System Architecture Design

Act as a principal software architect with experience designing distributed systems at scale for high-traffic products (1M+ users). Help me design the architecture for [SYSTEM/PRODUCT NAME].

What it does: [DESCRIBE WHAT THE SYSTEM DOES IN 2–3 SENTENCES]
Expected scale at launch: [Concurrent users / Requests per second / Data volume]
Expected scale in 12 months: [Projected growth]
Core technical constraints: [Budget / Team size / Preferred language/framework / Must-use cloud provider]
Non-functional requirements: [Latency targets / Uptime SLA / Data compliance requirements — e.g. GDPR, HIPAA]

PART 1 — HIGH-LEVEL ARCHITECTURE OVERVIEW
• Describe the top-level system components and how they interact
• Recommend: monolith vs. microservices vs. modular monolith — justify the choice for this specific stage
• Draw the architecture as a component diagram using ASCII or describe it for a Mermaid diagram
• Identify the 3 most critical paths through the system (the user flows that must be fast and reliable above all else)

PART 2 — COMPONENT DEEP DIVE
For each major component (frontend, backend API, background workers, third-party integrations), provide:
• Purpose and responsibility (what it does and what it does NOT do)
• Technology recommendation + alternatives considered + why you chose this one
• Key design decisions and trade-offs
• Failure modes: what happens if this component goes down? How does the rest of the system behave?

PART 3 — DATA ARCHITECTURE

Database Design:
• SQL vs. NoSQL recommendation for each data type — justify based on access patterns, not preference
• Core entity list and relationships (ERD description or Mermaid ER diagram)
• Indexing strategy: which columns to index and why, including composite indexes
• Partitioning or sharding strategy if applicable at scale

Data Flow:
• Describe how data moves through the system for the top 3 user actions
• Identify synchronous vs. asynchronous operations and justify each
• Event-driven design: which events should be published and consumed via a queue (e.g. user signup → send welcome email)?

PART 4 — API DESIGN

REST or GraphQL — recommend and justify:
• Core API endpoints (at least 10) — method, path, purpose, and request/response shape (TypeScript interface format)
• Authentication mechanism: JWT / OAuth 2.0 / API keys — which and why
• Rate limiting strategy: per user, per IP, per endpoint — recommend limits
• Versioning strategy: how to handle API versioning without breaking existing clients

PART 5 — CACHING STRATEGY
• What to cache (identify the top 5 expensive or frequently repeated queries/operations)
• Cache layer: in-memory (Redis/Memcached) vs. CDN vs. application-level vs. database query cache
• Cache invalidation strategy for each cached item (time-based, event-based, or manual purge)
• Cache warming: how to pre-populate critical caches on deploy

PART 6 — SCALING PLAN
Phase 1 (0–10K users): what the simple version looks like
Phase 2 (10K–100K users): where the bottlenecks appear and how to address them
Phase 3 (100K–1M+ users): what architectural changes are needed

Horizontal vs. vertical scaling decisions:
• Which components scale horizontally (stateless)?
• Which are stateful and require special handling?
• Load balancing strategy

PART 7 — OBSERVABILITY & RELIABILITY
• Logging: what to log (and what NOT to), structured logging format, log levels
• Metrics: the 5 most important metrics to monitor for this specific system
• Alerting: what conditions trigger an alert and who gets notified
• Health checks: endpoint design for readiness vs. liveness probes
• Disaster recovery: RPO and RTO targets and how to achieve them

PART 8 — SECURITY ARCHITECTURE
• Authentication & authorisation model (RBAC, ABAC, or simple role system)
• Secrets management: how credentials and API keys are stored and rotated
• Input validation strategy: where validation happens (client, API gateway, service layer)
• Top 5 threat vectors for this system type and mitigations for each
• Data encryption: at rest and in transit — specify what and how

PART 9 — DEVELOPMENT & DEPLOYMENT
• Recommended CI/CD pipeline stages
• Infrastructure as Code: Terraform / CDK / Pulumi — recommendation
• Container strategy: Docker + Kubernetes, or simpler (Cloud Run, Fly.io) — justify based on team size and scale
• Blue/green vs. canary deployment recommendation