ALB/NLB targets, analytics workers

VPC Endpoint Type	Description	Adv	Disadv	Use Case
Interface	Creates an Elastic Network Interface (ENI) in your subnet with a private IP			SSM, Secrets Manager, CloudWatch
Gateway	Route table entries that direct traffic to S3 / DynamoDB

Port Forwarding: Forwarding of information from a router's port to a port on a device on its subnet

Tailscale Protocol: Connecting directly to a device's port when it is already on a subnet

2.3.4. Firewalls

Type	E.g.	Layer	Found In	Checks	Use Case
Web-Application (WAF)	AWS WAF	Application	CDNs, gateways, load balancer	Examines HTTP payload for attack detection	Web app / API protection against SQLi, XSS, bots, malicious patterns
Proxy	Nginx reverse proxy	Application	Proxy servers, gateways	Examines payload for access control and anonimisation

Packet Filtering	iptables (basic rules)	Network & Transport	Routers	Examines packets based on source/destination IP, port, protocol	Simple allow/deny rules, port blocking
Host-Based	Windows Firewall, iptables	Network & Transport	Individual servers / VMs	Examines traffic per host	Protects single servers, last line of defense

2.4. Robustness

If asked: “How does VoLTE differ from WhatsApp?” • VoLTE → Managed SIP + RTP inside carrier network, guaranteed QoS, low jitter. • WhatsApp → WebRTC over the public Internet, no QoS guarantees.

2.4.1. Typical Cloud Infrastructure

Layer	Component	Description	Use Case	E.g.

2.4.2. How do we ensure reliable message processing and delivery over time?

Strategy	Description	Advantages	Disadvantages	Typical Use Case
Queue / Stream keyed by client	Messages placed in per-client or keyed queue, instance owning WS consumes and delivers	Durable, pull-based backpressure, supports retries/replays/offline delivery (because messages stay in log while client is offline)	Higher latency enqueueing/dequeueing than simple push with pubsub, ownership/rebalancing complexity, not true push (message is delivered when consumer polls, not at production time)	Systems needing durability, offline delivery, or replay
Client pull / reconnect catch-up	Client fetches pending messages from shared store on poll or reconnect	Extremely resilient; minimal server coupling	Higher latency; weaker real-time guarantees	Notifications, feeds, async workflows

2.4.3. Websockets

Connection Type	Timeout
Client x API Gateway Websocket Connection	2hrs
API Gateway x Lambda Integration	29s

WebSocket Issues	Scenario	Mitigation
Reconnect Storms		Backoff + jitter in the client
Gateway crash		Client reconnect typically handled by client ws library
Stale connection registry		TTL + Heartbeat allows stale data to be cleared from the registry
Message loss
Memory leaks
Slow clients

2.4.4. Caching

Cache Stampede Management Strategies	Description	Adv.	Disadv.	Use Case
Warmup
Prefill

2.4.5. Distributed Websockets

2.4.5.1. Issues and Mitigations

Issue	Scenario	Mitigation
Reconnect storms	Many clients reconnect after outage	Exponential backoff + jitter
Gateway crash	All connections on node drop	Client reconnect + registry TTL
Stale registry	Registry points to dead gateway	Heartbeats + expiry
Message duplication	Retries cause duplicates	Idempotency
Backpressure	Gateways send messages faster than client can read, causing buffers/memory to explode	Stop sending temporarily / drop messages / disconnect clients
Connection exhaustion	Too many open sockets	Connection limits
Message loss	Crash during send	ACKs, retries, durable queues

2.4.6. Adaptive Performance Strategies

Strategy	Description	Layer	Use Cases
Jitter Buffer	Temporary storage in receiver's app that smooths out variations in packet arrival times before playback	Application	Jitter
Bitrate	Bitrate Reduction + ...
Bitrate Reduction	Reducing the encoding and sending of data	Application	Packet Loss

2.5. Scalability

2.5.1. Overview

Type	Principle	Use Case	Adv	Disadv
Vertical	Upgrading CPU/RAM/Storage	Small to medium apps, monolithic systems, startups	No code change + lower latency	Limited by hardware ceilings + expensive at scale + SPOF
Horizontal	Adding more servers	Distributed systems	Fault tolerance via redundancy + Infinite scalability	Network latency + Higher complexity

Types of horizontal scaling:

Database Horizontal Scaling
Compute Horizontal Scaling

Database Horizontal Scaling, i.e. sharding

Type	Principle	Use Case	Adv	Disadv
Directory/Lookup-based	Shard where data belongs depends on manually maintained directory	Frequently changing shards / manual control	Easy to add / remove shards	Directory is a SPOF, lookup adds latency
Range-based	Shard where data belongs depends on which contiguous key ranges (e.g. A-F, G-L, ...)	Time-series data, ordered data, range queries	Efficient for range queries + simple to implement	Data skew possible, hotspots risk
Hash-based	Shard where data belongs depends on hash of key	High-write, evenly distributed workloads	Good load balancing, no need to manage ranges	Range queries inefficient, rebalancing expensive

Compute Horizontal Scaling

Type	Principle	Use Case	Adv	Disadv
Centralised Load Balancing / Orchestrator-based Scheduling	Requests are routed based on a load balancer or scheduler	Workloads are heterogeneous, resource usage unpredicatable, fine-grained control over task placement	Assign request based on compute needs + Easy to add/remove nodes + Supports complex scheduling policies	Orchestrator / scheduler is SPOF + can be bottleneck
Static Partitioning	Requests are routed based on predefined ranges or affinity rules, e.g. ID range, location	Tasks are grouped logically	Low latency as no lookup is needed	Hotspots + manual rebalancing + difficult to add/remove nodes
Consistent Hashing	Requests are routed based on hash of request key	Stateless workloads, e.g. microservices, serverless, API gateways	Automatic load balancing + no load balancing	Range based tasks difficult + rebalancing required when nodes are added/removed

2.5.2. Rules of Thumb

Scaling Best Practices	Description	Reason
Stateless Compute	Keep biz logic compute stateless	Any instance can serve any request, add more instances to scale, replace instance in failure, easy load balancing
WS on the edge, HTTP/RPC at the core		HTTP/RPC are stateless, i.e. providing easier retries + load balancing + observability + timeouts
Idempotency	Repeating an operation has the same effect as doing it once
Pull-based backpressure is typically more forgiving than push-based

2.5.3. Typical Cloud Infrastructure

Layer	Component	Description	Use Case	E.g.
Orchestration	Server Orchestration	Scales VMs		AWS Auto Scaling + EC2 ASG
	Container Orchestration	Scales containers		ECS/EKS

Object Data Store	Object Storage		Storing large immutable objects	AWS S3

Messaging	PubSub Broker	Fanout messages to subscribers	Live updates, events	SNS, Redis PubSub
	Message Broker / Message Queue	One message → one consumer	Async jobs, retries	SQS, RabbitMQ
	Stream / Event Queue	Durable ordered event log	Event sourcing, analytics	Kafka, Kinesis

Load balancing	Application Load Balancer (ALB)	Distributes traffic to apps using HTTP info		AWS ALB
	Network Load Balancer (NLB)	Distributes traffic to apps using TCP/UDP info		AWS NLB
	Gateway Load Balancer (GWLB)	Distributes traffic to third party security/network applicances using TCP/UDP info		AWS GWLB
	Global Load Balancer (GLB)	Distributes traffic geographically		AWS ELB

