Master prompt to generate a complete, production-grade system design document for an Instagram-like social media platform. Includes edge cases and follow-ups.
# 🚀 Master Prompt: Instagram-Like App — Full Product & System Design
> **Use this prompt with Gemini (or any LLM) to get a complete, production-grade system design document for building an Instagram-like social media platform.**
---
## 📋 HOW TO USE
Copy everything inside the `---PROMPT START---` and `---PROMPT END---` block and paste it into Gemini.
---PROMPT START---
You are a senior Staff Engineer and Product Architect at a top-tier tech company (like Meta, Google, or Uber). I want you to design a complete Instagram-like social media platform from scratch.
Give me the FULL system design in extreme detail covering ALL of the following sections. Do not skip any section. Use clear headings, subheadings, bullet points, tables, and diagrams (in ASCII or text format where possible).
---
## SECTION 1: PRODUCT VISION & SCOPE
Answer these questions in detail:
1. What problem does this product solve? Who is the target user?
2. What are the core features for MVP (Minimum Viable Product)?
3. What features come in Phase 2 and Phase 3?
4. What are the Key Performance Indicators (KPIs) we should track?
5. How do we measure product success?
MVP Features to design around:
- User Registration & Login (email + OAuth)
- User Profile (bio, avatar, followers/following)
- Post Photos/Videos with captions
- Feed (chronological + algorithmic)
- Like, Comment, Save posts
- Follow / Unfollow users
- Stories (24-hour disappearing content)
- Search & Discover (hashtags, users)
- Notifications (likes, comments, follows)
- Direct Messages (DMs)
- Explore Page
---
## SECTION 2: SCALE ESTIMATION & CAPACITY PLANNING
Give me detailed estimations for:
### User Scale
- Daily Active Users (DAU): 10 million
- Monthly Active Users (MAU): 50 million
- Peak concurrent users: estimate this
- User growth projection (Year 1, Year 2, Year 3)
### Traffic Estimation
- Reads per second (feed, profile views, post views)
- Writes per second (new posts, likes, comments, DMs)
- Read:Write ratio
- Peak traffic multiplier
### Storage Estimation
- Photo storage per user per month
- Video storage per user per month
- Metadata storage (captions, likes, comments)
- Total storage needed at Year 1, Year 2
- Storage growth rate
### Bandwidth Estimation
- Incoming bandwidth (uploads)
- Outgoing bandwidth (feed delivery, CDN)
- CDN bandwidth cost estimation
---
## SECTION 3: HIGH-LEVEL ARCHITECTURE
Draw the complete architecture in ASCII diagram format. Include:
1. Client Layer (Mobile iOS, Mobile Android, Web Browser)
2. CDN Layer (CloudFront or Cloudflare)
3. Load Balancer Layer
4. API Gateway
5. Microservices Layer — list ALL services:
- Auth Service
- User Service
- Post Service
- Feed Service
- Story Service
- Notification Service
- Search Service
- Message Service (DM)
- Media Upload Service
6. Message Queue / Event Bus (Kafka or RabbitMQ)
7. Caching Layer (Redis)
8. Database Layer (SQL + NoSQL)
9. Object Storage (S3 or GCS)
10. Search Engine (Elasticsearch)
11. Monitoring & Logging (Prometheus, Grafana, ELK)
For each service, explain:
- What it does
- What database it uses and WHY
- How it communicates with other services (REST / gRPC / events)
---
## SECTION 4: DATABASE DESIGN
### Which databases to use and WHY:
For each database choice explain:
- Database name (PostgreSQL / MySQL / Cassandra / MongoDB / Redis / Elasticsearch)
- What data is stored here
- Why this database (specific technical reasons: consistency, CAP theorem, query patterns)
- Data model / Schema
### Full Schema Design:
Give me complete table/collection schemas for:
1. **Users Table** — id, username, email, password_hash, bio, avatar_url, follower_count, following_count, created_at, is_verified
2. **Posts Table** — id, user_id, media_urls (array), caption, media_type (photo/video/reel), like_count, comment_count, created_at, location, hashtags
3. **Follows Table** — follower_id, following_id, created_at (and indexing strategy)
4. **Likes Table** — id, user_id, post_id, created_at (and how to handle high write volume)
5. **Comments Table** — id, post_id, user_id, text, parent_comment_id (for nested), like_count, created_at
