medium🏗️ System Design
Design an audit logging system that is tamper-proof.
Your enterprise client operates in a regulated industry (financial services). They need an audit log of all user actions that is:
- Tamper-proof (no deletion or modification after write)
- Queryable (search by user, time range, action type)
- Retaining 7 years of data
- Compliant with SOC 2 and GDPR
**Design this system.**
💡 Hints (3)
- 1.Think about append-only storage and cryptographic chaining.
- 2.GDPR right-to-erasure creates a tension with tamper-proof — how do you resolve it?
- 3.7 years of data at scale — what's the tiering strategy?
✅ View Solution
**Key design decisions:**
1. **Append-only store** — Write to immutable object storage (S3 with Object Lock / WORM).
2. **Cryptographic chaining** — Each log entry includes hash of previous entry (blockchain-lite).
3. **Query layer** — Index in Elasticsearch or OpenSearch for fast lookup.
4. **Tiering** — Hot (0-90 days) in fast storage, cold (90 days - 7 years) in Glacier.
5. **GDPR tension** — Store PII separately with a pointer; delete the PII record to satisfy erasure while keeping the anonymized audit event intact.