2.5.4. Options for storing data

Deployment	Storage Abstraction	E.g.	Adv (vs others at same level)	Disadv (vs others at same level)	Use Case
Network	Block Storage	AWS EBS		Higher complexity
Network	File System	AWS EFS	Mutabillity	Metadata bottlenecks, locking complexity	Internally shared files
Network	Object Storage	MinIO	Scalable reads	No partial updates, higher latency	Internal services

Distributed	Block Storage	Ceph RBD		Highest complexity	I am building a distributed DB
Distributed	File System	AWS FSx for Lustre		Metadata bottlenecks, locking complexity	I am
Distributed	Object Storage	AWS S3	Scalable, miniamal coordination		I am building a data lake / serving media to thousands of people

2.5.5. Strategies to serve SPAs

Hosting Strategy	Description	Use Case	Adv	Disadv
Blob Storage Service (e.g. S3)	SPA is stored in blob storage and exposed via a public URL	Low-traffic / internal	Simple and cheap	No edge caching and higher global latency
Blob Storage Service + Content Delivery Network (e.g. S3 + CloudFront)	SPA is stored in blob storage, CDN caches assets at edge location	Public production SPAs	Fast global delivery	Extra setup
Virtual Machine Hosting (e.g. EC2 + nginx)	SPA is stored in a virtual machine and exposed via a port	Existing monolith	Flexible configuration	VM management

2.5.6. Container Orchestration

2.5.6.1. Orchestration Framework

Container Orchestration Framework	Description	Use Case
Kubernetes	Open-source container orchestration framework
OpenShift	Kubernetes with batteries included
ECS / ...

2.5.6.2. Platform

Container Orchestration Platform	Kubernetes?	Description	Use Case
ECS		AWS managed orchestration service	Minimal setup
EKS	✅	AWS hosted open-source orchestration framework	Flexibility
OpenShift	✅

2.5.7. Distributed Websockets

Mechanism	What it stores	Strength	Weakness	Use Case
Connection registry	connectionId → gatewayId	Precise routing	Needs cleanup	1:1 messaging
Group registry	groupId → [connectionId]	Controlled fanout	Large groups expensive	Chat rooms
Pub/sub broker	topic → subscribers	Massive fanout	Coarse routing	Broadcast feeds

Distributed Websocket Approach	Description	Adv	Disadv	Use Case
Sticky Sessions	GWLB pins client to specific gateway instance, e.g.	Simple	Poor rebalancing	Small systems
Connection Registry + Targeted Routing	clientId -> gatewayId KV lookup	Efficient 1:1		Chat, notifications
Pubsub	Broker fans out messages			Feeds, one event must notify many recipients immeidately

2.5.8. Optimising for reads/writes

Read Optimisation Strategy
CDN caching

The disadvantages in general are:

Higher storage
Stale data
Additional complexity with invalidation strategy

Write Optimisation Strategy

The disadvantages in general are:

More complex read paths
Additional complexity with background preprocessors

Balanced Approach
CQRS + messaging
per-endpoint SLAs with targeted caching
tiered storage (hot cache -> primary DB -> datalake)

2.5.9. Caching

Cache Distribution Strategies	Description	Adv.	Disadv.	Use Case
Single-node (L1)	Cache local to one instance	Simple	No sharing	Small apps
Distributed (L2)	Multiple caches, e.g. redis	Scales horizontally	Network latency + Op overhead	Microservices
Multi-level (L1/L2)	Local + Distributed	Best latency + scale	Complexity	High-scale systems

2.5.10. Distributed Websockets

2.5.10.1. : How do we ensure that messages get to the correct client?

Strategy	Description	Advantages	Disadvantages	Typical Use Case
Pub/Sub broadcast	Any instance publishes to a broker which broadcasts to all instances, instance holding the WS delivers, others drop	Simple, resilient to instance churn	Wasteful fan-out, message loss if nobody is listening	Small–medium clusters, low message volume
Connection registry + direct routing	Instances add `{clientId → instance}` in registry, sender looks up owner and forwards via RPC	Precise delivery, scales well	Registry correctness complexity, e.g. flapping ownership, more failure cases to handle	Large clusters, high throughput, real-time messaging
WebSocket gateway layer	Dedicated gateway owns all WS connections, compute instances send messages to gateway	Compute stateless, clean separation of concerns, simple delivery semantics	Stateful gateway tier, extra hop	High-scale systems, many short-lived compute instances

2.6. Speed

2.6.1. Typical Cloud Infrastructure

Layer	Component	Description	Use Case	E.g.
Edge	CDN	Caches static content for low-latency		AWS CloudFront
	Edge Functions	Execute code at edge on incoming HTTP requests	Auth, redirects, request shaping, thin APIs, caching logic	AWS Cloudfront Functions, AWS Lambda@Edge, Cloudflare Functions
	Edge Gateway	Routing/security/transform at the edge	API gateway-lite, auth, rate limiting, header rewrites	AWS API Gateway + Lambdas, Cloudflare Workers as gateway

2.6.2. Rendering Strategy

Rendering Strategy	Description	Use Case	Adv	Disadv
Client-Side Rendering (CSR) with Single-Page Apps (SPAs)	Client downloads minimal HTML shell with JS, JS renders everything else	Internal tools, dashboards	Cheap hosting	Slow first paint, poor SEO
Server Side Rendering (SSR)	Client downloads minimal HTML shell, server renders full HTML and hydrates client with content	SEO critical (e-commerce, social)	Fast first paint	Higher infra cost, complex
Static Site Generation (SSG)	HTML rendered at build time,	Blogs, docs, marketing sites	Faster first paint	Static content only, rebuild for updates
Incremental Static Regeneration (ISR)	SSG with on-demand/timer based regeneration	Catalogs, listings	SSG with refresh	Cache stale window, build limits
Islands Architecture / Partial Hydration	Only some components are SSRed	Sites with selective interactivity	Faster first paint	Complex
Multi-page Apps (MPAs)	Client downloads new HTML for every page	Traditional sites, simple apps	Simple model, good SEO	Full page reloads, less dynamic UX
Edge-Side Rendering (ESR)	SSR but running on edge functions	Global apps	Fastest first paint	Limited runtime, cold start issues

2.6.3. Caching

Cache Placement Strategies	Description	Adv.	Disadv.	Use Case
Client / Browser	HTTP cache in browser	Zero latency and cost	Invalidation complexity	Static assets
CDN / Edge	Cache at edge e.g. CloudFront	Very fast + offloads backend	Auth + Invalidation complexity	Public content
In-app cache (L1)	In-process cache	Ultra-fast	Memory-bound, per-instance	Hot keys
Remote cache (L2)	Redis / Memcached	Shared across services	Network latency	Shared state
In data layer cache	DB buffer / query cache	Transparent	Limited control	Read-heavy DBs

2.7. Observabilty

2.7.1. Typical Cloud Infrastructure

Layer	Component	Description	E.g.
Observability	Logging	Collect, aggregate and index logs from all services	AWS CloudWatch
	Monitoring / Metrics	Monitor resource usage, uptime, etc.	AWS CloudWatch
	Tracing	Traces request flow across different services	AWS X-Ray

2.8. Cost

2.8.1. Typical Cloud Infrastructure

Layer	Component	Description	Use Case	E.g.
Edge	CDN	Caches static content for low-latency		AWS CloudFront
	WAF / DDoS Protection	Protect from malicious acts		AWS WAF

Orchestration	Server Orchestration	Scales VMs		AWS Auto Scaling + EC2 ASG
	Container Orchestration	Scales containers		ECS/EKS

