๐๐ผ๐ ๐ฑ๐ผ ๐๐ผ๐ ๐ฑ๐ฒ๐ฎ๐น ๐๐ถ๐๐ต ๐ง๐ฒ๐ฐ๐ต๐ป๐ถ๐ฐ๐ฎ๐น ๐๐ฒ๐ฏ๐?
Theย latest SO surveyย (https://t.co/0oluCMHnaK) identified technical debt as one of the most important causes of developer frustration.
How do you deal with it? What practical methods or strategies did you use to minimize or reduce it?
Introducing LlamaCoder!
An open source Claude Artifacts app that can generate full React apps and components with Llama 3.1 405B. 100% free and open source.
https://t.co/nln0vgdnqy
Session, cookie, JWT, token, SSO, and OAuth 2.0 - what are they?
These terms relate to managing user identity when logging into websites. You declare who you are (identification), your identity is verified (authentication), and you're granted appropriate permissions (authorization). Many solutions exist and continue to emerge.
From simple to more complex:
๐นWWW-Authenticate is very basic. The browser prompts for username and password. It lacks control over the login lifecycle, so is rarely used today.
๐นSession-cookie is prevalent in browsers. Servers maintain session storage, and browsers store session IDs in cookies. Mobile apps can use cookies in web views but often prefer tokens for native functions.
๐นTokens are encoded data used for validation, allowing clients to avoid sending credentials repeatedly. They ensure data integrity but aren't always encrypted.
๐นJWT provides a standardized format for tokens. They are digitally signed to ensure their authenticity. Because JWTs can hold session or user data in their claims, servers don't need to store this information separately for verification.
๐นSSO (single sign-on) lets you log in once then access multiple sites. Uses central authentication service (CAS) to maintain cross-site info.
๐นOAuth 2.0 authorizes one site to access your info on another site.
โ
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://t.co/kNfv0DVDdf
Why is the credit card called โ๐ญ๐ก๐ ๐ฆ๐จ๐ฌ๐ญ ๐ฉ๐ซ๐จ๐๐ข๐ญ๐๐๐ฅ๐ product in banksโ?
How does VISA/Mastercard make money?
The diagram below shows the economics of the credit card payment flow.
๐ ๐ฅ๐ถ๐๐ธ-๐ฏ๐ฎ๐๐ฒ๐ฑ ๐๐ฝ๐ฝ๐ฟ๐ผ๐ฎ๐ฐ๐ต ๐ง๐ผ ๐ฆ๐ผ๐ณ๐๐๐ฎ๐ฟ๐ฒ ๐๐ฟ๐ฐ๐ต๐ถ๐๐ฒ๐ฐ๐๐๐ฟ๐ฒ
In the book "๐๐๐๐ ๐๐ป๐ผ๐๐ด๐ต ๐ฆ๐ผ๐ณ๐๐๐ฎ๐ฟ๐ฒ ๐๐ฟ๐ฐ๐ต๐ถ๐๐ฒ๐ฐ๐๐๐ฟ๐ฒ" by George Fairbanks, the author introduces Risk-Driven Software Architecture. A risk-based approach to software architecture involves identifying and ๐ฝ๐ฟ๐ถ๐ผ๐ฟ๐ถ๐๐ถ๐๐ถ๐ป๐ด ๐๐ต๐ฒ ๐ฟ๐ถ๐๐ธ๐ ๐ฎ๐๐๐ผ๐ฐ๐ถ๐ฎ๐๐ฒ๐ฑ ๐๐ถ๐๐ต ๐ฎ ๐๐ผ๐ณ๐๐๐ฎ๐ฟ๐ฒ ๐๐๐๐๐ฒ๐บ and then designing the architecture to mitigate those risks. The idea is to focus on the risks most critical to the project's success and address them first rather than trying to address every possible risk.