6. **Stories Table** — id, user_id, media_url, media_type, created_at, expires_at, view_count
7. **Messages Table** — id, conversation_id, sender_id, content, media_url, message_type, is_read, created_at
8. **Notifications Table** — id, user_id, actor_id, type (like/comment/follow/mention), entity_id, entity_type, is_read, created_at
9. **Feed Cache** (Redis data structure) — what key structure, TTL strategy
Also explain:
- Which fields need database indexes and why
- How to handle soft deletes
- Partitioning / Sharding strategy for large tables
---
## SECTION 5: API DESIGN
Give me the complete REST API design for all endpoints:
### Auth APIs
- POST /api/v1/auth/register
- POST /api/v1/auth/login
- POST /api/v1/auth/logout
- POST /api/v1/auth/refresh-token
- POST /api/v1/auth/forgot-password
### User APIs
- GET /api/v1/users/:username
- PUT /api/v1/users/me
- GET /api/v1/users/:id/followers
- GET /api/v1/users/:id/following
- POST /api/v1/users/:id/follow
- DELETE /api/v1/users/:id/follow
### Post APIs
- POST /api/v1/posts (create post)
- GET /api/v1/posts/:id
- DELETE /api/v1/posts/:id
- GET /api/v1/users/:id/posts
- POST /api/v1/posts/:id/like
- DELETE /api/v1/posts/:id/like
- GET /api/v1/posts/:id/likes
### Feed APIs
- GET /api/v1/feed (home feed — paginated)
- GET /api/v1/explore (discover feed)
### Comment APIs
- POST /api/v1/posts/:id/comments
- GET /api/v1/posts/:id/comments
- DELETE /api/v1/comments/:id
### Story APIs
- POST /api/v1/stories
- GET /api/v1/stories/feed
- GET /api/v1/users/:id/stories
- POST /api/v1/stories/:id/view
### Notification APIs
- GET /api/v1/notifications
- PUT /api/v1/notifications/read
### Search APIs
- GET /api/v1/search?q={query}&type={users|posts|hashtags}
### Message APIs (DMs)
- GET /api/v1/conversations
- POST /api/v1/conversations
- GET /api/v1/conversations/:id/messages
- POST /api/v1/conversations/:id/messages
For each endpoint specify:
- HTTP Method + URL
- Request body / query params
- Response format (JSON example)
- Authentication required (yes/no)
- Rate limiting rules
---
## SECTION 6: FEED ALGORITHM DESIGN
Explain in detail:
### Option A: Pull-based Feed (Fan-out on Read)
- How it works
- Pros and Cons
- When to use
### Option B: Push-based Feed (Fan-out on Write)
- How it works
- Pros and Cons
- When to use
### Option C: Hybrid Approach (what Instagram actually uses)
- Explain the hybrid strategy
- How to handle celebrity accounts (10M+ followers)
- How to handle regular users
### Feed Ranking Algorithm
- Chronological feed
- Ranked/Algorithmic feed
- Signals to use: recency, engagement rate, relationship strength, content type preference
- How to implement a basic ranking score
---
## SECTION 7: MEDIA UPLOAD SYSTEM
Design the complete media upload flow:
1. Client requests a pre-signed URL from server
2. Client uploads directly to S3/GCS (bypass server)
3. S3 triggers a Lambda / Cloud Function
4. Media processing pipeline:
- Image compression (multiple sizes: thumbnail 150px, medium 640px, full 1080px)
- Video transcoding (360p, 720p, 1080p)
- HEIC to JPEG conversion
- Metadata extraction (EXIF data)
5. CDN caching strategy
6. How to handle upload failures and retries
Also design:
- Upload progress tracking
- Background upload (app backgrounded)
- Resume interrupted uploads (chunked upload)
---
## SECTION 8: REAL-TIME FEATURES
Design real-time systems for:
### Live Notifications
- WebSocket vs Server-Sent Events vs Long Polling — which to use and why
- Connection management at scale
- Message delivery guarantees
### Direct Messages (DMs)
- Real-time message delivery architecture
- Message queue design
- Read receipts
- Typing indicators
- Online/offline presence
### Stories View Count
- Real-time view counter design
- Approximate counting at scale (HyperLogLog)
---
## SECTION 9: CACHING STRATEGY
Design the complete caching layer using Redis:
For each cache, specify:
- Cache key structure
- Data stored (JSON / string / sorted set / hash)
- TTL (time-to-live)
- Eviction policy
- Cache invalidation strategy
Cache these:
1. User profile cache
2. Post metadata cache
3. Feed cache (per user)
4. Story feed cache
5. Follow/follower lists
6. Like counts
7. Comment counts
8. Session tokens
9. Rate limit counters
10. Search autocomplete
Also explain:
- Cache aside vs write-through vs write-behind strategy