Messaging	PubSub Broker	Fanout messages to subscribers	Live updates, events	SNS, Redis PubSub
	Message Broker / Message Queue	One message → one consumer	Async jobs, retries	SQS, RabbitMQ
	Stream / Event Queue	Durable ordered event log	Event sourcing, analytics	Kafka, Kinesis

DevOps	CI/CD			AWS CodeBuild, GitHub Actions
Artifact	Container Registry	Stores , versions, distributes container images		AWS ECR

2.8.1.1. How do we route clients to the same instance to reduce coordination?

Strategy	Description	Advantages	Disadvantages	Typical Use Case
Sticky sessions	Load balancer routes client to same instance based on hash/cookie	Very simple, reduces cross-instance routing	Breaks on instance failure, doesn’t guarantee ownership	Low churn systems, cost-sensitive setups
Consistent hashing ownership	All instances compute owner for clientId using membership + hash ring	No central registry; predictable routing	Complex failure handling; membership convergence issues	Advanced infra teams, custom routing layers

3. C3: Component Design

BFF: Backend for Frontend
- GET /dashboard instead of GET /users + GET /orders + GET /recommendations

3.1. Functionality

3.1.1. Choosing a language for mobile app development

3.1.2. Choosing a language for frontend web development

Language	Use Case	Adv.	Disadv.
JS	Default	Natively supported - browsers come with JS engine	Single-threaded by default
Dart (compiled to JS)	Cross-platform		No UI interactivity
C/C++/Rust (through WASM)	3D graphics, gaming, video editing (e.g. Figma, Canva, AutoCAD Web)	High performance	No UI interactivity
Python (through WASM)	AI/ML in the browser	High performance, mature AI/ML ecosystem library	No UI interactivity
C (through Blazor WASM)	Existing .NET implementation	UI interactivity	Young ecosystem, large initial payload (downloads 6MB .NET runtime)

JS is the default choice as it is the only language that has direct access to the DOM to render UI.

3.1.3. Choosing a language / framework for backend web development

The choice of language for backend web development is tightly coupled to the language's runtime, libraries and frameworks as they provide key tradeoffs.

Language	Use Case	Adv.	Disadv.
Javascript	Real-time apps, typically preferred over php these days	Mature ecosystem, same language for FE and BE, great for concurrency (<10k users)	Not typed
PHP	Wordpress, CMS, e-commerce	Huge CMS ecosystem, powers wordpress	Process-per-request model limits real-time apps without extra tooling, js is typically preferred

Python	ML / AI	Huge AI/ML ecosystem

Java	Enterprise, finance	Strict typing, battle tested	Heavier setup
C	Enterprise with Microsoft eco-system	Great integrations with Microsoft / Azure	Tied to Microsoft eco-system

Go	Microservices, cloud-native, high-concurrency APIs	Extremely fast, great concurrency with goroutines	Less suited for CMS, e-commerce
Rust	High-performance APIs

Ruby	Replaced by JS	-	Declining in popularity due to memory usage, scaling, and struggling with concurrency

3.1.4. Choosing an Infrastructure as Code (IaC) framework for cloud

Framework	Description	Use Case	Adv.	Disadv.
AWS
SST (Serverless Stack)	Third party abstraction on top of CDK	Small projects	Ultra-fast local lambdas with hot reload, DevX	Less flexible than CDK, third party solution, risky with breaking changes
CDK	AWS high-level code-first framework built on CloudFormation	Best all round-choice for AWS	Common programming languages supported	Steep learning curve, no local emulators for lambdas and API gateways
SAM (Serverless Application Model)	AWS high-level serverless-first legacy framework built on CloudFormation	Prefer CDK	DevX with emulators for local lambdas/API gateways	YAML config, serverless projects only
CloudFormation	AWS low-level framework	Low-level control	Access to L1 constructs for high customisability	JSON/YAML config, verbose
Azure
Bicep
ARM Templates				JSON Config
GCP
Deployment Manager			YAML
Multi-vendor
Terraform
Pulumi
Serverless Framework	Legacy vendor agnostic framework	Do not use, it is dead	Supports AWS, Azure, GCP	YAML config, mocking AWS locally required

3.1.5. Choosing a library for local dev of cloud resources

AWS

Library / Tool	Description	Use Case	Adv.	Disadv.
LocalStack	Full AWS service emulator in Docker	Best library to start with before using other libraries for specific functionality	Broad AWS coverage, runs in one container	Slower than service-specific emulators, partial coverage of some services
MinIO	S3 compatible object store	Local S3	Fast	S3 only, some S3 features differ
ElasticMQ	SQS emulator	Local SQS	Fast	SQS Only
DynamoDB Local	DynamoDB emulator	Local KV	Fast	DynamoDB only
SAM CLI	Lambdas / API Gateway emulator	Local lambdas / API Gateway	Fast	Serverless services only
SST	Lambda emulator with hot reload	Extremely fast local lambda dev	Extremely fast	Need to use SST

3.1.6. Encoding

Encoding is used to serialise user facing data (text/image/audio/video) for storage / transport over the network.

Type	Description	Use Case	E.g.
Base32	32-character set encoding (A-Z, 2-7)	QR codes, OTP secrets	`JBSWY3DPEBLW64TMMQ======`
Base64	Represents binary data in ASCII	Images, API keys, JWT segments	`SGVsbG8gd29ybGQ=`
Base85	Represents binary data in ASCII	PDF	`<~87cURD_*#TDfTZ)+T~>`

URL	Makes data safe for URLs	URLs	`%20` -> spaces

Hex	Represents binary as hex strings		`0x12ab`

ASCII / UTF-8	Maps chars as numeric codes	Text	`65` -> "A"
Unicode (UTF-16, UTF-32)	Maps characters to numeric codes	Text (International)	`U+4F60` -> "你"

3.1.7. JavaScript

Engine	Browser
V8	Chrome
SpiderMonkey	Firefox
JavaScriptCore	Safari
Hermes	React Native

Runtimes	Engine	Adv	Disadv	Use Case
Node	V8	Mature ecosystem	Slower + Security needs to implemented via containers / OS policies	Default choice
Deno	V8	Faster than node	MOstly compatible with node modules + Security needs to implemented via containers / OS policies
Bun	JavaScriptCore	Sandboxed	Least compatible with node modules

3.1.8. Websockets

Choosing a websocket session identifier

Identifier	Description	Advantages	Disadvantages	Typical Use Case
Connection ID	Server-generated unique ID for each WebSocket connection; changes on every reconnect	Precise 1:1 mapping to an actual socket; ideal for ownership, fencing, and liveness	Ephemeral; not useful for user-level routing or grouping	Message delivery, connection ownership, detecting stale connections
Client ID (User ID)	Logical identifier for a user or client across devices/sessions	Stable identity; good for authorization and grouping	Too coarse: one client can have many connections; unsafe for delivery	Send to all user devices, auth checks, user-level fan-out
Session ID	Identifier for a login session or browser/app context	Helps replace old connections; supports “last session wins” semantics	Still not 1:1 with sockets; session handling adds complexity	Enforcing single active session, reconnect fencing
Channel / Topic / Room ID	Logical grouping that connections subscribe to	Clean abstraction for broadcast and fan-out; decouples sender from connections	Requires subscription management; not tied to identity	Chat rooms, game lobbies, collaborative documents
Device ID	Stable identifier per physical device	Useful for presence, multi-device sync, fallback delivery	Privacy concerns; not always available or reliable	Push notification routing, device-specific state
Instance ID	Identifier of the compute instance holding the connection	Useful for routing and debugging; enables direct forwarding	Changes with churn; not meaningful at business level	Internal routing, connection registries, observability

