Software Architecture and System Design News
Latest curated articles from top engineering blogs
Shopify
AWS139 articles
Designing Interoperable AI Agent Transport Protocols
This article posits that AI agents are currently in a pre-standardization phase akin to early computer networking before TCP/IP. It argues that developers are redundantly solving fundamental transport problems like addressing, NAT traversal, and authentication at the application layer. The piece advocates for an open, standardized transport layer for AI agents to enable seamless interoperability and allow developers to focus on agent-specific logic rather than infrastructure concerns.
Stripe Link's Agent Wallet: Programmatic Payments for AI Agents
Stripe's new Link wallet for agents and Issuing for agents provide infrastructure for AI agents to make programmatic payments. This system leverages OAuth for secure access, one-time-use cards or Shared Payment Tokens (SPTs) for transactions, and user approval flows, abstracting payment complexities for developers building agent-facing applications. It extends Stripe's existing Issuing platform to enable customizable agentic spending solutions for businesses.
Stripe Sessions 2026: Enhancing Financial Infrastructure for AI and Global Commerce
Stripe's Sessions 2026 announcements highlight significant advancements in financial infrastructure, focusing on programmability, fraud prevention, and AI-native business models. Key system design implications include supporting agentic commerce, real-time data streaming, and scalable money management, underscoring the evolution of payment platforms to handle complex, high-volume, and AI-driven transactions.
Azure API Management for Unified API and AI Governance at Scale
This article highlights Azure API Management's evolution into a unified platform for governing both traditional APIs and AI models, tools, and agents. It emphasizes the critical need for consistent control, visibility, and reliability as AI systems move into production, framing API Management as a central control plane. The article showcases how organizations are leveraging this platform to scale AI innovation securely and efficiently, providing a governance layer for AI system interactions.
Securing APIs in the AI Era: Mitigating Shadow API Risks
This article discusses the critical security vulnerabilities introduced by "Shadow APIs" in modern, AI-driven architectures. It highlights how bypassing API Gateways for AI agents leads to undocumented, unmonitored endpoints that lack proper authentication, authorization, and critical middleware like CORS and JWT validation, posing significant risks for data exfiltration and unauthorized access.
Building Natural Language Interfaces with Large Language Models and OpenAPI Specs
This article explores how Spotify leveraged Large Language Models (LLMs) and OpenAPI specifications to create a natural language interface for their Ads API. It details the architecture and process of transforming API definitions into a conversational tool, highlighting the implications for API design, developer experience, and system integration without requiring extensive compiled code.
Airbnb's Privacy-First Social Features: User and Profile Separation
Airbnb designed new social features with privacy at their core by distinguishing between internal User IDs and context-specific Profile IDs. This architectural decision enables granular control over data visibility, allowing users to customize their public presence for different experiences while preventing inadvertent data correlation. The implementation involved extensive code auditing, permission management via an in-house authorization system, and company-wide collaboration.
Designing Peer-to-Peer Multi-Agent Architectures without a Central Hub
This article explores an alternative to traditional multi-agent system architectures that rely on a central coordinator or message hub. It highlights the scalability and reliability issues of centralized hubs and proposes a peer-to-peer approach using a session-layer protocol like Pilot Protocol. The core idea is to enable agents to discover and communicate directly, bypassing common bottlenecks associated with single points of failure.
Refusal Infrastructure: Architecting "No" as a First-Class System Behavior
This article advocates for treating "refusal" in AI and governed systems as a designed, first-class architectural outcome rather than a mere error state. It highlights the need for robust infrastructure around denials, ensuring they are observable, auditable, and provide structured feedback to upstream systems. This approach shifts from reactive error handling to proactive governance enforcement, especially critical in regulated and complex AI environments.
Leveraging WebSockets for Low Latency in Agentic AI Workflows
OpenAI has introduced a WebSocket-based execution mode for its responses API, replacing traditional HTTP request-response with persistent, bidirectional connections. This architectural shift significantly reduces latency and improves throughput in multi-step AI agentic workflows by minimizing network round-trip times and connection overhead. It highlights the critical role of transport layer optimization in modern distributed AI systems.
Solving the DPoP Storage Paradox in Browser-Based OAuth Systems
This article explores the architectural challenges of securely storing private keys for DPoP (Demonstrating Proof-of-Possession) in browser-based applications, a critical component for preventing OAuth token replay attacks. It highlights the "storage paradox" where browser mechanisms like IndexedDB, while preventing key extraction, still allow XSS attacks to use the key as a signing oracle. The discussion then focuses on the Backend-for-Frontend (BFF) pattern as the industry standard solution for shifting key management server-side, outlining its benefits and trade-offs.
OpenAI Codex Chrome Extension: Bridging AI Agents and Browser Workflows
This article introduces OpenAI's new Chrome extension for Codex, designed to enable AI agents to interact directly with live browser sessions. It highlights a shift from traditional screenshot-and-click automation or structured plugins to a more integrated approach, allowing agents to access authenticated workflows and multiple tabs without fully monopolizing the user's desktop. This capability addresses the challenge of automating tasks within complex web applications that lack clean APIs.