- How to handle cache stampede (thundering herd)
- Redis cluster setup for HA (high availability)
---
## SECTION 10: SEARCH SYSTEM DESIGN
Design the search system:
1. What search engine to use (Elasticsearch recommended) and why
2. Index design for users, posts, hashtags
3. Full-text search on captions and bios
4. Hashtag search
5. User search (prefix matching, fuzzy search)
6. Search ranking (relevance + popularity)
7. Autocomplete / typeahead suggestions
8. How to keep Elasticsearch in sync with primary database (CDC — Change Data Capture using Debezium or Kafka)
---
## SECTION 11: SECURITY DESIGN
Cover all security aspects:
### Authentication & Authorization
- JWT vs Session tokens — which to use and why
- Access token + Refresh token strategy
- Token rotation policy
- OAuth 2.0 integration (Google, Apple, Facebook)
### API Security
- Rate limiting strategy (per user, per IP, per endpoint)
- API key management
- CORS policy
- Input validation and sanitization
- SQL injection prevention
- XSS prevention
### Data Security
- Password hashing (bcrypt with salt rounds)
- PII encryption at rest
- HTTPS/TLS everywhere
- Secrets management (AWS Secrets Manager / Vault)
### Content Security
- Image/video content moderation (NSFW detection using ML)
- Spam detection
- Account takeover prevention
- 2FA (Two-Factor Authentication) design
---
## SECTION 12: SCALABILITY STRATEGY
How to scale each component:
### Horizontal Scaling
- Stateless services — how to scale
- Load balancer configuration (Round Robin vs Least Connections)
- Auto-scaling rules (CPU threshold, request rate)
### Database Scaling
- Read replicas setup
- Database sharding strategy (shard by user_id)
- Connection pooling (PgBouncer for PostgreSQL)
### Caching Scaling
- Redis Cluster setup (how many nodes)
- Redis Sentinel for HA
- Cache partitioning strategy
### CDN Scaling
- Multi-region CDN setup
- Cache-Control headers
- CDN invalidation on content update
### Microservices Scaling
- Which services need to scale most (Feed, Post, Notification)
- Kubernetes HPA (Horizontal Pod Autoscaler) rules
- Service mesh (Istio) for traffic management
---
## SECTION 13: TECH STACK RECOMMENDATION
Give me the complete recommended tech stack:
| Layer | Technology | Why |
|-------|-----------|-----|
| Mobile App | React Native | ... |
| Web Frontend | Next.js + React | ... |
| API Gateway | Kong / AWS API Gateway | ... |
| Backend Services | Node.js (TypeScript) | ... |
| Auth Service | Better Auth / Auth.js | ... |
| Primary DB | PostgreSQL | ... |
| DM / Chat DB | Cassandra | ... |
| Cache | Redis | ... |
| Object Storage | AWS S3 | ... |
| CDN | CloudFront / Cloudflare | ... |
| Message Queue | Apache Kafka | ... |
| Search | Elasticsearch | ... |
| Container | Docker + Kubernetes | ... |
| CI/CD | GitHub Actions | ... |
| Monitoring | Prometheus + Grafana | ... |
| Logging | ELK Stack | ... |
| Error Tracking | Sentry | ... |
| Infrastructure | AWS / GCP | ... |
Fill in all the "Why" cells with specific technical reasons.
---
## SECTION 14: DEPLOYMENT & INFRASTRUCTURE
Design the complete deployment setup:
### Environments
- Local Development
- Staging
- Production
### Kubernetes Setup
- Deployment manifests
- Service definitions
- Ingress configuration
- ConfigMaps and Secrets
- Resource limits and requests
### CI/CD Pipeline
- GitHub Actions workflow
- Steps: lint → test → build → docker build → push to ECR → deploy to K8s
- Blue/Green deployment strategy
- Rollback procedure
### Multi-Region Setup
- Primary region: us-east-1
- Secondary region: ap-south-1 (for India traffic)
- Database replication strategy
- DNS failover
---
## SECTION 15: MONITORING & OBSERVABILITY
Design the complete observability stack:
### Metrics (Prometheus + Grafana)
- List 20 key metrics to monitor
- Alert rules (when to page on-call engineer)
- SLA/SLO definitions
### Logging (ELK Stack)
- Log format (structured JSON logging)
- Log levels and what to log at each level
- Log retention policy
### Distributed Tracing (Jaeger / OpenTelemetry)
- How to trace a request across 5 microservices
- Trace sampling rate
### Error Tracking (Sentry)
- Error grouping
- Release tracking
---
## SECTION 16: FAILURE SCENARIOS & DISASTER RECOVERY
How to handle these failure scenarios:
1. Database goes down — what happens?
2. Cache (Redis) goes down — what happens?
3. CDN goes down — what happens?
4. A single microservice crashes — circuit breaker pattern
5. Kafka message queue goes down — what happens?
6. Data center outage — multi-region failover plan
7. DDoS attack — mitigation strategy
Also define:
- RTO (Recovery Time Objective)
- RPO (Recovery Point Objective)
- Backup strategy and frequency
---
## SECTION 17: COST ESTIMATION
Give a rough monthly AWS cost estimation for 10M DAU:
| Service | Configuration | Monthly Cost (USD) |
|---------|--------------|-------------------|
| EC2 / EKS | ... | $... |
| RDS PostgreSQL | ... | $... |
| ElastiCache Redis | ... | $... |
| S3 Storage | ... | $... |
| CloudFront CDN | ... | $... |
| Kafka (MSK) | ... | $... |
| Elasticsearch | ... | $... |
| Data Transfer | ... | $... |
| **Total** | | **$...** |
---
## SECTION 18: PHASED ROADMAP
Give me a 12-month engineering roadmap:
### Month 1-2: Foundation
- Core infrastructure setup
- Auth, User, Post services
- Basic feed (chronological)
### Month 3-4: Core Features
- Stories
- Notifications
- DMs
### Month 5-6: Scale & Performance
- Feed algorithm
- Caching layer
- CDN setup
### Month 7-8: Discovery
- Search & Explore
- Hashtags
- Recommendations
### Month 9-10: Monetization Ready
- Analytics dashboard
- Ad system foundation
- Creator tools
### Month 11-12: Scale & Polish
- Multi-region deployment
- Advanced monitoring
- Performance optimization
---
## OUTPUT FORMAT INSTRUCTIONS
- Use clear markdown headings (H1, H2, H3)
- Include ASCII architecture diagrams
- Include tables wherever comparisons are made
- Include code snippets for schema designs (SQL CREATE TABLE format)
- Include JSON examples for API request/response
- Be extremely detailed — this is a Staff Engineer level design document
- At the end, give me a TLDR summary of the 10 most important design decisions and WHY
---PROMPT END---
---
## 📁 ADDITIONAL PROMPTS
After getting the main response, use these follow-up prompts:
### Follow-up 1: Deep dive on Feed System
```
Based on the Instagram system design above, give me a deep dive on the Feed Service.
Include: complete code architecture, Redis data structures with exact key formats,
the fan-out algorithm with pseudocode, and how to handle users with 1M+ followers.
```
### Follow-up 2: Database Schema SQL
```
Give me the complete PostgreSQL schema for the Instagram system design above.
Include: all CREATE TABLE statements, all indexes, all constraints, foreign keys,
and example INSERT queries. Also give me the 10 most common queries with EXPLAIN ANALYZE optimization tips.
```
### Follow-up 3: Kubernetes Setup
```
Give me the complete Kubernetes manifests for deploying the Instagram-like app.
Include: Deployments, Services, Ingress, HPA, ConfigMaps, Secrets,
and a GitHub Actions CI/CD pipeline YAML file.
```
### Follow-up 4: Mobile Architecture
```
Design the React Native mobile app architecture for Instagram.
Include: folder structure, state management (Zustand/Redux),
API layer design, offline support, image caching,
infinite scroll feed implementation, and push notification setup.
```
---
## ✅ CHECKLIST — Verify Your Design Covers:
- [ ] Authentication & Authorization
- [ ] User profiles & social graph
- [ ] Media upload & processing pipeline
- [ ] Feed generation (pull/push/hybrid)
- [ ] Stories with 24hr expiry
- [ ] Real-time notifications (WebSocket)
- [ ] Direct Messages (DM system)
- [ ] Search & Discovery
- [ ] Caching strategy (Redis)
- [ ] Database sharding
- [ ] CDN for media delivery
- [ ] Horizontal scaling plan
- [ ] Security (rate limiting, JWT, encryption)
- [ ] Monitoring & alerting
- [ ] Disaster recovery plan
- [ ] Cost estimation
- [ ] 12-month roadmap
---
## 🔴 SECTION 19: EDGE CASES — COMPLETE GUIDE
> **Gemini Prompt — paste this separately for deep edge case coverage:**
```
You are a Staff Engineer at Meta. For the Instagram-like system design above,
give me EVERY edge case across ALL layers of the system — product, API, database,
feed, media, auth, real-time, search, payments, and infrastructure.
For EACH edge case provide:
1. What is the edge case (describe the scenario)
2. What goes wrong if NOT handled
3. How to handle it (specific technical solution)
4. Interview answer (1-2 line crisp answer for system design interviews)
5. Production answer (deep implementation detail)
Cover ALL sections below. Do not skip any.