To ๐ถ๐บ๐ฝ๐น๐ฒ๐บ๐ฒ๐ป๐ a risk-based approach, you first need to ๐ถ๐ฑ๐ฒ๐ป๐๐ถ๐ณ๐ ๐๐ต๐ฒ ๐ฝ๐ผ๐๐ฒ๐ป๐๐ถ๐ฎ๐น ๐ฟ๐ถ๐๐ธ๐ ๐ฎ๐๐๐ผ๐ฐ๐ถ๐ฎ๐๐ฒ๐ฑ ๐๐ถ๐๐ต ๐๐ผ๐๐ฟ ๐๐๐๐๐ฒ๐บ. This can be done through various methods, such as ๐ฐ๐ผ๐ป๐ฑ๐๐ฐ๐๐ถ๐ป๐ด ๐ฎ ๐ฟ๐ถ๐๐ธ ๐ฎ๐ป๐ฎ๐น๐๐๐ถ๐, reviewing historical data from similar projects, or consulting with subject matter experts. Once the risks have been identified, they should be prioritized based on their potential impact on the project, the likelihood of occurrence, and the feasibility of mitigation.
Next, the ๐๐ผ๐ณ๐๐๐ฎ๐ฟ๐ฒ ๐ฎ๐ฟ๐ฐ๐ต๐ถ๐๐ฒ๐ฐ๐๐๐ฟ๐ฒ ๐๐ต๐ผ๐๐น๐ฑ ๐ฏ๐ฒ ๐ฑ๐ฒ๐๐ถ๐ด๐ป๐ฒ๐ฑ ๐๐ถ๐๐ต ๐๐ต๐ฒ ๐ถ๐ฑ๐ฒ๐ป๐๐ถ๐ณ๐ถ๐ฒ๐ฑ ๐ฟ๐ถ๐๐ธ๐ ๐ถ๐ป ๐บ๐ถ๐ป๐ฑ. Addressing the most critical risks may involve trade-offs between architectural qualities, such as performance, scalability, and maintainability. For example, if security is identified as a critical risk, the architecture may need to rank secure communication channels, access control mechanisms, and encryption over other qualities.
The book introduces related concepts of ๐๐ผ๐บ๐ฝ๐ผ๐ป๐ฒ๐ป๐๐, ๐ฃ๐ผ๐ฟ๐๐, ๐ฎ๐ป๐ฑ ๐๐ผ๐ป๐ป๐ฒ๐ฐ๐๐ผ๐ฟ๐. We've all heard the word "component" a thousand times differently. The context surrounding the term "component" was more explicit in Fairbanks' work, and "Ports and Connectors" helped cement the idea of what a Component may be in an actual system.
An ๐ฒ๐ ๐ฎ๐บ๐ฝ๐น๐ฒ ๐ผ๐ณ ๐๐ต๐ถ๐ ๐ฎ๐ฝ๐ฝ๐ฟ๐ผ๐ฎ๐ฐ๐ต ๐ถ๐ป ๐ต๐ฒ๐ฎ๐น๐๐ต๐ฐ๐ฎ๐ฟ๐ฒ would be that such software systems must follow strict patient privacy and data security regulations. A risk-based approach can help identify the most critical risks and design the architecture to meet regulatory requirements. For example, the architecture may rank secure data transmission, authentication, and access control mechanisms to protect patient information.
It's important to note that a risk-based approach is ๐ป๐ผ๐ ๐ฎ ๐ผ๐ป๐ฒ-๐๐ถ๐บ๐ฒ ๐ฝ๐ฟ๐ผ๐ฐ๐ฒ๐๐. As the project progresses and new information becomes available, the identified risks may change, and the architecture may need adaptation. ๐ฅ๐ฒ๐ด๐๐น๐ฎ๐ฟ ๐ฟ๐ฒ๐๐ถ๐ฒ๐๐ ๐ฎ๐ป๐ฑ ๐๐ฝ๐ฑ๐ฎ๐๐ฒ๐ ๐๐ผ ๐๐ต๐ฒ ๐ฟ๐ถ๐๐ธ ๐ฎ๐๐๐ฒ๐๐๐บ๐ฒ๐ป๐ and architecture design are essential to ensure the system remains secure and functional.
