System Design: Donations Platform for a Three-Day Global Fundraising Campaign

Context

You are to design an internet-scale donations platform for a time-bounded, three-day global fundraising campaign. The platform must handle significant traffic spikes during live events, provide real-time visibility into totals and leaderboards, ensure payment correctness, and remain highly available across regions.

Requirements

Design and specify the following:

1. Functional APIs
   • Create donation (intent), confirm payment, refund.
   • Query: totals and leaderboards (by campaign, country, team, etc.).
2. Data model
   • Core entities (campaign, donation, payment, refund, donor/PII segregation, ledger), indexes, and unique constraints.
3. Idempotency and deduplication
   • Strategy for client retries and provider webhook retries; prevention of double-submits.
4. Real-time totals and leaderboards
   • Running totals with sub-second updates; unique donors, top teams/countries.
5. Risk controls
   • Fraud checks and deduplication heuristics; velocity limits.
6. Traffic protection
   • Rate limiting, backpressure, and load shedding.
7. Webhooks
   • Handling delayed/out-of-order/duplicated payment provider webhooks and reconciliation.
8. Scalability and availability
   • Design for global traffic spikes; multi-region availability; explicit consistency trade-offs.
9. Storage and partitioning
   • OLTP vs. streaming/warehouse; partitioning, replication, and hot campaign handling.
10. Caching
    • Strategy for campaign config, totals, and leaderboards.
11. Streaming and analytics
    • Near-real-time pipelines for metrics and BI.
12. Observability
    • Metrics, logs, traces, dashboards, and alerting.
13. Failure scenarios
    • Payment provider outage, double-submits, partial failures; recovery and user experience.
14. Capacity estimates
    • Back-of-the-envelope RPS/QPS, storage, throughput; latency budgets.
15. Rollout and testing
    • Phased rollout, load tests, chaos/failure drills, and monitoring gates.