```
---
### 🔐 AUTH & SESSION EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | User logs in from 5 devices simultaneously | All sessions valid, revoke is hard | Store sessions in Redis with device fingerprint. On logout-all, delete all keys matching `session:userId:*` |
| 2 | Access token expires mid-request | API returns 401, user gets logged out mid-scroll | Implement silent token refresh: interceptor catches 401, calls /refresh-token, retries original request |
| 3 | Refresh token stolen / replayed | Attacker gets permanent access | Refresh token rotation: each use invalidates old token and issues new one. Store token hash in DB, compare on use |
| 4 | User changes password — old tokens still valid | Security breach: old sessions still work | On password change, increment a `tokenVersion` field in DB. Validate version in every JWT claim |
| 5 | OAuth provider (Google) goes down | Users can't log in at all | Always allow email+password as fallback. Show "Login with email instead" option |
| 6 | User registers with email that already exists (case mismatch) | Two accounts: john@gmail.com and John@gmail.com | Normalize email to lowercase before storing and comparing. Add UNIQUE index on `LOWER(email)` |
| 7 | JWT secret key rotation | All existing tokens become invalid instantly | Use key ID (kid) in JWT header. Keep old + new key active for 24hr overlap window |
| 8 | Brute force login attacks | Account takeover via password guessing | Rate limit: 5 failed attempts → 15min lockout. Use Redis: `INCR login:fail:{ip}` with TTL |
| 9 | User deletes account but token still valid | Deleted user can still make API calls | On every request, check `user.deletedAt IS NULL` in Auth middleware. Cache this check in Redis for 60s |
| 10 | Concurrent login + logout race condition | User gets logged out then immediately back in | Use Redis atomic operations (SET NX) for session creation. Idempotent logout |
---
### 👤 USER PROFILE EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Username change — old links break | All shared links (instagram.com/oldname) return 404 | Store `username_history` table. Redirect old usernames to new profile for 90 days |
| 2 | Two users try to claim same username simultaneously | Race condition: both succeed | Add DB unique constraint + use `SELECT FOR UPDATE` or optimistic locking |
| 3 | User with 10M followers changes their profile pic | CDN serves stale avatar everywhere | Use content-addressable URLs (hash in filename). New pic = new URL = no cache busting needed |
| 4 | Follower count vs actual follows mismatch | Cached count drifts from real count | Use DB count as source of truth. Redis cache is approximate. Periodic reconciliation job every 1hr |
| 5 | User blocks someone who already liked their post | Blocked user's like still shows | On block: soft-delete all interactions (likes, comments) from blocked user via async Kafka event |
| 6 | Private account — follower requests pending when account goes public | Pending requests in limbo | On "go public": auto-approve all pending follow requests via batch job |
| 7 | Celebrity account verified badge — impersonation | Fake accounts mislead users | Verified badge stored separately in DB. Front-end always checks `user.isVerified` from API — never trust local cache |
---
### 📸 POST & MEDIA UPLOAD EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | User uploads 50MB video on slow 2G network | Upload times out, user frustrated | Chunked upload (multipart S3 upload). Client resumes from last successful chunk |
| 2 | Upload succeeds to S3 but DB write fails | Orphaned file in S3, no post created | Two-phase: write DB record with `status: processing` FIRST, then upload. S3 event confirms → update status to `published` |
| 3 | Same photo uploaded twice | Duplicate storage cost | Hash the file (MD5/SHA256) before upload. Check `media_hash` table. Reuse existing S3 URL if match found |
| 4 | User deletes post while it's being processed | Processing job tries to update deleted post | Check `post.deletedAt` before each processing step. If deleted, abort and schedule S3 cleanup |
| 5 | Image processing (resize) service crashes mid-job | Post stuck in `processing` status forever | Use Kafka with consumer group. If processing fails 3 times → DLQ (Dead Letter Queue) → alert engineer |
| 6 | User posts NSFW content | Platform policy violation, legal risk | Run ML content moderation (AWS Rekognition) async after upload. Auto-hide post if confidence > 90%. Human review queue for 70-90% |
| 7 | Video codec not supported (HEVC, AV1) | Playback fails on older devices | Transcode to H.264 (universal support) in media pipeline regardless of input codec |
| 8 | Caption with 10,000 hashtags | Database bloat, spam behavior | Validate: max 30 hashtags per post at API layer. Return 400 with clear error message |
| 9 | Post location spoofing | Fake location metadata | Trust only server-verified location. Client sends coordinates → server validates against IP geolocation |
| 10 | Media URL expires (pre-signed S3 URL) | Image shows broken link icon | Use CloudFront signed URLs with 1-year expiry OR make S3 bucket public-read for media (standard practice for social media) |
---
