03 — System Requirements

Covers task 5. Functional requirements (what it does) and non-functional requirements (how well it must do it). NFRs are written as measurable targets because an unmeasurable requirement is a wish, not a requirement.

Targets below are v1 SaaS numbers at small scale; self-host inherits the same functional set with relaxed availability. They are starting SLOs to validate with load tests, not contractual guarantees.


1. Functional Requirements

FR-A — Identity & Access

FR-B — Files & Namespace

FR-C — Synchronization

FR-D — Sharing & Permissions

FR-E — Search & Discovery

FR-F — Events, Notifications & Audit

FR-G — Administration, Quotas & Metering

FR-H — Clients & API


2. Non-Functional Requirements

NFR-1 — Availability

NFR-2 — Durability

NFR-3 — Latency (control plane, p99 @ small scale)

| Operation | Target p99 | |—|—| | Metadata read (list folder, stat) | < 100 ms | | Metadata write (commit, move, share) | < 200 ms | | Presigned URL issuance | < 50 ms | | Search (name/metadata) | < 300 ms | | Change-feed pull (delta) | < 200 ms |

Bulk byte transfer latency is governed by the object store + client bandwidth, by design.

NFR-4 — Scalability

NFR-5 — Consistency model (be explicit; ambiguity here causes bugs)

NFR-6 — Security

NFR-7 — Observability

NFR-8 — Portability & Operability

NFR-9 — Maintainability & Evolvability

NFR-10 — Cost efficiency


3. Constraints & Assumptions


4. Acceptance Themes (how we’ll know requirements are met)