3.1.9. Testing Frameworks

Frontend

Web
- Playwright (purpose built from the ground up)
- Cypress (multiple packages patched together)
Cross Platform
- integration_test (flutter)
Mobile
- Maestro (js)
  - Supports OS level interaction, e.g. going to system settings

3.1.10. Browser Storage

Storage Type	Description	Set by	Access via	Lifetime	Access scope	Capacity	Use Cases	Security Notes
Cookies	KV pairs	Responses (Set-Cookie) + JS (document.cookie)	Requests (auto-sent) + JS	Configurable to clear after session / expiry datetime	Browser + domain	4KB each, 50 per domain	Auth, prefs	Use HttpOnly, Secure, SameSite flags
Session Storage	KV pairs	JS	JS	Cleared on tab close	Tab / Session	5MB	Temporary UI state, multi-tab separation	Accessible to JS -> XSS risk
Local Storage	KV pairs	JS	JS	Persistent until cleared	Browser + Origin	10MB	App state, non-sensitive prefs	Accessible to JS -> XSS risk
Extension Storage	???	JS (Extensions only)	JS (Extensions only)	Persistent until cleared	Extension	5MB (sync), 10MB (local)	Extension settings, sync across devices
IndexedDB	NoSQL DB	JS	JS	Persistent until cleared	Browser + Origin	xGB, depending on disk space	PWAs, offline apps, large structured data	Origin-scoped, but XSS risk

3.1.11. Database Data Persistence

Data in Tables (Persistent)

Base/Regular Table
- Data stored in disk
- Data is persistent across sessions
Temporary Table
- Data stored in disk
- Data exists only in session
- Data can exist across sessions if cached

Data in Queries (In Memory)

Result Set
- Data stored in memory
- Data exists onl
Derived / Subquery e.g. FROM
- Data stored in memory
- Data exists only in query
Common Table Expression (CTEs) e.g. WITH
- Same as subquery, but provides syntactic alias for reusing subqueries

Named Queries

View/Virtual
- Query definition stored in disk
- Data only stored
Materialised View
- Data stored in disk
- Manual/scheduled refresh
Stored Procedure
- Data stored in disk
- ???

3.1.12. Database Isolation Levels

Isolation Level	Prevents Dirty Reads	Prevents Non-Repeatable Reads	Prevents Phantom Reads	Typical Use Cases	Advantages	Disadvantages
Read Uncommitted	No	No	No	Rarely appropriate; niche analytics where absolute accuracy is not needed	Maximum concurrency, minimal blocking	Can read uncommitted/rolled-back data; usually unsafe
Read Committed	Yes	No	No	General OLTP apps, most standard business CRUD workloads	Good balance of correctness and concurrency	Same row can change between reads; query result sets can change
Repeatable Read	Yes	Yes	Usually not fully, depends on DB implementation	Workflows needing stable rereads of rows within one transaction	More consistent repeated reads	More overhead, more chance of contention, phantom handling varies by DB
Serializable	Yes	Yes	Yes	Financial transfers, inventory correctness, highly sensitive concurrent workflows	Strongest correctness guarantees	Lowest concurrency, more blocking or retries, highest cost

3.2. Compliance

3.3. Security

3.3.0.1. Auth: How do we model who gets access to what?

Access Control Approach	Principle	Use Case
Role-Based (RBAC)	Users -> Roles -> Permissions	Easiest to implement / reason about
Attribute-Based (ABAC)	Permission based on user attributes, e.g. `user.department == doc.department and time < 18:00`	Highly customisable
Relationship-Based (ReBAC)	Permissions via graph relations, e.g. `editor of project X`	Collaboration apps
Scope-Based (SBAC)	Users -> Scope -> Permissions, e.g. `contacts.read`	OAuth

3.3.1. Encryption / Decryption with Keys

There are two types of encryption/decryption patterns

Key Type	Description	E.g.	Adv	Disadv	Use Case
Symmetric	Private key is shared, i.e. one key for both encryption and decryption	AES	Computationally faster	Hard to distribute	Bulk data ancryption (disks, HTTPS session data, VPNs)
Asymmetric	Public/private key is set up, i.e. two keys	RSA, ECDSA	Easier to distribute	Computationally slower	Key exchange, digital signatures, SSL/TLS handshake, email encryption

Public and private keys are used for two main purposes:

Key Use Case	Private Key	Public Key / Shared Private Key
Message Authentication and Integrity (Digital Signatures)	Sign message	Verify message came from sender (authentication) + Ensure message wasn't modified in transit (integrity)
Message Confidentiality	Decrypt message	Encrypt message

3.4. Robustness

3.4.1. Queues

Queue Type	Description	Use Case
Simple Queue
Durable Queue
Dead-Letter Queue (DLQ)

3.5. Scalability

3.5.1. Database Access Patterns

3.5.1.1. DB Lock Modes and Granularity

Data Lock Modes	Triggered By	Allows other transactions to acquire	Blocks other transactions from acquiring	Use Case
Shared (S)	Read operations	S	U, X	Concurrent reads
Exclusive (X)	Write operations	n.a.	S, U, X	Data modification
Update (U)	Read-for-update	S	U, X	Preventing deadlocks in read-then-write flows

Intent Lock Modes	Triggered By	Allows other transactions to acquire	Blocks other transactions from acquiring	Use Case
Intent Shared (IS)	Read operations	IS, IX, S	X	Internal coordination of hierarchical locks
Intent Exclusive (IX)	Write operations	IS, IX	S, U, X	Internal coordination for writes

Granularity	Description	Advantages	Disadvantages	Typical Use Case
Row	Locks a single row	High concurrency, very precise	Many locks can add overhead	Transactional updates
Page	Locks a page of multiple rows	Fewer locks than row-level	Can block nearby unrelated rows	DB engine optimization
Table	Locks the entire table	Simple, strong consistency	Very low concurrency	Bulk operations, migrations
Database	Locks the entire database or schema	Full protection	Extremely restrictive	Schema changes, maintenance

3.5.1.2. ORM Lock Types

Lock Type	Description	How It Works	When to Use	Downsides
Optimistic Locking	Detects conflicts at write time using a version column	UPDATE includes `WHERE version = X`; fails if changed	Low contention systems	Requires retry handling
Pessimistic Read	Prevents others from modifying while reading	Uses DB read locks (e.g. `FOR SHARE`)	When you must read stable data before deciding	Can block writers
Pessimistic Write	Locks row for exclusive access	Uses DB write locks (e.g. `FOR UPDATE`)	High contention, critical updates	Can cause blocking/deadlocks
Force Increment	Forces version increment even without change	ORM increments version explicitly	Signaling “logical update”	Rare use case

3.5.1.3. Spring

@Transactional: joins existing transaction, or starts a new one if no transaction exists

Propagation Type	If Transaction Exists	If No Transaction Exists	Typical Use Cases	Risks / Notes
REQUIRED	Join it	Start one	Default business service methods	Most common default
REQUIRES_NEW	Suspend existing and start new	Start one	Audit logging, independent side effects	Inner commit can succeed even if outer rolls back
SUPPORTS	Join it	Run without transaction	Read-only/helper logic that can work either way	Easy to accidentally run non-transactionally
NOT_SUPPORTED	Suspend existing	Run without transaction	Work that should avoid transaction context	Rarely used; dangerous if writes happen unexpectedly
MANDATORY	Join it	Error	Methods that must be called from an existing transaction	Good for enforcing calling discipline
NEVER	Error	Run without transaction	Code that must not run in transaction context	Rare
NESTED	Use savepoint/nested behavior	Start one or fail depending on framework/DB support	Partial rollback within a larger transaction	Support varies; often misunderstood