### 📰 FEED GENERATION EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | New user with 0 follows — empty feed | Bad first experience, user churns | Show "suggested posts" feed from trending/popular content until user follows 5+ accounts |
| 2 | User follows a celebrity with 50M followers (fan-out on write) | Writing to 50M feed caches = system overload | Hybrid approach: for accounts with >100K followers, use pull-based fan-out. Merge at read time |
| 3 | User unfollows someone — their posts still in feed cache | Stale content from someone unfollowed | On unfollow event (Kafka): remove that user's posts from feed cache. Or: filter at read time + rebuild cache |
| 4 | User scrolls feed for 6 hours — sees duplicate posts | Bad UX | Feed cursor must be time-based + post-id based. Store `last_seen_post_id` in session. Skip already-seen posts |
| 5 | Feed cache miss for 1M users at 9am peak | All requests hit DB simultaneously (thundering herd) | Probabilistic early expiration: re-cache when TTL < 20% remaining. Jitter on TTL (600s ± 60s random) |
| 6 | User with 10K follows — feed has too many posts | Overwhelming content | Rank and cap feed at top 500 posts per session. Use engagement signals to rank |
| 7 | Post deleted but still in 1000 users' feed caches | Deleted content visible | On delete: publish `post.deleted` Kafka event → feed service filters deleted post IDs at read time (maintain a deleted_posts bloom filter) |
| 8 | Timezone-based feed ordering | User in India sees "3am posts" at top | Store all timestamps in UTC. Convert to user's local timezone only at display layer |
---
### 💬 COMMENTS & LIKES EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | User likes post 100 times rapidly (double-tap spam) | Like count inflated, DB hammered | Idempotent like: `INSERT INTO likes ... ON CONFLICT DO NOTHING`. Redis SET for dedup: `SADD liked:{userId} {postId}` |
| 2 | Post goes viral — 1M likes in 1 minute | DB write bottleneck on likes table | Buffer likes in Redis counter `INCR likes:{postId}`. Flush to DB every 30s via background job |
| 3 | Comment on deleted post | Orphaned comments | FK constraint with CASCADE DELETE. Or check `post.deletedAt` before allowing comment |
| 4 | Nested comments — infinite depth | Recursive queries kill DB | Limit nesting to 2 levels (like Instagram). Store `parent_comment_id` — never recurse deeper than 1 level |
| 5 | User mentions @nonexistent user in comment | Silent failure or broken mention link | Validate mentioned usernames at post time. Replace invalid mentions with plain text |
| 6 | Concurrent like + unlike race condition | Count goes negative or wrong | Use `UPDATE posts SET like_count = like_count + 1 WHERE id = ?` (atomic DB operation). Never read-modify-write |
---
### 📖 STORIES EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Story expires exactly at midnight — timezone confusion | Story expires at wrong time for users in different timezones | Store `expires_at` as UTC timestamp. Expiry = `created_at + 86400 seconds` (exactly 24hrs in UTC) |
| 2 | User posts 100 stories in one day | Overloaded story feed for followers | Cap at 30 stories per user per 24hr period. Return 429 with `Retry-After` header |
| 3 | Story viewed count — high write volume (1M views) | DB overloaded with view INSERT rows | Approximate counting with HyperLogLog in Redis: `PFADD story:views:{storyId} {userId}`. Exact count not needed |
| 4 | Story deletion — views/replies reference deleted story | Foreign key violations, broken UI | Soft delete only (`deleted_at` timestamp). Cascade hide in UI. Hard delete after 30 days |
| 5 | Story media not loaded when story opened | Black screen, bad UX | Prefetch next 2 stories in background when user opens story viewer. Use `<link rel="prefetch">` on web |
---
### 💌 DIRECT MESSAGES EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Both users send message simultaneously | Message ordering confusion | Use server-side timestamp as ordering key. Client-assigned IDs are local only. Server reassigns final order |
| 2 | User sends 1000 messages/minute (spam bot) | Other user's inbox flooded, server overloaded | Rate limit DMs: 60 messages/minute per user. Use Redis sliding window counter |
| 3 | Message delivered but app crashes before "read" event fires | Message permanently shows as "unread" | Use explicit read receipt ACK: client sends `POST /messages/{id}/read` on message open. Retry with exponential backoff |
| 4 | WebSocket connection drops mid-conversation | Messages lost, user thinks they sent it | Client-side message queue with local UUID. On reconnect, server returns messages since `last_received_id`. Reconcile and deduplicate |
| 5 | Group DM with 50 members — one user blocks another | Blocked user's messages visible in group | In group DMs, filter messages from blocked users client-side. On server, don't deliver to users who blocked sender |
| 6 | Large media file in DM (500MB video) | Memory blowup on media service | Use same chunked upload flow as posts. Media stored in S3. DM message contains S3 URL only |
---
### 🔔 NOTIFICATIONS EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Post gets 100K likes in 1 hour | User gets 100K push notifications | Notification batching: group similar events. "John and 9,999 others liked your post" — batch within 5min window using Kafka streams |
| 2 | Push notification token expires (FCM/APNs) | Silent failures — user never gets notified | On 410 Gone from FCM/APNs: delete stale token from DB immediately. Re-register on next app open |