#softwareengineering #softwaredesign #softwarerchitecture
The buyer pays in USD, and the European seller receives euros. How does this work?
This process is called foreign exchange.
Suppose Bob (the buyer) needs to pay 100 USD to Alice (the seller), and Alice can only receive EUR. The diagram below illustrates the process.
1. Bob sends 100 USD via a third-party payment provider. In our example, it is Paypal. The money is transferred from Bobโs bank account (Bank B) to Paypalโs account in Bank P1.
2. Paypal needs to convert USD to EUR. It leverages the foreign exchange provider (Bank E). Paypal sends 100 USD to its USD account in Bank E.
3. 100 USD is sold to Bank Eโs funding pool.
4. Bank Eโs funding pool provides 88 EUR in exchange for 100 USD. The money is put into Paypalโs EUR account in Bank E.
5. Paypalโs EUR account in Bank P2 receives 88 EUR.
6. 88 EUR is paid to Aliceโs EUR account in Bank A.
Now letโs take a close look at the foreign exchange (forex) market. It has 3 layers:
๐น Retail market. Funding pools are parts of the retail market. To improve efficiency, Paypal usually buys a certain amount of foreign currencies in advance.
๐น Wholesale market. The wholesale business is composed of investment banks, commercial banks, and foreign exchange providers. It usually handles accumulated orders from the retail market.
๐น Top-level participants. They are multinational commercial banks that hold lots of money from different countries.
When Bank Eโs funding pool needs more EUR, it goes upward to the wholesale market to sell USD and buy EUR. When the wholesale market accumulates enough orders, it goes upward to top-level participants. Steps 3.1-3.3 and 4.1-4.3 explain how it works.
If you have any questions, please leave a comment.
What foreign currency did you find difficult to exchange? And what company have you used for foreign currency exchange?
โ
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://t.co/FIzCeaWsZV
Would it be nice if the code we wrote automatically turned into architecture diagrams?
I recently discovered a Github repo that does exactly this: Diagram as Code for prototyping cloud system architectures.
๐๐ก๐๐ญ ๐๐จ๐๐ฌ ๐ข๐ญ ๐๐จ?
- Draw the cloud system architecture in Python code.
- Diagrams can also be rendered directly inside the Jupyter Notebooks.
- No design tools are needed.
- Supports the following providers: AWS, Azure, GCP, Kubernetes, Alibaba Cloud, Oracle Cloud, etc.
Github repo: github. com/mingrammer/diagrams
โ
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://t.co/uc5M7CdXXC
Do you believe that Google, Meta, Uber, and Airbnb put almost all of their code in one repository?
This practice is called a monorepo.
Monorepo vs. Microrepo. Which is the best? Why do different companies choose different options?
Monorepo isn't new; Linux and Windows were both created using Monorepo. To improve scalability and build speed, Google developed its internal dedicated toolchain to scale it faster and strict coding quality standards to keep it consistent.
Amazon and Netflix are major ambassadors of the Microservice philosophy. This approach naturally separates the service code into separate repositories. It scales faster but can lead to governance pain points later on.
Within Monorepo, each service is a folder, and every folder has a BUILD config and OWNERS permission control. Every service member is responsible for their own folder.
On the other hand, in Microrepo, each service is responsible for its repository, with the build config and permissions typically set for the entire repository.
In Monorepo, dependencies are shared across the entire codebase regardless of your business, so when there's a version upgrade, every codebase upgrades their version.
In Microrepo, dependencies are controlled within each repository. Businesses choose when to upgrade their versions based on their own schedules.
Monorepo has a standard for check-ins. Google's code review process is famously known for setting a high bar, ensuring a coherent quality standard for Monorepo, regardless of the business.