3.5.2. S3

URL Types

URL Type	Description	Use Case
Unsigned	Public URL	Hosting public assets, e.g. website images, JS/CSS, downloads
Signed	URL signed with S3 access keys,	Uploading images, private file sharing
Pre-signed	Allows users who do not have AWS credentials to access S3	Uploading images, private file sharing
Cloudfront Signed	URL signed with CloudFront key pairs	Media streaming, CDNs, large-scale distribution

3.6. Speed

3.6.1. HTTP

There are 3 main versions of HTTP being used

Version	Description	Adv	Disadv	Use Case
1.1	Most widely supported	Simple, easy to debug, universally compatible	One request per connection -> head-of-line blocking -> higher latency, more open connections = higher infra cost	Legacy, IoT
2	Multiplexed streams over one TCP connection	Big improvements in latency and throughput over HTTP/1, fewer connections per client, required for gRPC	Head-of-line blocking if packet loss occurs, more complex load balancing	gRPC
3	Runs over QUIC (UDP)	Lowest latency	Less mature, harder debugging, firewalls may block UDP	Mobile / unstable networks

Modern clients auto-negotiate best protocol via Application Layer Protocol Negotiation (ALPN)
- client says “I support h2, http/1.1, h3”, server picks one

3.7. Observabilty

3.8. Cost

4. C4: Code Design

4.1. Functionality

4.1.1. Data Structures & Algorithms

How to solve problems with code.

4.1.1.1. Methods to Reinterpret Problems

Create formula and see if shifting variables around can simplify solution

4.1.1.2. Modulo

Application	Modulo by	Example
Get n trailing digits	10^n	1234 % 100 = 34
Check even/odd	2	isEven = x % 2 == 0
Get value of bit after addition	2	(1 + 1) % 2 = 0
		(0 + 1) % 2 = 1
		(0 + 0) % 2 = 0
Check divisible by n	n	isXDivisibleByN = x % n == 0

4.1.1.3. Floor Division

Application	Denominator	Example
Remove n trailing digits	10^n	12345 // 100 = 123
Get carry over bit after addition	2	(1 + 1) // 2 = 1
		(0 + 1) // 2 = 0
		(0 + 0) // 2 = 0
Get midpoint of any array ([0,1,2] [0,1,2,3])	2	midpoint = len(arr) // 2

4.1.1.4. Binary Trees

Sizes

no. of nodes: $n$
height of tree: $log_x n$ $l o g_{x} n$ ,
- where $x$ is for a $x$ -ary tree
width of tree: $2^x$ $2^{x}$
- where $x$ is the level of the tree for which you want the width

How to navigate a Tree

There are two methods of navigating a tree: Depth-First Search (DFS) and Breadth-First Search (BFS)

DFS

There are three ways to perform traversal:

In-Order Traversal (IOT) -> left, node, right
Pre-Order Traversal (PreOT) -> node, left, right
Post-Order Traversal (PostOT) -> left, right, node

There are two ways to implement DFS:

'''
1. Recursively
    - Adv.: Clean and intuitive
    - Disadv.: Limited by recursion depth, stack overflow risk
'''

def recursive(root):
    iot(root)
    preOT(root)
    postOT(root)

def iot(node):
    if node is None:
        return

    iot(node.left)
    process(node)
    iot(node.right)

def preOT(node):
    if node is None:
        return

    process(node)
    preOT(node.left)
    preOT(node.right)

def postOT(node):
    if node is None:
        return

    preOT(node.left)
    preOT(node.right)
    process(node)

'''
2. Iteratively
    - Adv.: Robust for large or unbounded inputs
    - Disadv.: Less intuitive and readable
'''

def iot(root):
    if root is None:
        return
        
    stack = []
    node = root

    while stack or node:
         go left as far as possible
        while node:
            stack.append(node)
            node = node.left
        
        node = stack.pop()
        process(node)
        stack.append(node.right)

def preOT(root):
    if root is None:
        return 
    
    stack = [root]  switching this to a queue changes the DFS to BFS
    while stack:
        node = stack.pop()
        
        process(node)

         push right first so left is processed first
        if node.right:
            stack.append(node.right)
        if node.left:
            stack.append(node.left)


def postOT(root):
    if root is None:
        return
    
    stack = []
    lastNode = None
    node = root

    while stack or node:
         go left as far as possible
        if node:
            stack.append(node)
            node = node.left
            continue
        
         at leftmost node, if candidate has right and is not the last visited node, check right subtree
         at 
        candidateNode = stack[-1]
        if candidateNode.right and lastNode != candidateNode.right:
            node = candidateNode.right
            continue

        node = stack.pop()
        process(node)
        lastNode = node
        node = None  do not process node again

BFS

There are two ways to perform traversal:

Flat Traversal (FT)
Level-Order Traversal (LOT)

BFS is primarily done iteratively - it can be implemented recursively but there is no practical benefit.


def ft(root):
    if root is None:
        return
    
    queue = deque([root])

    while queue:
        node = queue.popleft()

        process(node)

        if node.left is not None:
            queue.append(node.left)
        if node.right is not None:
            queue.append(node.right)

def lot(root):
    if root is None:
        return

    queue = deque([root])

    while queue: 
         for LOT, we just need to wrap the flat traversal logic in a for loop with levelSize iterations
        levelSize = len(queue)
        for _ in range(0,levelSize):
             same as flat traversal

Note:

You can also add metadata for each node by appending tuples (node, metadata) to the queue instead of just nodes

4.1.1.5. Array

How many times can I slide a window over an array?

Intuition
- Start from the base case - window size 1
  - How many times can you slide it?
- Increase window size
Formula
- len(array) - windowSize + 1

4.1.1.6. Bitwise Operations

Operation	Application	Example
AND &	Get carry for binary addition of two numbers	1 & 1 = 1
AND &	Get last bit	10 & 1 = 0, 11 & 1 = 1
XOR ^	Get sum without carry for binary addition of two numbers	1 ^ 1 = 0
		0 ^ 1 = 1
		1 ^ 0 = 1
XOR ^	Find differences between two bit patterns	0110 ^ 1010 = 1100, i.e. different in first two bits
Bit Shift	Multiply/divide by 2	x = 2, x << 1 = 4, x >> 1 = 1

4.1.1.7. Dynamic Programming

Caching results for fibonacci-style recurrence

4.1.1.8. Binomial Theorem

Theory

The Binomial Theorem describes how to expand binomial expressions without brute force
- Binomial Expression:
  - An expression formed from two terms,
  - e.g. $(a + b)$
- Binomial Theorem Formula:
  - $(x+y)^n = \sum_{k=0}^{n} \binom{n}{k} x^{n-k} y^{k}$ $(x + y)^{n} = \sum_{k = 0}^{n} (k n) x^{n - k} y^{k}$
    - where $\binom{n}{k} \equiv {}^{n}C_k$ is the binomial coefficient a.k.a. combinations

Applications

The binomial coefficient can be used to describe symmetric number sequences, e.g. 1 4 6 4 1

4.1.1.9. Describing Symmetry

Linear Symmetry
- Combinations / Binomial Coefficient
- Modulus
- Even Functions
- Cosine
Rotational Symmetry
- Odd Functions
- Sine

