Have you ever wonder how platforms like LeetCode or HackerRank execute your code instantly and securely – even when thousands of users are submitting simultaneously?
That question led me to build HashCodex — an open-source, distributed, real-time code execution and evaluation platform, inspired by online judges like LeetCode and HackerRank.
🧩 What is HashCodex?
HashCodex is a full-stack online code execution system that allows users to:
- 🧑💻 Solve coding problems directly in the browser
- ⚙️ Run or submit code in multiple languages (
C++,Java,Python) - 📦 Execute user code securely inside sandboxed Docker containers
- 🔄 Receive real-time results via Server-Sent Events (SSE)
It’s a distributed system — meaning the platform is composed of multiple services (frontend, backend, worker, message queue, etc.), all communicating asynchronously.
🧱 System Architecture
Components Overview
| Component | Technology | Responsibility |
|---|---|---|
| Frontend | Next.js (React) | UI + Code Editor |
| Backend API | Spring Boot | Auth, SSE, Queue Management |
| Worker Service | Go | Executes user code inside Docker sandbox |
| Message Broker | RabbitMQ | Async communication between backend & workers |
| Database | PostgreSQL | Stores users, problems, testcases, submissions |
| Cache | Redis | Used for email verification & password reset tokens |
⚙️ How It Works
- User selects a problem and writes code in the browser.
- The frontend sends code, language, and problem ID to the backend.
- The backend creates a submission, assigns a unique ID, and publishes the request to a RabbitMQ queue.
- A Go Worker Service consumes the queue, runs the code inside a Docker container (isolated with CPU/memory limits).
- Once executed, results are sent back to another queue.
- The backend consumes the result, updates the database, and streams the final output to the frontend in real-time via SSE.
💾 Database Design
🔐 Security Highlights
Each user’s code runs inside sandboxed containers with:
- No network access (
NetworkMode: "none") - No privileged operations (
CapDrop: ["ALL"],no-new-privileges) - Limited CPU & memory using Docker’s
NanoCPUsand memory quotas - Process limit (
PidsLimit) to prevent fork bombs or infinite loops
This ensures that no user code can affect the system or other submissions.
🧠 Key Challenges I Solved
- Safe sandboxing: Running arbitrary user code without exposing the host system.
- Async processing: Decoupling code execution from HTTP requests using queues.
- Real-time updates: Streaming results with Server-Sent Events.
- Testcase management: Handling multi-param inputs and comparing expected vs actual output.
- Error alignment: Adjusting compiler error line numbers to match user code context.
🧭 Learnings
This project taught me:
- How distributed systems communicate using message queues
- How to securely run untrusted code
- How to stream real-time updates without WebSockets
- How to design scalable and fault-tolerant architectures
Check out the github repository of hashcodex github.com/shahrohit/hashcodex to learn more about hashcodex.
💬 I’d love to hear your thoughts — how would you improve scalability or isolation in such systems?
Drop a comment below! 👇
