Design and Implementation of a Secure Funds Account System

Funds account systems are essential in e‑commerce and payment services, requiring high security and availability despite relatively simple core modules.

The article defines accounts, balances, transaction logs, and vouchers, emphasizing the need for immutable transaction records and double‑entry bookkeeping to ensure data integrity.

Key design principles include building the system on a cloud‑native environment (Tencent Cloud TKE), using TDSQL for distributed storage with strong consistency, sharding by account ID, and separating fund and account services to achieve low coupling.

Security is addressed through STRIDE threat modeling, strict permission controls, MAC verification using HMAC‑SHA256, key management with KMS, and comprehensive auditing and reconciliation processes.

To ensure consistency, the system employs pessimistic locking for high‑write scenarios, version‑based optimistic locking for read‑heavy cases, and distributed transactions via TDSQL's native 2PC support, while also considering eventual consistency where appropriate.

High availability is achieved using Kubernetes (TKE) features such as automatic failover, load balancing, and monitoring, along with rate limiting, hot‑key mitigation strategies, and multi‑account designs to handle peak loads.

Additional considerations include idempotent API design, thorough testing, code review practices, and performance testing to validate the system against its reliability and security requirements.