4.2. Compliance

4.3. Security

4.3.1. Request/Response Flags

Flag	Purpose	Use Case
HttpOnly	Prevents JS from reading cookies	Protect tokens from XSS
Secure	Cookie only sent over HTTPS	Protect plaintext cookies from being leaked
SameSite	Controls if cookies are sent on cross-site requests (Strict/Lax/none)	CSRF protection / cross-site marketing
Cache-Control	Controls caching of resposne data (no-store, max-age etc.)	Ensure sensitive data isn't cached
CORS headers	Control which domains can make cross-origin requests	APIs that need controlled access

4.3.1.1. Authentication

Transporting Passwords

Use HTTPS for password submissions
Avoid logging raw credentials

4.3.1.2. Authentication Methods

Method	Use Case
Username + Password
Username + Password + 2FA
SSO
Custom-built SSO
Securing Passwords

Hashing
- Passwords should be stored as irreversible cryptographic hashes
Salting
- A random, user-specific unique value (salt) is added to the plain-text password before hashing, which is stored in plaintext in the database
- Prevents
  - two users with the same passwords from getting the same hash
  - hackers using rainbow tables (precomputed mappings of common passwords -> hashes)
Peppering
- A random, global value (pepper) is added to the plain-text password before hashing, which is stored as an env variable on the server
- An additional layer of security on top of salting

4.4. Robustness

4.4.1. Recursion Depth Limits

C++: 100,000
- Depends on frame size + OS stack size
Dart: 10,000
- Set by default
JS: 10,000
- (V8 engine/chrome)
- Depends on
Java: 1,000
- Depends on frame size + OS stack size
Python: 1,000
- Set by default

4.5. Scalability

4.6. Speed

4.6.1. CPU Optimisations

Branch Prediction
Variable reassignment
CPU Pipelining
CPU Preloading
CPU Prefetching
Cache Locality
Memory Access Patterns

4.6.2. Language Optimisations

Peephole Optimisations
Inline
Unroll

4.6.3. Caching

Cache Read Strategies	Description	Adv.	Disadv.	Use Case
Read-thru	App reads cache -> on miss, cache reads from DB	Simplifies app logic	Stampede risk on hot keys + Tight coupling between cache and data store + Limited flexibility for custom fetch logic	Simple KV access

Cache Write Strategies	Description	Adv.	Disadv.	Use Case
Write-thru	App writes to cache -> cache writes to DB sync	Cache is consistent + Reads are fast after writes	Higher write latency + Cache outage blocks writes	Strong consistency / configuration data
Write-behind / back	App writes to cache -> cache writes to DB async	Very fast writes	Risk of data loss without durable buffering (queue / WAL required) + eventual consistency	High-throughput / analytics / logging / non-critical data

Cache Read/Write Strategies	Description	Adv.	Disadv.	Use Case
Cache-aside	App checks cache -> on miss, app reads from DB -> app writes to cache	Simple + cache only stores what is used	Stampede risk on hot keys + Harder to guarantee consistency under concurrent writes	Default choice for most BE systems / Read-heavy systems / microservices / web APIs
Cache-thru	Read-thru + Write-thru	Centralised data access	Cache is SPOF + Reduced observability + Harder debugging	Rare / legacy / strict data access boundaries

Cache Invalidation Strategies	Description	Adv.	Disadv.	Use Case
TTL-based	Cached entries expires after time	Simple invalidation + Prevents stale data buildup	Stampede risk on expiry + Hard to pick optimal TTL	Often combined with cache-aside / CDN caching
Event-based	Cache entries invalidated on data change events	Very fresh data + No guess work with TTL	Event loss or ordering issues can cause permanently stale cache + More moving parts	Event-driven / CQRS systems

4.7. Observability

4.7.1. Logging

Avoid auto logging POST bodies and GET parameters
- If the auto logging runs on auth endpoints, passwords could be written in plaintext to logs

4.7.2. Performance Metrics

Metric	Description	Layer	Units	E.g.
Bitrate	Rate at which app encodes and sends data	Application	bits/s	Voice: 10 kbps 2G, 64kbps 3G, 64 kbps LTE, 12-64 kbps VoLTE, 128 kbps Vo5G
				Video: 1 Mbps (360p), 2 Mbps (720p), 5 Mbps (1080p), 15 Mbps (4K)
Throughput	Rate at which data is sent over the network	Network	bits/s	Zoom bitrate 2Mbps, network throughput only 1.5Mbps due to packet loss
Available Bandwitdh	Rate at which a network link can support data transfer	Network	bits/s	Wi-Fi: 5Mbps
Latency / Round Trip Time (RTT)	Time taken for packet to go to peer and back		ms	<150ms before humans detect delay
Packet Loss	% of dropped packets between nodes in one direction		%	<1% before choppy/freezing videoaudio
Jitter	Variability in packet arrival time in one direction		ms	<30ms before video stutters \ audio cracks

4.8. Cost

4.8.1. Maintainability

How to deliver value to users with minimal waste using code.

Single Layer of Abstraction Principle (SLAP)
Dependency Injection
Clean Conditionals
Conventional Commits
Early Returns / Continues
Prefer for loops over while

4.8.2. Response Codes

Code	Meaning	When to use	Benefit of using
Informational	Request received, continuing process	Rare in practice, mostly for protocol-level interactions
100	Continue	Client should continue sending request body (after headers OK)	Saves bandwidth if request is rejected early
101	Switching Protocols	Used for HTTP to WebSocket upgrade or HTTP/1 to HTTP/2 switch	Necessary to start persistent connections
Success	Request succeeded
200	OK	Standard response for successful request (e.g. GET, POST when no resource creation)
201	Created	New resource created successfully (e.g. POST /users)
202	Accepted	Request accepted for async processing but is not done yet
204	No Content	Success, but no response body (e.g. DELETE)
Redirection	Further action needed
301	Moved Permanently	Resource permanently moved	Tells crawlers to update their search index, better SEO
302	Found (Moved Temporarily)	Temporary redirect (historically used like 303)
303	See Other	Redirect after POST -> GET (common for web forms), e.g. ???
304	Not Modified	Used with caching	Client can use cached response, lowers latency and bandwidth does not need to wait for body to arrive
Client Error	Problem with request
400	Bad Request	Malformed syntax, invalid patterns
401	Unauthorized	Missing/invalid authentication
403	Forbidden	Authenticated but not authorised
404	Not Found	Resource doesn't exist, or if you don't want malicious actors to know your API endpoints if they are not authenticated/authorised	Security through obscurity + clear feedback
409	Conflict	Resource conflict (e.g. duplicate unique field)
429	Too Many Requests	Rate limiting / throttling
Server Error	Problem on server side
500	Internal Server Error	Generic server crash/error
502	Bad Gateway	Upstream server error (e.g. reverse proxy can't reach backend)
503	Service Unavailable	Server overloaded, down for maintenance
504	Gateway Timeout	Upstream service didn't respond in time

4.8.3. React

Avoid useEffect if there are no external deps (source)

4.8.4. Git

BFG Repo-Cleaner
- CLI for cleaning up git repos
  - e.g. committed large files / sensitive data

5. First Principles

Question	Answer
What is a gateway?	A gateway is a specialised, stateful compute optimised for connection handling, routing, auth, fanout
What is a load balancer?
What is OAuth?	Authorisation protocol, i.e. can this app access this resource?
What is OIDC?	Authentication protocol built on top of OAuth, i.e. who is this user?
What is authentication?	Authenticaiton is verifying identity, i.e. confirming that you are who you say you are
What is authorisation?	Authorisation is checking permissions, i.e. determining what you can do

