Legal Bridge — Lawsuit Funding & Legal Case Management Platform Architecture

01 — Overview

Executive Summary

Legal Bridge is an enterprise-grade marketplace platform that unifies legal case management, plaintiff onboarding, and litigation funding into one workflow. The platform underwrites pre-settlement cases using AI risk models trained on PACER, CourtListener, and proprietary historical settlement data, then routes vetted opportunities to accredited funders through a Stripe Connect marketplace.

Why now

The $17B+ litigation finance market remains fragmented and manual. Underwriting cycles average 4–6 weeks; Legal Bridge compresses this to 48–72 hours via AI-assisted review.

Defensibility

Proprietary docket ingestion + outcome dataset, network effects across firms and funders, and SOC 2 / PCI-ready compliance posture create high switching costs.

MVP target

16-week path to production launch on iOS, Android, and Web — supporting case intake, AI scoring, funder marketplace, and Stripe-mediated settlement distribution.

02 — Personas

User Types & Primary Flows

Plaintiff / Client

KYC + identity verification
Lawsuit intake wizard
Funding offer comparison
E-signature & document upload
Case timeline & settlement tracking
Push + in-app messaging

Law Firm / Attorney

Multi-client case board
Document repository (S3 + KMS)
Court calendar sync
Automated docket alerts
Task tracking & collaboration
Invoice & disbursement reporting

Litigation Funder

Marketplace deal flow
AI risk score + ROI forecast
Underwriting workbench
Capital deployment ledger
Portfolio analytics & IRR
Settlement waterfall tracking

Core funding flow

Plaintiff signup → KYC (Persona) → Case intake form
   └─► Attorney invited / verified (Bar API) → Case file created
        └─► Documents uploaded → OCR + LLM extraction → AI risk score
             └─► Case listed in marketplace (admin-gated)
                  └─► Funders bid / accept offer → E-sign agreement
                       └─► Stripe Connect: funds → escrow → plaintiff
                            └─► Court docket monitor → settlement event
                                 └─► Waterfall: attorney fees, principal+fee
                                      to funder, residual to plaintiff

03 — Architecture

System Architecture

Event-driven, API-first microservices behind a unified GraphQL/REST gateway. Workloads split between synchronous request services (NestJS) and asynchronous workers (BullMQ + SQS) for ingestion, OCR, AI inference, and payout orchestration.

┌──────────────────────────────────────────────────────────────────┐
│  Clients:  iOS (RN)  •  Android (RN)  •  Web (Next.js)  •  Admin │
└──────────────┬───────────────────────────────────────────────────┘
               │ HTTPS / WSS (TLS 1.3)
        ┌──────▼───────┐    ┌──────────────┐
        │ CloudFront / │◄──►│   Cognito /  │
        │   WAF + CDN  │    │   Auth0 IdP  │
        └──────┬───────┘    └──────────────┘
               │
        ┌──────▼─────────────────────────────────────────┐
        │     API Gateway (NestJS BFF + GraphQL)         │
        └─┬───────┬────────┬─────────┬────────┬──────────┘
          │       │        │         │        │
   ┌──────▼┐ ┌───▼───┐ ┌──▼────┐ ┌──▼────┐ ┌─▼──────┐
   │ Cases │ │Funding│ │Payments│ │  AI   │ │ Court  │
   │  svc  │ │  svc  │ │  svc   │ │ svc   │ │ Docket │
   └──┬────┘ └──┬────┘ └──┬─────┘ └──┬────┘ └──┬─────┘
      │         │         │          │         │
   ┌──▼─────────▼─────────▼──┐  ┌────▼─────┐ ┌─▼──────┐
   │  PostgreSQL (RDS, HA)   │  │ Pinecone │ │ Kafka /│
   │  + pgvector + Redis     │  │  vectors │ │  SQS   │
   └─────────────────────────┘  └──────────┘ └────────┘
                                                │
                                       ┌────────▼─────────┐
                                       │  Workers (ECS):  │
                                       │  OCR • LLM • ETL │
                                       │  Stripe webhooks │
                                       └──────────────────┘

Synchronous services

Cases, Funding, Payments, Users, Documents — NestJS modules behind a BFF. Stateless, horizontally scaled on ECS Fargate.