Microrepo can either set their own standard or adopt a shared standard by incorporating best practices. It can scale faster for business, but the code quality might be a bit different.
Google engineers built Bazel, and Meta built Buck. There are other open-source tools available, including Nix, Lerna, and others.
Over the years, Microrepo has had more supported tools, including Maven and Gradle for Java, NPM for NodeJS, and CMake for C/C++, among others.
Over to you: Which option do you think is better? Which code repository strategy does your company use?
โ
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://t.co/FIzCeaWsZV
A Roadmap for Full-Stack Development.
A full-stack developer needs to be proficient in a wide range of technologies and tools across different areas of software development. Hereโs a comprehensive look at the technical stacks required for a full-stack developer.
๐น 1. Frontend Development
Frontend development involves creating the user interface and user experience of a web application.
๐น 2. Backend Development
Backend development involves managing the server-side logic, databases, and integration of various services.
๐น 3. Database Development
Database development involves managing data storage, retrieval, and manipulation.
๐น 4. Mobile Development
Mobile development involves creating applications for mobile devices.
๐น 5. Cloud Computing
Cloud computing involves deploying and managing applications on cloud platforms.
๐น 6. UI/UX Design
UI/UX design involves designing the user interface and experience of applications.
๐น 7. Infrastructure and DevOps
Infrastructure and DevOps involve managing the infrastructure, deployment, and continuous integration/continuous delivery (CI/CD) of applications.
How to improve API performance?
Here are 5 tips:
1. ๐ฃ๐ฎ๐ด๐ถ๐ป๐ฎ๐๐ถ๐ผ๐ป
Pagination is a common optimization technique when result sets are large. By streaming results back to the client in pages, service responsiveness can be improved.
2. ๐๐๐๐ป๐ฐ๐ต๐ฟ๐ผ๐ป๐ผ๐๐ ๐๐ผ๐ด๐ด๐ถ๐ป๐ด
Synchronous logging writes to disk on every API call, slowing down the system. With asynchronous logging, logs are first sent to a lock-free buffer and control is immediately returned. The buffer contents are then flushed periodically to disk, significantly reducing I/O overhead.
3. ๐๐ฎ๐ฐ๐ต๐ถ๐ป๐ด
Frequently accessed data can be cached for fast retrieval. Clients can query the cache first instead of hitting the database directly every time. For cache misses, the database can be queried as a fallback. In-memory caches like Redis provide faster data access compared to databases.
4. ๐ฃ๐ฎ๐๐น๐ผ๐ฎ๐ฑ ๐๐ผ๐บ๐ฝ๐ฟ๐ฒ๐๐๐ถ๐ผ๐ป
Request and response payloads can be compressed using algorithms such as gzip to reduce transmitted data volume. This speeds up upload and download times.
5. ๐๐ผ๐ป๐ป๐ฒ๐ฐ๐๐ถ๐ผ๐ป ๐ฃ๐ผ๐ผ๐น๐ถ๐ป๐ด
Opening and closing database connections has significant overhead. Using a pool of open connections avoids this. The connection pool manages lifecycle events internally.
What other performance optimization tricks have you found useful for APIs?
โ
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://t.co/kNfv0DVDdf
๐ช๐ต๐ฎ๐ ๐ถ๐ ๐๐๐ฒ๐ป๐-๐๐ฟ๐ถ๐๐ฒ๐ป ๐๐ฟ๐ฐ๐ต๐ถ๐๐ฒ๐ฐ๐๐๐ฟ๐ฒ?
Event-driven architecture is a software design pattern that operates in real-time. The program's flow is determined by events such as user actions, sensor outputs, or messages from other programs or services. In this architecture, events trigger the execution of specific processes or functions, ensuring immediate responsiveness. We usually implement it with microservices.
Some examples of events include a user clicking a button, placing a new order, or uploading a file.