5.1. Options for deploying

Deployment Approach	How data is served
Local	From the same machine
Network	From a remote system
Distributed	From multiple remote nodes

5.2. Testing Best Practices

E2E
- Main user stories, happy paths
Integration
- Edge cases not caught by E2E, unhappy paths
Unit
- Edge cases for small functions

5.3. Mobile

5.3.1. Cold/Warm/Hot Starts on Mobile

Cold Start
- binary not in memory
- e.g. launching app after killing it
Warm Start
- binary in memory, app process in background
- e.g. when switching between apps
Hot Start
- binary in memory, app process in foreground
- e.g. when locking and unlocking the screen momentarily, or switching between apps briefly
  - This occurs because the Android and iOS give apps a grace period (~2s) before backgrounding
- App still has GPU and CPU priority

5.3.2. Splash Screen

Splash screens are only shown for cold start

Phase	Native iOS	Native Android	React Native	Flutter
Process Startup	OS launches app process	Same	Same	Same
Show OS-level Splash	Launch splash	Same	Same	Same
Runtime Init + Framework Boostrap	Initializes iOS runtime + UIKit, sets up main run loop, prepares initial UIViewController	Init Android Runtime + base Activity, inflates first layout	Native layer starts JS engine, loads JS bundle, sets up React tree & JS x native bridge	Native layer starts Flutter engine, loads Dart VM, initializes widget tree & Skia renderer
App Init	Set up SDKs, DB, config etc.	Same	Same	Same
Remove Splash	OS removes splash once first UIViewController is ready	OS removes splash once Activity content is ready	Native splash removed after JS bundle + RN root view are mounted	Native splash removed after Flutter engine renders first frame
First Frame Rendered	First frame is rendered	Same	Same	Same

5.4. Databases

5.4.1. SQL Databases

Question	Answer
What is atomicity?	Atomicity guarantees that all statements are committed within a transaction, or none are, i.e. all or nothing
What is consistency?	Consistency guarantees that a transaction brings the database from one valid state to another, preserving all defined constraints
What is isolation?	Isolation guarantees that transactions running in parallel do not interact in unsafe ways (subject to change in isolation levels)
What is durability?	Durability guarantees that once a transaction has been committed, there will be no data loss in the event of a crash
What is SQL?	Structured Query Language is a language used to interact with data in relational DBs
What subtypes of SQL are there?	DQL, DML, DDL, DCL
What is DQL?	Data Query Language is used to read data from a DB, e.g. SELECT
What is DML?	Data Modification Language is used to modify data in the DB, e.g. INSERT, UPDATE, DELETE
What is DDL?	Data Definition Language is used to define the structure of data in the DB, e.g. CREATE
What is DCL?	Data Control Language is used to control access to data in the DB, e.g. GRANT, REVOKE
What is a command/statement?	An instruction executed by the database, e.g. SELECT * FROM fooTable;
What is a clause?	A part within a statement
What is a read/query?	A statement that reads data, e.g. SELECT * FROM fooTable;
What is a write/update?	A statement that writes data, e.g. DELETE FROM fooTable WHERE ...;
What is a read-then-write?	A pattern where data is read before a write (the write may use the data / update the same data)
What is a read-for-update?	A pattern that reads data with the intention of updating the same data later, e.g. BEGIN; SELECT ... FOR UPDATE; -- biz logic on that data ; UPDATE ...; COMMIT;
What is a result set?	Data returned from a query
What is an update acknowledgement?	Confirmation returned from an update
What is a transaction?	A group of statements executed as a single unit of work e.g. BEGIN; SELECT ...; UPDATE ...; COMMIT; ROLLBACK;
What is a single unit of work?	A set of operations that guarantees atomicity, i.e. either all statements commit, or rollback
What is a lost update?	Two transactions read the same row, both modify it, one overwrites the other
What is a dirty read?	One transaction reads data written by another transaction that has not committed yet
What is a non-repeatable read?	A situation where a transaction reads data twice and gets different values because another transaction committed inbetween
What is a phantom read?	A situation where the set of rows matching a condition changes during a transaction
What is a deadlock?	A deadlock is when 2 or more transactions are waiting for each other's locks, preventing any from proceeding
What is autocommit?	Autocommit is a DB configuration that automatically commits individual SQL statements as its own transaction
What is an object?	Anything defined in a DB, e.g. Tables, Views, Indices, Stored Procedures, Triggers, Functions
What is a schema?	Logical grouping of DB objects
What is an execution plan?	The strategy the DB optimiser chooses to execute reads/writes efficiently, e.g. index scan vs full scan, hash join
What is a lock?	Mechanism used to control concurrent access to data, e.g. through blocking
What is a lock mode?	The type of lock that defines what operations are allowed/blocked (e.g. S, U, X, IS, IX)
What is lock granularity?	The level of the object at which a lock is applied (e.g. row, page, table)
What is a data lock mode?	Locks placed on actual data to control read/write access (e.g. S, U, X)
What is an intent lock mode?	Locks placed on coarser-granularity objects by transactions, signalling their intentions on finer-granularity objects (e.g. IS, IX)
What is the lock lifecycle?	Acquire intent lock when higher-level object is accessed during execution -> acquire data lock when lower-level object is accessed during execution -> do work -> release lock depending on lock mode
When are read locks released?	Depends on the isolation level
When are write locks released?	At transaction end / commit
What does blocking mean in locks?	A transaction is forced to wait at a statement that is trying to access a locked resource, because it cannot acquire the required lock
How many S locks can exist on a resource at any time?	Multiple
How many U locks can exist on a resource at any time?	One
How many X locks can exist on a resource at any time?	One
Why does S block U	Because U locks is intended to be promoted to X locks, which gets blocked by S, resulting in a deadlock
Why doesn't U block S	Because DBs allows concurrent reads while determining if an update is necessary, reducing total lock duration and improving performance (design choice)

Thread	1	2	3	4	5	6
A		request received	read old data under U lock allowed	response sent with old data
B			request received	read blocked	read new data	resposnse sent with new data
C	request received	U lock acquired	read	write	other processing

5.4.1.1. Deadlock Problem

Step	Transaction A	Transaction B
1	SELECT → acquires S lock
2		SELECT → acquires S lock
3	UPDATE → tries to acquire X, waits
4		UPDATE → tries to acquire X, waits
5	❌ waiting for B to release S	❌ waiting for A to release S
6	💥 deadlock	💥 deadlock

5.4.2. ORMs

Question	Answer
What is a session?	A session represents an unit of work and manages the persistence context and communication with the DB
What is the difference between an ORM session and a DB transaction?	ORM session represents an application-level UoW while DB transaction represents a DB-level UoW + a session may span multiple transactions + a transaction may be managed within a session
What is persistence context?	A cache that tracks entities and their changes during a session, ensuring consistency between in-memory objects and the DB

5.5. Networking Model

There are two main models that are used in the industry today:

Open Systems Intercommunication (OSI) model
1. Abstract: Typically used to discuss concepts
TCP/IP model
1. Concrete: This is what is used in the internet today