Asynchronous workers

BullMQ (Redis) for low-latency jobs; SQS + Lambda for ingestion fan-out. Step Functions orchestrate multi-stage flows (KYC → underwriting → payout).

04 — Stack

Recommended Tech Stack

Layer	Choice	Why
Web	Next.js 14 (App Router) + TanStack Query	SSR for SEO landing & investor portals; React Server Components reduce bundle on case dashboards.
Mobile	React Native + Expo (EAS Build)	One codebase for iOS/Android, OTA updates, native modules for biometric auth & secure enclave.
Backend	NestJS (Node 20) + GraphQL (Apollo)	Modular DI, strong typings, decorator-based RBAC; GraphQL for dashboards, REST for webhooks.
Database	PostgreSQL 16 (RDS Multi-AZ) + pgvector	ACID for financial ledger, JSONB for case metadata, pgvector for semantic doc search.
Cache / Queue	Redis (ElastiCache) + BullMQ + SQS	Sub-ms session cache, durable job queues, dead-letter handling.
Event bus	Kafka (MSK) for high-throughput docket events	Replayable streams for court ingestion & audit log.
Search	OpenSearch + Pinecone	Lexical case search + vector RAG over legal corpora.
Storage	S3 + KMS (CMK per tenant) + CloudFront signed URLs	End-to-end encryption, time-limited download links.
AI	OpenAI GPT-4o + Anthropic Claude 3.5 + AWS Bedrock	Multi-model routing; Claude for long-context legal docs, GPT-4o for chat.
Realtime	Ably / Pusher (managed) + APNs / FCM	Channel-based pub-sub, end-to-end push delivery for mobile.
Infra	AWS (us-east-1 + us-west-2 DR) — ECS Fargate, RDS, S3	Terraform-managed; HIPAA-eligible, PCI services available.
CI/CD	GitHub Actions + Turborepo + Argo CD	Monorepo build cache, blue/green deploys via CodeDeploy.
Observability	Datadog APM + Sentry + CloudWatch	Distributed tracing, RUM for mobile, audit log shipping to S3 Object Lock.

05 — Data

Database Schema (Core Entities)

Single PostgreSQL cluster with logical multi-tenancy via tenant_id + row-level security. Financial ledger uses double-entry bookkeeping (immutable append-only entries). pgvector stores document embeddings for semantic search.

-- Tenancy & identity
tenants(id, name, type, kyb_status, stripe_connect_id, created_at)
users(id, tenant_id, email, phone, persona_id, mfa_enabled, ...)
user_roles(user_id, role)   -- 'plaintiff'|'attorney'|'funder'|'admin'

-- Cases
cases(id, tenant_id, plaintiff_id, attorney_id, jurisdiction,
      case_type, status, filed_at, court_id, docket_number,
      ai_risk_score numeric(5,4), predicted_settlement_cents bigint,
      created_at, updated_at)
case_events(id, case_id, source, event_type, payload jsonb, occurred_at)
documents(id, case_id, s3_key, kms_key_id, mime, ocr_status,
          embedding vector(3072), uploaded_by)

-- Funding marketplace
funding_requests(id, case_id, amount_cents, max_fee_bps, status)
offers(id, funding_request_id, funder_id, amount_cents,
       fee_bps, expires_at, status)
agreements(id, offer_id, e_sign_envelope_id, signed_at, terms_jsonb)

-- Ledger (double-entry, append-only)
ledger_accounts(id, tenant_id, owner_id, type, currency)
ledger_entries(id, txn_id, account_id, debit_cents, credit_cents,
               created_at, immutable=true)
stripe_events(id, type, payload jsonb, processed_at)

-- AI + audit
ai_scores(id, case_id, model, version, score, explanation jsonb)
audit_log(id, actor_id, action, resource, before jsonb,
          after jsonb, ip, ts)   -- shipped to S3 Object Lock

Row-level security

Postgres RLS policies enforce tenant + role isolation at the DB layer — defense in depth beyond API auth.