This architecture has three key components:
๐ญ. ๐ฃ๐ฟ๐ผ๐ฑ๐๐ฐ๐ฒ๐ฟ๐: These components or services generate events when something notable happens.
๐ฎ. ๐๐ผ๐ป๐๐๐บ๐ฒ๐ฟ๐: These are components or services that listen to specific events and react accordingly.
๐ฏ. ๐๐ต๐ฎ๐ป๐ป๐ฒ๐น๐ (๐ผ๐ฟ ๐๐ฟ๐ผ๐ธ๐ฒ๐ฟ๐): This is how events are transmitted from producers to consumers. Popular examples include message queues (like RabbitMQ) and streaming platforms (like Apache Kafka).
They work as follows: An event producer detects a significant change and creates an event message. The message is sent to an event channel, which delivers it to interested event consumers. Event consumers process the event and perform actions as needed.
There are multiple benefits of this architecture:
๐ญ. ๐ฆ๐ฐ๐ฎ๐น๐ฎ๐ฏ๐ถ๐น๐ถ๐๐. Components can be scaled independently to handle varying loads.
๐ฎ. ๐๐ผ๐ผ๐๐ฒ ๐ฐ๐ผ๐๐ฝ๐น๐ถ๐ป๐ด. Components are less dependent on each other, making the system more flexible and accessible to change.
๐ฏ. ๐ฅ๐ฒ๐๐ฝ๐ผ๐ป๐๐ถ๐๐ฒ๐ป๐ฒ๐๐. Applications can react to events in real-time or near real-time.
๐ฐ. ๐ฅ๐ฒ๐๐ถ๐น๐ถ๐ฒ๐ป๐ฐ๐ฒ. Failure in one component doesn't affect others.
It also includes some ๐ฑ๐ถ๐๐ฎ๐ฑ๐๐ฎ๐ป๐๐ฎ๐ด๐ฒ๐, such as increased complexity in design and debug issues and consistency in ensuring that events are processed correctly.
Some use cases include:
๐น ๐๐ผ๐ง ๐ฆ๐๐๐๐ฒ๐บ๐: Managing data from multiple sensors.
๐น ๐ฅ๐ฒ๐ฎ๐น-๐๐ถ๐บ๐ฒ ๐ฑ๐ฎ๐๐ฎ ๐ฝ๐ฟ๐ผ๐ฐ๐ฒ๐๐๐ถ๐ป๐ด: One of its strengths is processing and analyzing data immediately upon generation.
๐น ๐ ๐ถ๐ฐ๐ฟ๐ผ๐๐ฒ๐ฟ๐๐ถ๐ฐ๐ฒ๐: It complements microservices well, allowing services to communicate asynchronously and remain loosely coupled.
#softwareengineering #programming #softwaredesign
What is a webhook?
The diagram below shows a comparison between polling and webhook.
Assume we run an eCommerce website. The clients send orders to the order service via the API gateway, which goes to the payment service for payment transactions. The payment service then talks to an external payment service provider (PSP) to complete the transactions.
There are two ways to handle communications with the external PSP.
๐น 1. Short polling
After sending the payment request to the PSP, the payment service keeps asking the PSP about the payment status. After several rounds, the PSP finally returns with the status.
Short polling has two drawbacks:
1) Constant polling of the status requires resources from the payment service.
2) The External service communicates directly with the payment service, creating security vulnerabilities.
๐น 2. Webhook
We can register a webhook with the external service. It means: call me back at a certain URL when you have updates on the request. When the PSP has completed the processing, it will invoke the HTTP request to update the payment status.
In this way, the programming paradigm is changed, and the payment service doesnโt need to waste resources to poll the payment status anymore.
What if the PSP never calls back? We can set up a housekeeping job to check payment status every hour.
Webhooks are often referred to as reverse APIs or push APIs because the server sends HTTP requests to the client. We need to pay attention to 3 things when using a webhook:
1) We need to design a proper API for the external service to call.