OSI Layer	Name	Purpose	TCP/IP Layer	Data Unit	Examples
7	Application	User Apps	Application	Data	Zoom, WhatsApp, Teams
		App Protocols			HTTP, WebSockets, WebRTC, SIP, DNS, WebRTC API, WebRTC Signaling, DNS, gRPC, RTP/SRTP
6	Presentation	Data formatting			JSON, XML Protobuf
6	Presentation	Encoding & Compression			JPEG, MP3, H.264, gzip
6	Presentation	Encryption			TLS, DTLS, SSL, SRTP,
5	Session	Manage session lifecycle			NetBIOS, RPC, WebRTC session setup
4	Transport	Reliable/unreliable delivery, multiplexing, manage connections	Transport	Segment (TCP) / Datagram (UDP)	TCP, UDP, QUIC
3	Network	Routing, addressing	Internet	Packet	IP, ICMP, BGP
2	Data Link	Framing, error detection	Link	Frame	Ethernet, Wi-FI MAC, PPP, 5G NR
1	Physical	Raw bits over a medium		Bits	Fiber, RF, copper, modulation

5.6. Sessions and connections

Definition

	Connection	Session
Layer	Transport	Application
Definition	A channel between two peers	A context between two peers
Lifespan	Exists only while data flows on the transport	Can span multiple connections, until either peer terminates the session

Signaling: Session Management Signaling is the process of setting up, managing, and tearing down a communication session before real-time data flows. Signaling encompasses multiple processes:

Session Setup
Codec Negotiation
Process where two peers agree on a common codec for audio/video during signaling
NAT Traversal
Techniques + Protocols that allow devices behind NAT to communicate directly
There are three main techniques
1. Session Traversal Utilities for NAT (STUN)
  - Device asks STUN server "What's my public IP:port?"
  - Device shares info with other peer (P2P)
  - Works only if NAT keeps mappings stable
2. Traversal Using Relays around NAT (TURN)
  - Both devices send media to a TURN server
  - Used as fallback if direct P2P fails
  - Higher latency + server bandwith cost
3. Interactive Connectivity Establishment (ICE)
  - Gathers candidates
    - Private IP:port
    - Public IP:port from STUN
    - Relay addresses from TURN
  - Tries all possible paths
  - Picks the fastest, lowest-latency route
Encryption keys exchange
Exchange session metadata

5.7. Web Identifiers

Term	Definition	E.g.
TCP connection	Source IP : Source Port -> Destination IP : Destination Port	`192.168.1.10 : 52341 → 34.120.10.5 : 443`
Socket	OS-managed object that includes TCP connection + send/receive buffer
Domain	Registrable name of a website	`example.com`
Subdomain		`shop.example.com`
Host		`shop`
Ephemeral Port		`52341`

Scheme	???	`http://`, `ws://`
Port	???	`443`
Origin	Scheme + Host + Port	`https://example.com:443`
Fragment	???	`#reviews`
Uniform Resource Name (URN)	Name of a resource, not how to locate it	`urn:isbn:0451450523` (book ISBN), `urn:uuid:6fa459ea-ee8a-3ca4-894e-db77e160355e` (UUID)
Uniform Resource Locator (URL)	How to locate a resource	`https://shop.example.com:443/products?id=10#reviews`
Uniform Resource Identifier (URI)	URL / URN	-

5.7.1. Defining IP address ranges

CIDR blocks
- Protocol that allows defining a range of valid IP addresses
- Notation: <ip address>/<prefix length>
  - Prefix length determines how many bits in the address are fixed
Classless Inter-Domain Routing

5.8. Telco 101:

Cell Tower
- Software Components i.e. Base Station Software Stack
  - Radio Access Network (RAN) Software
    - Handles communication between mobile devices and cell tower, e.g.
      - Handover Control: Deciding when phone switches from one tower to another
      - Radio Resource Control (RRC): managing spectrum and assigning frequencies to devices
      - MAC & PHY Scheduling: Deciding which user gets how much bandwidth every millisecond
      - Security & Authentication: Encrypting radio traffic before it hits the core
      - Quality of Service: Prioritising latency-sensitive traffic like voice and video
  - Cell Tower OS
    - Manages hardware scheduling, memory and task prioritisation
  - Management Software
    - For engineers to monitor and configure the cell tower
- Hardware Components
  - Antennas: Send/receive radio signals
  - Remote Radio Unit (RRU): Converts radio waves to/from digital data
  - Baseband Unit (BBU): Runs the base station software stack
    - In 5G, BBUs are
      - centralised in regional data centers
      - serve dozens of towers
      - do not exist on the cell tower
  - Backhaul: Connection to core network via
    - Fiber (Most common)
    - Microwave (rural areas)
    - Satellite (remote locations)

5.9. WebRTC

Frameworks
- Web Real-Time Connection (WebRTC)
  - Open source framework for P2P RTC
  - Components
    - Signaling
    - Media Capture
    - Media Transport
    - Encryption
    - NAT Traversal
    - Adaptive Quality
    - Data Channels
Signaling Protocols
- Session Initiation Protocol (SIP)
  - Set up, modify, tear down real-time sessions for voice/video/messaging
Monitoring Protocols
- Real-time Transport Control Protocol (RTCP)
  - Measures network performance metrics for RTP
Security Protocols
- Transport Layer Security (TLS)
  - Secures TCP
- Datagram Transport Layer Security (DTLS)
  - Secures UDP
  - i.e. TLS for UDP
Transport Protocols
- Real-time Transport Protocol (RTP)
  - Transports real-time media (audio/video)
  - Rides on UDP, sometimes TCP
- Secure Real-time Transport Protocol (SRTP)
  - Encrypted RTP
  - Uses DTLS for key exchange
- RTCP
Network Address Translation (NAT)
- NAT Devices
  - Home Routers
  - Corporate Firewalls
- Vanilla NAT
  - 1:1 mapping between private IPs to public IPs (e.g. 192.168.0.1 (private) : 203.0.113.1 (public))
  - Provides control over private IP ranges
  - Single source of truth for configuring public/private IP mappings (e.g. ISP changes IP allocations)
- Port Address Translation (PAT) a.k.a NAT Overload
  - 1:many mapping between private IPs to public IPs by using ports as well
    - e.g.
      - 192.168.0.10:52301 -> 203.0.113.7:40001
      - 192.168.0.11:52301 -> 203.0.113.7:40002
  - Workaround to IPv4's small address space, not needed in IPv6 where 1:1 mappings are encouraged
Firewall
- Decides which packets are allowed/blocked
- Lives between private network and public internet
- Typically blocks incoming connections, not outgoing
- Corporates typically block UDP entirely because the lack of handshakes make it hard for firewalls to understand the session state

5.10. Wireless Systems

Application
Transport / IP
Radio Resource Control (RRC): Manages radio resources and connection states between base station and user device
- Types of radio resources:
  - Time
  - Frequency
  - Power
  - Modulation & Coding
  - Bearer
  - Control
  - Random access
  - Beamforming
- Types of connection states:
  - RRC_IDLE
  - RRC_INACTIVE (5G)
  - RRC_CONNECTED
PDCP
RLC
Medium Access Control (MAC) Layer: Decides who gets to transmit, when, and how much bandwidth
Physical (PHY) Layer: Deals with actual signal transmission over radio waves (modulation, power levels etc.)

5.11. Network Protocols

Application Layer

Signaling Layer

Voice over Public Switched Telephone Network (PSTN)
- Dedicated E2E path between landlines/mobile phones using circuit switchers
- Transmits uncompressed voice using Pulse Code Modulation (PCM) at 64 kbps per call
- Used in landlines and mobile phones when on connections of < 4G
- >4G and above
- Carrier provides QoS guarantees
Voice over IP
- Transmits voice using IP
- No QoS guarantees, call quality depends on network connection
Video over IP
- Transmits video using IP

5.12. Links

DS&A
- LeetCode
System Design

Table of Contents