Ledger immutability

All money movements as paired debit/credit entries; nightly reconciliation vs. Stripe balance transactions.

Vector search

pgvector for in-tenant doc retrieval; Pinecone for cross-tenant case-law RAG (no PII).

06 — API

API Architecture

Hybrid GraphQL (BFF for dashboards) + REST (webhooks, mobile, partner APIs). Versioned via URL prefix; deprecations announced via Sunset header.

POST   /v1/cases                         create case
GET    /v1/cases/:id                     fetch case (RLS-scoped)
POST   /v1/cases/:id/documents           presigned S3 upload
POST   /v1/cases/:id/funding-requests    plaintiff requests funding
GET    /v1/marketplace/opportunities     funder feed (filterable)
POST   /v1/offers                        funder submits offer
POST   /v1/offers/:id/accept             plaintiff accepts → e-sign
POST   /v1/payments/intents              Stripe PaymentIntent
POST   /v1/webhooks/stripe               signature-verified
POST   /v1/webhooks/courtlistener        docket event ingest
GET    /v1/ai/risk/:caseId               cached score + explanation
POST   /v1/admin/kyc/:userId/decision    admin override

GraphQL gateway

Schema federation across Cases / Funding / Payments subgraphs. DataLoader batching; persisted queries on mobile to reduce payload + enable CDN caching.

Rate limiting

Token-bucket via Redis: 60 req/min anonymous, 600/min authenticated, 5000/min for funders with API keys. WAF rules block volumetric abuse.

07 — Identity

Authentication & RBAC

Identity provider

AWS Cognito (or Auth0) — email/password + Google + Apple + SAML for enterprise law firms. WebAuthn / passkeys for funders. MFA mandatory for any role touching money.

KYC / KYB

Persona for plaintiff KYC (ID + selfie + OFAC). Middesk for funder KYB + accredited-investor verification. Bar number validation via Martindale / state APIs.

RBAC model

Roles in a dedicated user_roles table (never on the user row). Server-side has_role() security-definer function enforces RLS without recursion.

Session model

Short-lived (15 min) access JWT + rotating refresh token in httpOnly cookie. Device binding via DPoP for mobile.

08 — Money

Payments & Marketplace (Stripe Connect)

Funders onboard as Stripe Connect Custom accounts (full KYB). Plaintiffs receive payouts via Express accounts (lightweight onboarding). Platform holds funds in a managed escrow-like flow using Stripe Treasury balances.

Funder pays → PaymentIntent (destination=platform)
            → Funds in platform balance (escrow)
            → On execution: Transfer to plaintiff Express acct
              + Application fee retained by platform
              + Ledger entries (DR funder / CR platform escrow,
                                DR escrow / CR plaintiff)
Settlement event → Reverse waterfall:
  1. Court-awarded amount → trust account
  2. Attorney fees (contingency %) → attorney Connect acct
  3. Funder principal + agreed fee → funder Connect acct
  4. Residual → plaintiff Express acct
  5. Platform fee (bps of gross) → platform

Subscriptions

Stripe Billing for law-firm SaaS tiers (Starter / Pro / Firm). Metered billing for AI document parsing overages.

ACH + wire

ACH via Stripe (Plaid for instant verification). Wires for >$100k via Stripe Treasury + Modern Treasury for reconciliation.

Reconciliation

Nightly job pulls all Stripe balance transactions, joins with internal ledger, raises drift alerts. SOX-style controls.

09 — Intelligence

AI Infrastructure

Multi-model architecture with deterministic routing. Claude 3.5 Sonnet for long-context (200k) legal document reasoning; GPT-4o for user chat & summarization; Bedrock Titan / Cohere for embeddings. All inference logged to immutable audit store for legal explainability.