2) We need to set up proper rules in the API gateway for security reasons.
3) We need to register the correct URL at the external service.
โ
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://t.co/FIzCeaWsZV
Introducing LlamaTutor!
An AI personal tutor who can explain any subject at any education level using up-to-date sources. 100% free and open source.
https://t.co/rfWFMyKYBf
Most of the software developers will be out-of-job by 2025.
This AI tool can build fully functional web apps on Python/Django/Flask in 1/5th of the time and save 1000s of $$ of development costs.
Meet SuperCoder 2.0, an Open Source Autonomous Software Development System:
๐ช๐ต๐ฎ๐ ๐๐ฟ๐ฒ ๐๐ฟ๐ฐ๐ต๐ถ๐๐ฒ๐ฐ๐๐๐ฟ๐ฎ๐น ๐๐ต๐ฎ๐ฟ๐ฎ๐ฐ๐๐ฒ๐ฟ๐ถ๐๐๐ถ๐ฐ๐?
ISO/IEC 25010 is a standard that defines a model for software product quality and provides a set of quality characteristics (also called "ilities"). It is part of the ISO/IEC 25000 series and concerns software product quality. The model introduced in ISO/IEC 25010 is known as ๐๐ต๐ฒ ๐ฆ๐๐๐๐ฒ๐บ ๐ฎ๐ป๐ฑ ๐ฆ๐ผ๐ณ๐๐๐ฎ๐ฟ๐ฒ ๐ค๐๐ฎ๐น๐ถ๐๐ ๐ ๐ผ๐ฑ๐ฒ๐น.
The most important architectural characteristics defined by ISO/IEC 25010 are:
๐ญ. ๐๐๐ป๐ฐ๐๐ถ๐ผ๐ป๐ฎ๐น๐ถ๐๐: This refers to the set of attributes that bear on the existence of a group of functions and their specified properties.
ย ๐น ๐ฆ๐๐ถ๐๐ฎ๐ฏ๐ถ๐น๐ถ๐๐: Appropriateness of functions for specified tasks.
ย ๐น ๐๐๐ป๐ฐ๐๐ถ๐ผ๐ป๐ฎ๐น ๐ฐ๐ผ๐บ๐ฝ๐น๐ฒ๐๐ฒ๐ป๐ฒ๐๐: The degree to which the set of functions covers all the specified tasks and user objectives.
ย ๐น ๐๐๐ป๐ฐ๐๐ถ๐ผ๐ป๐ฎ๐น ๐ฐ๐ผ๐ฟ๐ฟ๐ฒ๐ฐ๐๐ป๐ฒ๐๐: The degree to which a system performs its required functions.
๐ฎ. ๐ฃ๐ฒ๐ฟ๐ณ๐ผ๐ฟ๐บ๐ฎ๐ป๐ฐ๐ฒ ๐๐ณ๐ณ๐ถ๐ฐ๐ถ๐ฒ๐ป๐ฐ๐: This pertains to the performance relative to the resources used under stated conditions.
ย ๐น ๐ง๐ถ๐บ๐ฒ ๐ฏ๐ฒ๐ต๐ฎ๐๐ถ๐ผ๐ฟ: Degree to which a product or system's response and processing times and throughput rates meet requirements when performing its functions.
ย ๐น ๐ฅ๐ฒ๐๐ผ๐๐ฟ๐ฐ๐ฒ ๐๐๐ฒ: The degree to which the amounts and types of resources a product or system uses meet requirements when performing its functions.
ย ๐น ๐๐ฎ๐ฝ๐ฎ๐ฐ๐ถ๐๐: Degree to which a product's or system parameter's largest limits meet requirements.
๐ฏ. ๐๐ผ๐บ๐ฝ๐ฎ๐๐ถ๐ฏ๐ถ๐น๐ถ๐๐: The capability of two or more systems or components to exchange information and perform their required functions while sharing the same hardware or software environment.