| 3 | User has notifications disabled on device | App tries to send push, silently fails | Store `push_enabled` flag per device. Also support in-app notification bell (pull-based fallback) |
| 4 | Notification for deleted content | "John liked your post" but post is deleted | Before sending notification, verify entity still exists. If deleted, drop notification event |
| 5 | Notification storm after viral post | Notification service overwhelmed | Use priority queue: Kafka topic with 3 partitions — high (follows), medium (comments), low (likes). Process high-priority first |
---
### 🔍 SEARCH EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Elasticsearch out of sync with PostgreSQL | Search returns deleted users / old usernames | Use Debezium CDC (Change Data Capture) to stream DB changes → Kafka → Elasticsearch indexer in real-time |
| 2 | Search query with SQL injection attempt | `'; DROP TABLE users; --` in search box | Elasticsearch queries are JSON-based (no SQL). Still: sanitize input, escape special chars `+ - = && \|\| > < ! ( ) { } [ ] ^ " ~ * ? : \ /` |
| 3 | Autocomplete for rare query with 0 results | Empty dropdown — bad UX | Fall back to: 1) fuzzy matching, 2) prefix matching, 3) "Did you mean?" suggestion |
| 4 | Search for a banned/deactivated user | Deactivated account shows in results | Filter `is_active = true AND is_banned = false` in Elasticsearch query. Update index immediately on account action |
| 5 | Search index grows to 100GB — slow queries | Autocomplete takes 2 seconds | Separate indexes: one for autocomplete (lightweight: id, username, avatar only), one for full search (all fields) |
---
### ⚡ PERFORMANCE & SCALING EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Traffic spike: Diwali / New Year — 10x normal traffic | Servers crash, service down | Pre-scale: scheduled Kubernetes HPA triggers 2hr before expected spike. Load test at 15x capacity monthly |
| 2 | Single hot partition in Kafka (celebrity posts all traffic on one partition) | One consumer overwhelmed, others idle | Partition key = `userId % numPartitions`. For celebrity posts: use separate high-throughput topic |
| 3 | Redis runs out of memory | Cache eviction kills performance, all requests hit DB | Set `maxmemory-policy: allkeys-lru`. Monitor memory usage. Alert at 75% capacity. Pre-provision 2x expected cache size |
| 4 | N+1 query problem in feed API | Feed API makes 100 DB queries per request | Use DataLoader pattern (batch + deduplicate). Fetch all user profiles in ONE query using `WHERE id IN (...)` |
| 5 | Database connection pool exhausted under load | New requests wait → timeout → 503 errors | Use PgBouncer connection pooler. Config: `pool_size = (num_cores * 2) + effective_spindle_count`. Max pool per service: 20 connections |
| 6 | CDN cache miss on new post image | First 1000 viewers all hit origin S3 — slow | CDN cache warming: after upload, proactively call CDN URL to prime cache before publishing post |
---
### 🛡️ SECURITY EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | IDOR (Insecure Direct Object Reference): GET /posts/12345 returns private post | Any user can view private account posts by guessing IDs | Always check ownership: `WHERE id = ? AND (is_public = true OR user_id = currentUserId OR isFollowing(currentUserId, post.userId))` |
| 2 | Mass assignment attack: POST /users/me with `{"isAdmin": true}` | User escalates their own privileges | Whitelist allowed fields in update endpoint. Never pass raw request body to DB update |
| 3 | API scraping — bot downloads all public profiles | Data harvested for spam/phishing | Rate limit by IP + User-Agent. CAPTCHAs after 100 requests/min. Block known scraper IPs via WAF |
| 4 | Insecure pre-signed S3 URL — URL shared publicly | Private media accessible by anyone with link | Pre-signed URLs for private content: short TTL (15min). Public media: CloudFront signed cookies with user-level access control |
| 5 | XSS in post captions / comments | Attacker injects `<script>` tag | Always sanitize HTML server-side (use DOMPurify). Store raw text, render as plain text + linkify hashtags/mentions safely |
| 6 | Timing attack on login | Attacker measures response time to enumerate valid emails | Use `bcrypt.compare()` which always takes same time. Add artificial 200ms delay on all auth responses |
---
### 💾 DATA CONSISTENCY EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Like count in Redis ≠ actual likes in DB | User sees "1.2M likes" but real count is 1.1M | Accept eventual consistency for counts. Periodic reconciliation job (every 1hr) syncs Redis from DB |
| 2 | User deletes account — GDPR data deletion | User data persists in backups, logs, caches | Maintain a `deletion_jobs` table. Async job deletes: DB records → S3 media → Elasticsearch index → Redis cache → audit logs. SLA: 30 days |
| 3 | Distributed transaction: post created but notification not sent | Post exists, creator's follower never knows | Use Outbox Pattern: write post + notification event in same DB transaction. Separate Kafka relay reads outbox and publishes events |
| 4 | Schema migration on live DB (ALTER TABLE on 100M row table) | Table locked, site down for 30min | Use online schema change tools: `pt-online-schema-change` (MySQL) or `pg_repack` (PostgreSQL). Never run DDL directly in prod |
