Final Capstone - Overview
Reading time: 12 minutes | Level: Advanced
You have spent six modules building a deep technical foundation: metaclasses and descriptors, protocol-driven type systems, structured concurrency, memory-level performance tuning, layered architecture, and defensive security engineering. None of those skills exist in isolation. Production systems demand all of them simultaneously, under real constraints - latency budgets, deployment deadlines, security audits, and code that other engineers must maintain long after you ship it.
The capstone is where you prove that.
Philosophy
This is not a tutorial exercise. There are no step-by-step instructions. Each capstone option gives you a specification, a set of architectural constraints, and evaluation criteria. You decide how to decompose the problem, which patterns to apply, and where to make tradeoffs. That is what senior engineers do.
Three principles guide every capstone:
Integration over isolation. Each project is designed so that no single module's techniques are sufficient. Building a production API platform requires metaprogramming for middleware registration, advanced types for request validation, async for database access, profiling for latency optimization, clean architecture for maintainability, and security engineering for authentication. You must combine them fluently.
Production-grade over prototype. Prototypes prove that something can work. Production code proves that it will work - under load, under attack, under maintenance by engineers who did not write it. Your capstone should include structured error handling, comprehensive logging, configuration management, and deployment considerations. Code that only runs on your laptop is not finished.
Portfolio-worthy over assignment-worthy. Every capstone is scoped to produce a project you can put on GitHub, discuss in interviews, and extend over time. The evaluation criteria reward depth over breadth - a well-architected subset is better than a sprawling prototype.
Capstone Options
Choose one. Each option exercises all six modules but emphasizes different combinations.
Option 1 - Build a Production API Platform
Design and implement a full-featured API platform using FastAPI (or a raw ASGI implementation) with clean layered architecture, JWT-based authentication with role-based access control, an async database layer with connection pooling and query optimization, response caching, and comprehensive profiling instrumentation.
| Module | How It Applies |
|---|---|
| Metaprogramming | Route registration via decorators and metaclasses, automatic OpenAPI schema generation |
| Advanced Type System | Request/response models with protocol-based validation, generic repository pattern |
| Advanced Async | Async database operations, structured concurrency for parallel queries, background task management |
| Performance Engineering | Query profiling, response time instrumentation, memory-efficient serialization, caching layer |
| Architecture & Systems Design | Hexagonal architecture with ports/adapters, dependency injection, domain-driven service layer |
| Security Engineering | JWT validation, RBAC middleware, input sanitization, rate limiting, secrets management |
Deliverables: Working API server, test suite with >85% coverage, load test results, architecture documentation, deployment configuration.
Option 2 - Build a Trading Signal System
Build a real-time event processing system that ingests market data streams, computes technical indicators with low-latency computation, emits trading signals through a type-safe event bus, and persists results with async I/O. Emphasis on performance-critical paths and structured concurrency.
| Module | How It Applies |
|---|---|
| Metaprogramming | Indicator registration system, descriptor-based parameter validation, dynamic strategy loading |
| Advanced Type System | Protocol-typed event system, generic signal types, typed configuration with runtime validation |
| Advanced Async | Async stream processing, structured concurrency for parallel indicator computation, backpressure handling |
| Performance Engineering | NumPy/C-extension integration for indicators, memory profiling of tick buffers, latency benchmarking |
| Architecture & Systems Design | Event-driven architecture, strategy pattern for indicators, clean separation of ingestion/computation/output |
| Security Engineering | API key management for data feeds, input validation on external data, secure configuration handling |
Deliverables: Working stream processor with at least three indicators, event replay capability, performance benchmarks, architecture documentation.
Option 3 - Build a Scalable Data Pipeline
Design an async data pipeline framework that supports configurable ingestion from multiple sources, transformation stages with typed intermediate representations, backpressure-aware flow control, and multiple output sinks. Emphasis on structured concurrency and performance under load.
| Module | How It Applies |
|---|---|
| Metaprogramming | Stage registration via decorators, automatic pipeline graph construction, plugin-based source/sink discovery |
| Advanced Type System | Typed stage interfaces with generic input/output, protocol-based plugin contracts, validated configuration |
| Advanced Async | Async generators for streaming stages, TaskGroup-based parallelism, backpressure via bounded channels |
| Performance Engineering | Throughput benchmarking, memory profiling for large payloads, batch-size optimization, zero-copy transforms |
| Architecture & Systems Design | Pipeline-as-graph architecture, dependency injection for stage configuration, clean plugin boundaries |
| Security Engineering | Credential management for data sources, input sanitization at ingestion, audit logging of pipeline runs |
Deliverables: Pipeline framework with at least two sources, three transforms, and two sinks, throughput benchmarks, backpressure demonstration, architecture documentation.