ย ๐น ๐๐ผ-๐ฒ๐ ๐ถ๐๐๐ฒ๐ป๐ฐ๐ฒ: Degree to which a product can perform its functions efficiently while sharing a familiar environment and resources without detrimental impact on any other product.
ย ๐น ๐๐ป๐๐ฒ๐ฟ๐ผ๐ฝ๐ฒ๐ฟ๐ฎ๐ฏ๐ถ๐น๐ถ๐๐: Degree to which two or more systems, products, or components can exchange information and use the information that has been exchanged.
๐ฐ. ๐จ๐๐ฎ๐ฏ๐ถ๐น๐ถ๐๐: The degree to which specified users can use a product or system to achieve goals with effectiveness, efficiency, and satisfaction in a specified context.
ย ๐น ๐๐ฝ๐ฝ๐ฟ๐ผ๐ฝ๐ฟ๐ถ๐ฎ๐๐ฒ๐ป๐ฒ๐๐ ๐ฟ๐ฒ๐ฐ๐ผ๐ด๐ป๐ถ๐๐ฎ๐ฏ๐ถ๐น๐ถ๐๐: The degree to which users can recognize whether a product or system is appropriate for their needs.
ย ๐น ๐๐ฒ๐ฎ๐ฟ๐ป๐ฎ๐ฏ๐ถ๐น๐ถ๐๐: The degree to which specified users can use a product or system to achieve the goals of learning to use the product or system with effectiveness, efficiency, freedom from risk, and satisfaction in a specified context of use.
ย ๐น ๐ข๐ฝ๐ฒ๐ฟ๐ฎ๐ฏ๐ถ๐น๐ถ๐๐: The degree to which a product or system has attributes that make it easy to operate and control.
#softwareengineering #softwarearchitecture #softwaredesign
Update:
Crowdstrike came out and released a technical report confirming my analysis. They were reading in a bad data file and attempting to access invalid memory.
This global crash was a two-part bomb. The detonator apparently, was NOT new.. it was PRE-INSTALLED.
/1
@ianmiles C++ is hard. Maybe they have a DEI engineer that did this but for mission-critical software like this Crowdstrike should have set up automated testing using address sanitizer and thread sanitizer that runs on every code update.
https://t.co/Txz96hoFXy
https://t.co/cLHk9FfGea
Crowdstrike Analysis:
It was a NULL pointer from the memory unsafe C++ language.
Since I am a professional C++ programmer, let me decode this stack trace dump for you.
Double charging a customer is VERY BAD. How do we avoid it?
When we design the payment system, it is important to guarantee that the payment system executes a payment order exactly-once.
At the first glance, exactly-once delivery seems very hard to tackle, but if we divide the problem into two parts, it is much easier to solve. Mathematically, an operation is executed exactly-once if:
1. It is executed at least once.
2. At the same time, it is executed at most once.
We now explain how to implement at least once using retry and at most once using idempotency check.
๐๐๐ญ๐ซ๐ฒ
Occasionally, we need to retry a payment transaction due to network errors or timeout. Retry provides the at-least-once guarantee. For example, as shown in Figure 10, the client tries to make a $10 payment, but the payment keeps failing due to a poor network connection. Considering the network condition might get better, the client retries the request and this payment finally succeeds at the fourth attempt.
๐๐๐๐ฆ๐ฉ๐จ๐ญ๐๐ง๐๐ฒ
From an API standpoint, idempotency means clients can make the same call repeatedly and produce the same result.
For communication between clients (web and mobile applications) and servers, an idempotency key is usually a unique value that is generated by clients and expires after a certain period of time. A UUID is commonly used as an idempotency key and it is recommended by many tech companies such as Stripe and PayPal. To perform an idempotent payment request, an idempotency key is added to the HTTP header: <idempotency-key: key_value>.
If you have any questions or I missed anything, please leave a comment.
โ
Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): https://t.co/FIzCeaWsZV