Document → Textract OCR → chunker (semantic, ~1k tokens)
         → text-embedding-3-large → pgvector (in-tenant)
         → Claude 3.5 (extract: parties, claims, damages, dates)
         → Risk model (XGBoost on structured features +
                        LLM-derived embeddings + historical
                        outcomes from CourtListener)
         → Score (0-1) + SHAP explanation + human-readable
         → Stored in ai_scores; surfaced to underwriters with
           "AI-assisted, requires human review" disclosure

RAG pipeline

Pinecone holds 50M+ embeddings from public court opinions, statutes, secondary sources. Hybrid retrieval (BM25 + vector) reranked with Cohere Rerank.

Human-in-the-loop

Every funding decision >$25k requires licensed underwriter sign-off. AI surfaces score + cited passages; overrides logged as training feedback.

Models offered

Success probability, settlement value, fraud detection (graph features on attorney/plaintiff network), case categorization, predictive ROI.

Explainability

SHAP values + retrieved passages stored alongside every prediction. Required for compliance with emerging state-level litigation funding disclosure rules.

10 — Data ingest

Court Docket Integrations

Primary sources

CourtListener RECAP (~400M docs) as baseline. PACER direct integration for federal real-time. State courts via UniCourt & Trellis; targeted Playwright scrapers on Lambda for the rest.

Pipeline

Scheduled poller → SQS → ingestion workers → normalizer → Postgres + Kafka docket.events topic → fan-out to subscribers.

Reliability

Exponential backoff + circuit breaker per source. Dead-letter SQS with manual replay. Idempotency keyed on court_id + docket_number + entry_no.

OCR + extraction

AWS Textract → Claude entity extraction (motions, orders, settlement notices) → structured events written to case_events.

Cron(5m) → enqueue jobs per watched case
        → Worker: fetch via API or scrape
                → Diff vs last snapshot
                → New entries → Textract → Claude extract
                → Publish to Kafka 'docket.events'
                        → Notification svc (push/email/SMS)
                        → AI re-score svc (recompute risk)
                        → Audit log

11 — Realtime

Realtime & Notifications

Transport

Ably channels per-user + per-case for in-app updates (offer received, docket entry, message). Falls back to long-polling on restricted networks.

Push

Firebase Cloud Messaging routes APNs (iOS) and FCM (Android). Notification preferences stored per-channel (email/SMS/push) with quiet hours.

Messaging

E2E-encrypted attorney↔client chat via Signal Protocol library (libsignal). Server stores only ciphertext; keys held on device + recoverable via passphrase.

Email + SMS

Postmark for transactional email (high deliverability). Twilio for SMS / KYC OTP.

12 — Infra

Cloud Infrastructure (AWS)

Region: us-east-1 (primary)   us-west-2 (warm DR, RPO 5m / RTO 1h)
VPC:    3 AZs, private subnets for compute & DB, public for ALB only
Compute:ECS Fargate (services + workers)   Lambda (scrapers, light jobs)
Data:   RDS Postgres 16 Multi-AZ (db.r6g.2xlarge)   ElastiCache Redis
        S3 (KMS CMK per tenant, Object Lock for audit logs)
        MSK (Kafka, 3 brokers)   OpenSearch (3-node)
Edge:   CloudFront + AWS WAF + Shield Standard   Route 53 health checks
Secrets:AWS Secrets Manager   Parameter Store for non-secret config
IaC:    Terraform (terragrunt for env layering)   Atlantis for PR plans

13 — Trust

Security & Compliance

Encryption

TLS 1.3 in transit. AES-256 at rest via KMS (CMK per tenant for documents). Field-level encryption for SSN, DOB, bank account.

SOC 2 Type II readiness

Vanta automation across access reviews, change management, vendor reviews, vulnerability mgmt. Annual pentest (Cobalt). Target Type I in month 6, Type II month 18.

PCI scope minimization

Stripe Elements + Stripe.js — card data never touches our servers. SAQ A scope.

Document protection

HIPAA-style controls: encrypted at rest, signed download URLs (5 min TTL), watermarked previews, BAA-equivalent DPAs with sub-processors.