| 5 | Follower count inconsistency after network partition | Two DB nodes disagree on count | Use PostgreSQL as single source of truth for counts. Redis cache is read-only replica. On conflict: DB wins |
---
### 📱 MOBILE CLIENT EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | App opened with no internet | Blank screen, app feels broken | Cache last feed response locally (SQLite / AsyncStorage). Show stale content with "Last updated X mins ago" banner |
| 2 | User scrolls feed — phone call interrupts | Feed position lost, starts from top | Save scroll position (`last_seen_post_id`) to local storage on `appBackgrounded` event. Restore on resume |
| 3 | Image lazy loading — scroll too fast | User sees gray placeholders for 2-3 seconds | Prefetch next 10 images while user is viewing current 10. Use low-res blur-hash placeholder while full image loads |
| 4 | App update changes API response shape | Old app version breaks | Always version APIs (`/api/v1/`, `/api/v2/`). Support old version for minimum 6 months. Use feature flags for new fields |
| 5 | Push notification tapped when app is killed | App opens to wrong screen | Deep link routing: notification payload contains `{ type: "like", postId: "123" }`. App router handles navigation on cold start |
---
### 🌍 INTERNATIONAL & LOCALIZATION EDGE CASES
| # | Edge Case | What Goes Wrong | How to Handle |
|---|-----------|----------------|---------------|
| 1 | Right-to-left language (Arabic, Hebrew) | UI breaks — text overlaps icons | Use CSS `direction: rtl` + `text-align: start` (not `left`). Test all layouts with RTL |
| 2 | Username with Unicode / emojis | DB collation issues, search breaks | Store usernames as UTF-8. Validate: only allow `[a-z0-9._]` for usernames. Display names can have Unicode |
| 3 | Date/time display in different timezones | "Posted 3am" for someone in India, confusing | Always store UTC. Display as relative time ("2 hours ago") using client's local timezone |
| 4 | Content legal in one country, illegal in another | Legal liability | Geo-blocking layer at CDN (CloudFront geo-restriction). Maintain country-specific content policy rules |
---
### 🧪 INTERVIEW CHEAT SHEET — EDGE CASES (30-Second Answers)
```
Q: How do you handle celebrity fan-out in feed?
A: Hybrid approach — pull for accounts >100K followers, push for rest. Merge at read time.
Q: What if Redis cache goes down?
A: Graceful degradation — fall back to DB. Circuit breaker pattern. Redis Sentinel for HA.
Q: How to prevent duplicate likes?
A: DB unique constraint on (user_id, post_id). INSERT ON CONFLICT DO NOTHING.
Q: How to handle GDPR delete?
A: Async deletion job — DB → S3 → Elasticsearch → Redis → logs. 30-day SLA.
Q: How to handle thundering herd on cache miss?
A: Probabilistic early expiration + jitter on TTL + mutex lock (Redis SETNX) for cache rebuild.
Q: How to keep search in sync with DB?
A: Debezium CDC → Kafka → Elasticsearch consumer. Near real-time sync.
Q: What if notification service goes down?
A: Kafka retains events. Consumer resumes from last offset. No notifications lost.
Q: How to handle story expiry?
A: Cron job every minute: SELECT * FROM stories WHERE expires_at < NOW() AND deleted_at IS NULL → soft delete.
Q: How to prevent account enumeration via login timing?
A: Constant-time bcrypt compare + artificial 200ms delay on all auth responses.
Q: What if DB migration needed on 100M row table?
A: pt-online-schema-change / pg_repack. Never raw ALTER TABLE in production.
```
---
## 🎯 DYNAMIC TOPIC PROMPTS
> For ANY product (not just Instagram), use these prompts in Gemini:
### Universal Edge Case Prompt
```
I am designing [YOUR PRODUCT NAME — e.g., Zomato / Uber / WhatsApp / Netflix].
Give me every edge case for this system across:
- Authentication & sessions
- Core feature flows (describe your main feature)
- Database writes under high load
- Cache consistency
- Real-time features (if any)
- Media/file handling (if any)
- Payment flows (if any)
- Mobile offline behavior
- Security vulnerabilities
- GDPR / data deletion
- Scaling bottlenecks
For each edge case: what breaks, how to fix it, interview answer (2 lines), production answer (deep).
```
### Domain-Specific Edge Case Prompts
**For E-commerce (Dvaltor):**
```
Give me all edge cases for an e-commerce platform:
Flash sale — 50K users buying same item simultaneously (inventory race condition),
payment gateway timeout after charge, cart abandoned mid-checkout,
promo code applied multiple times, COD order cancellation after dispatch.
```
**For Real-time Chat (WhatsApp-like):**
```
Give me all edge cases for a real-time messaging system:
Message ordering with clock skew, offline message queue depth limit,
end-to-end encryption key rotation, group of 1000 members message fan-out,
media forwarding viral spread, message recall after delivery.
```
**For Video Streaming (YouTube/Netflix):**
```
Give me all edge cases for a video streaming platform:
Adaptive bitrate switching mid-stream, CDN edge node failure,
DRM license server downtime, concurrent stream limit enforcement,
seek position on partially buffered video, live stream 30s delay handling.
```
---
*Generated for: Dhaval | Full Stack Dev | Ahmedabad*
*Project: Instagram-like Social Media Platform*
*Level: Staff Engineer / System Design Interview Ready*