Arqly — System Design Mastery

#02Pastebin

Store text/code blobs with TTL and access control.

Saved on this device

Build a Pastebin-class service: users submit a text / code blob (a "paste"), receive a short URL, share it. Anyone with the URL can read the blob until it expires or is taken down. Visibility ranges from public (search-engine-indexable, edge-cacheable) through unlisted (URL is the secret) to private (owner-only, JWT-authed) and password-protected (server-side check). The system spans an edge CDN, a metadata DB, an object store for bytes, an async abuse pipeline, and a TTL sweeper.

The interview-tier 6-node sketch is wrong here in three load-bearing ways: (1) it under-models the cache-key story for private content; (2) it treats S3 lifecycle as the source of truth for TTL; (3) it puts blob storage on the same Postgres as metadata. We unwind all three.

Reading: Cloudflare KV outage (2025-06-12) · Discord — How Discord Stores Trillions of Messages · GitHub — sharded replicated rate limiter in Redis · AWS S3 — performance design patterns + lifecycle · Cloudflare — Tiered Cache & Argo · PrivateBin / 0bin — zero-knowledge paste

object store + metadata DB split

edge cache key design (Vary, Cache-Control: private)

TTL: lazy on-read + active sweeper + S3 lifecycle

viral hot key (single-flight, tiered cache)

outbox txn for async fan-out

abuse / DMCA control plane

S3 hot-prefix throttling (3,500 PUT/sec)