Design ATM (LLD)
1. Requirements
-
Functional
- Authenticate cardholder via PIN; session scoped to one card until logout or timeout.
- Balance inquiry, cash withdrawal with denomination limits, deposit envelope stub (optional).
- Ledger integration to authorize and commit funds; abort on insufficient balance or daily limit.
-
Non-Functional
- PIN never stored in plain text; secure keypad interface assumed as boundary.
- Idempotent transactions with reference ids to survive retries.
-
Assumptions / Out of Scope
- Single ATM terminal process; host banking core is another service.
2. Core Entities
| Entity | Responsibility | Key Attributes |
|---|---|---|
| Card | Identity token | panHash, accountId, expiry |
| Session | Active ATM session | card, authenticated, expiresAt |
| PinValidator | Verifies PIN attempt | maxAttempts |
| CashDispenser | Physical cash out | cassetteInventory |
| BankingGateway | Host authorization | authorize, commit |
| Transaction | Single operation record | type, amount, status, idempotencyKey |
3. Class Diagram
Loading diagram…
4. State / Sequence Diagram (where relevant)
Loading diagram…
5. Design Patterns Applied
- Facade —
ATMControllerhides dispenser, gateway, session. Facade pattern. - Proxy —
BankingGatewayas remote proxy to core. Proxy pattern. - Command —
Transactionobjects for logging and undo audit. Command pattern.
6. Implementation
Go
package atm
type Card struct {
AccountID string
}
type Session struct {
Card Card
Authenticated bool
}
type ATMController struct {
Session *Session
Bank BankingGateway
Dispenser CashDispenser
PinCheck PinValidator
}
func (controller *ATMController) Withdraw(amount int64, idempotencyKey string) error { /* ... */ }JavaScript
class ATMController {
constructor({ bankingGateway, cashDispenser, pinValidator }) {
this.bankingGateway = bankingGateway;
this.cashDispenser = cashDispenser;
this.pinValidator = pinValidator;
this.session = null;
}
insertCard(card) { /* ... */ }
withdraw({ amountCents, idempotencyKey }) { /* ... */ }
}7. Concurrency / Thread Safety
- Collisions: Two concurrent withdrawal requests on same session from malfunctioning hardware unlikely; network retries duplicate commits.
- Granularity: Idempotency keys on bank calls; single active session flag on terminal.
- Go: Mutex on
ATMControllerduring open session.
8. Extensibility & Followups
- Multi-currency and forex rates from host.
- Cassette refill scheduling and jam detection events.
- Edge cases: partial dispense, communication failure after cash out, forced reconciliation.
Last updated on
Spotted something unclear or wrong on this page?