All Challenges
EasyStarter

Bookmark Manager

DatabasesAPI DesignAuth
Solve in Design Lab →

Problem Statement

MarkIt is building a cloud bookmark manager that works across browsers and devices. Features:

- Save bookmarks - save URLs with auto-fetched titles, descriptions, and favicon. Users can add custom tags and notes.Organize - create folders and drag bookmarks between them. Tag-based filtering across all folders.Search - full-text search across bookmark titles, URLs, descriptions, and tags.Import/export - import bookmarks from Chrome/Firefox (HTML format); export as HTML or JSON.Browser extension - a simple extension that saves the current page with one click.Sync - bookmarks sync across all devices in real time.

Targeting 30,000 users with an average of 500 bookmarks per user.

What You'll Learn

Design a browser-independent bookmark manager with folders, tags, search, and import/export. Build this architecture under realistic production constraints, then validate tradeoffs in the design lab simulation.

DatabasesAPI DesignAuth

Constraints

Registered users~30,000
Bookmarks per user~500 avg
Total bookmarks~15,000,000
Search latency< 300 ms
Sync latency< 5 seconds
Availability target99.5%
ApproachClick to expand

Interview-Ready Approach

1) Clarify Scope and SLOs

  • Problem statement: Design a browser-independent bookmark manager with folders, tags, search, and import/export.
  • Design for a peak load target around 100 RPS (including burst headroom).
  • Registered users: ~30,000
  • Bookmarks per user: ~500 avg
  • Total bookmarks: ~15,000,000
  • Search latency: < 300 ms
  • Sync latency: < 5 seconds

2) Capacity Planning Method

  • Convert traffic and growth constraints into request rate, storage growth, and concurrency budgets.
  • Keep at least 2-3x safety margin per tier (ingress, compute, storage, async workers).
  • Reserve explicit latency budgets per hop so p95 can be defended in review.

3) Architecture Decisions

  • Databases: Define a clear system-of-record and design read/write paths separately before adding optimizations.
  • API Design: Standardize API boundaries, idempotency keys, pagination, and error contracts first.
  • Auth: Centralize identity verification and keep authorization checks close to domain resources.

4) Reliability and Failure Strategy

  • Use strong write constraints (transactions or conditional writes) and explicit backup/restore strategy.
  • Apply strict input validation and backward-compatible versioning.
  • Use short-lived tokens and secure key rotation workflows.

5) Validation Plan

  • Run one peak-load test, one dependency-degradation test, and one failover test.
  • Verify idempotency for all retried writes and async consumers.
  • Track user-facing SLOs first: p95 latency, error rate, and successful throughput.

6) Trade-offs to Call Out in Interviews

  • Databases: SQL gives stronger transactional guarantees; NoSQL often gives better write scaling and flexibility.
  • API Design: Rich APIs improve developer speed but can create long-term compatibility burden.
  • Auth: Central auth simplifies policy, but makes auth service availability/security critical.

Practical Notes

  • PostgreSQL with full-text search (tsvector/tsquery) is sufficient at this scale - no need for Elasticsearch.
  • Auto-fetch page metadata (title, description, favicon) asynchronously via a background worker.
  • Sync via a simple polling mechanism (check for changes every 5 seconds) or Server-Sent Events.

Learn the Concept

Databases Topic HubAPI Design Topic HubAuth Topic Hub

Related guided labs:

Database Replication & Read ScalingNoSQL & Document DatabasesSchema Design Workshop

Practice Next

Reference SolutionClick to reveal

Why This Solution Works

Request path: The solution keeps ingress, service logic, and stateful dependencies separated so each layer can scale independently.

Reference flow: Web Clients -> API Gateway -> API Service -> Auth Service -> Primary SQL DB

Design strengths

  • Security controls are enforced at ingress to protect downstream capacity.

Interview defense

  • This design makes bottlenecks explicit (ingress, core compute, persistence, async workers).
  • It supports progressive scaling without re-architecting the core request path.
  • It keeps correctness-sensitive state changes in durable systems while offloading background work asynchronously.
Solve in Design Lab →