Option 4 - Build a Web Framework
Implement a minimal but well-architected ASGI web framework from scratch. Include a routing engine, middleware pipeline, dependency injection container, type-safe request/response objects, and metaclass-driven route registration. Emphasis on metaprogramming and architecture.
| Module | How It Applies |
|---|---|
| Metaprogramming | Metaclass-based route collection, descriptor-based dependency injection, decorator middleware registration |
| Advanced Type System | Type-safe request parsing with generics, protocol-based middleware contracts, typed response builders |
| Advanced Async | ASGI lifecycle management, async middleware chain, streaming response support, WebSocket handling |
| Performance Engineering | Request parsing benchmarks, routing algorithm optimization, memory-efficient request buffering |
| Architecture & Systems Design | Layered middleware architecture, DI container design, clean separation of framework internals and user code |
| Security Engineering | CSRF protection middleware, header injection prevention, secure cookie handling, input size limits |
Deliverables: Working ASGI framework, example application, benchmark comparison against a reference framework, middleware documentation, architecture documentation.
Option 5 - Build a CLI Development Framework
Create an extensible command-line framework that uses metaprogramming for command discovery and argument parsing, supports a plugin architecture for third-party extensions, provides type-safe argument definitions, and includes rich terminal output. Emphasis on metaprogramming and type system design.
| Module | How It Applies |
|---|---|
| Metaprogramming | Metaclass-based command registration, descriptor-driven argument definitions, decorator-based subcommand grouping |
| Advanced Type System | Generic argument types with validation, protocol-based plugin interface, typed command context |
| Advanced Async | Async command execution, concurrent plugin loading, async progress reporting |
| Performance Engineering | Startup time optimization, lazy plugin loading, memory-efficient help text generation |
| Architecture & Systems Design | Plugin architecture with clean extension points, command hierarchy design, configuration layering |
| Security Engineering | Input validation and sanitization, safe file path handling, environment variable security |
Deliverables: Working CLI framework, at least two example plugins, test suite, startup performance benchmarks, architecture documentation.
Evaluation Criteria
Every capstone is evaluated against five dimensions. These are not subjective - each maps directly to engineering practices you studied in Modules 1 through 6.
Code Quality (25%)
- Clean, idiomatic Python that follows PEP 8 and project-level conventions
- Meaningful names, small functions, single-responsibility classes
- No dead code, no commented-out blocks, no magic numbers
- Type annotations throughout - not just on public interfaces
Architecture (25%)
- Clear separation of concerns with well-defined module boundaries
- Dependency direction follows the dependency inversion principle
- Configuration externalized, not hardcoded
- Patterns applied where they reduce complexity, not where they add ceremony
Testing (20%)
- Unit tests for domain logic with no I/O dependencies
- Integration tests for boundary interactions (database, network, filesystem)
- Edge cases and error paths covered, not just the happy path
- Test code is as clean as production code
Documentation (15%)
- Architecture decision records for significant design choices
- API documentation generated or maintained alongside code
- A README that explains what the project does, how to run it, and how to extend it
- Inline comments only where the code cannot speak for itself
Security (15%)
- Authentication and authorization implemented correctly, not just present
- Input validation at every boundary
- Secrets never hardcoded, never logged, never committed
- Defensive coding against the OWASP categories relevant to your project
How to Approach the Capstone
Start with architecture. Sketch the major components, their responsibilities, and the interfaces between them before you write a line of implementation code. Get the dependency direction right first.
Build vertically, not horizontally. Implement one complete slice through the system - a single endpoint, a single pipeline stage, a single CLI command - end to end, including tests and error handling. Then expand to the next slice. This keeps the system working at every stage and prevents the integration nightmare of assembling untested components at the deadline.
Profile early. Do not wait until the end to measure performance. Instrument from the start so that you can see the impact of each architectural decision on latency and memory.
Treat security as a constraint, not a feature. Security is not something you bolt on after the architecture is done. Every boundary in your system is an attack surface. Design with that in mind from the beginning.
Submission Checklist
Before you consider your capstone complete, verify:
- The project runs from a clean clone with documented setup steps
- All tests pass with a single command
- Type checking passes with
mypy --strictor equivalent - No secrets or credentials are present in the repository
- Architecture documentation explains the major design decisions
- Performance benchmarks are reproducible
- The README is accurate and complete
Select one of the five capstone options and begin with the detailed guide in the corresponding section. Each guide provides the full specification, architectural constraints, milestone breakdown, and extension ideas.