Audit logging

Every write action emits an audit event → Kafka → S3 Object Lock (WORM, 7-year retention) → queryable via Athena.

Zero-trust

Workload identity via IAM Roles for Service Accounts. No long-lived credentials. Tailscale for engineer access (no public bastion).

DR + retention

Automated cross-region snapshots every 15 min. Quarterly DR drills. 7-year retention for financial + legal records; 30-day soft delete for user data with right-to-erasure flow.

Rate limit + WAF

AWS WAF managed rules (OWASP Top 10, bot control), custom rules for credential-stuffing on /auth/*. Per-IP + per-account token buckets.

14 — Ship

DevOps & Deployment

Monorepo: Turborepo (apps/web, apps/mobile, apps/admin,
          services/*, packages/ui, packages/sdk)
Branching:trunk-based   PR previews via Vercel + ephemeral RDS branches
CI:       GitHub Actions: lint → typecheck → unit → integration (Testcontainers)
          → security scan (Snyk, Semgrep, gitleaks) → build → push ECR
CD:       Argo CD watches gitops repo   Blue/green via CodeDeploy
          Database migrations: Atlas (online, reversible, gated by approval)
Mobile:   Expo EAS Build   TestFlight + Play Internal   OTA via Expo Updates

15 — Operations

Admin Dashboard Structure

Modules

Users • KYC Queue • Cases • Marketplace Moderation • Funding Approvals • Subscriptions • Stripe Connect Health • AI Monitoring • Court API Status • Audit Log Explorer • Reporting.

KYC review

Persona webhook surfaces pending decisions; reviewer sees ID + selfie + risk signals; approve/reject with reason code → audit trail.

Fraud monitoring

Graph view of attorney/plaintiff/funder connections; anomaly alerts on velocity, geo mismatch, document re-use.

Financial ops

Stripe Connect account health, payout failures queue, ledger drift report, manual reversal workflow with 2-person approval.

16 — Mobile

Mobile Strategy

React Native + Expo

Single TypeScript codebase ships to iOS + Android. EAS Build for native artifacts, Expo Updates for OTA fixes without store review.

Native modules

Biometric auth (FaceID/Touch ID), secure enclave for refresh-token storage, camera + document scanner for KYC and case uploads.

Offline-first

WatermelonDB for case notes + drafts; sync on reconnect. Critical for attorneys in courthouse dead zones.

App Store strategy

Two binaries: consumer (plaintiff) and pro (attorney + funder). Avoids reviewer confusion and lets each have tailored UX & permissions.

17 — Plan

Scalable MVP Roadmap (16 weeks)

Foundations

Phase 0 — Weeks 1–2

Monorepo + Terraform baseline
Auth (Cognito) + RBAC + RLS
Postgres schema v1 + migrations
CI/CD pipelines + observability

Case management core

Phase 1 — Weeks 3–6

Plaintiff & attorney onboarding + KYC
Case intake + document upload (S3+KMS)
OCR + LLM extraction pipeline
In-app messaging + push notifications

AI underwriting + marketplace

Phase 2 — Weeks 7–10

Court docket ingestion (CourtListener + PACER)
AI risk scoring + explainability
Funder onboarding + Stripe Connect KYB
Marketplace listing + offer flow

Payments & settlement

Phase 3 — Weeks 11–14

Stripe PaymentIntents + Transfers
Ledger + reconciliation
E-signature integration (Dropbox Sign)
Settlement waterfall + payout

Launch hardening

Phase 4 — Weeks 15–16

Pentest + SOC 2 Type I evidence collection
Load test to 5k concurrent users
App Store + Play Store submission
Closed beta with 3 firms + 5 funders

18 — Scale

Scaling & Cost Strategy

Throughput targets

5k concurrent users at launch → 100k by year 2. Horizontal scale via Fargate auto-scaling on CPU + custom queue-depth metrics. Read replicas for analytics workloads.

Document storage

Intelligent-Tiering on S3 for documents >90 days. Glacier Deep Archive for closed cases (7-year retention). Estimated $0.012/GB/mo blended at scale.

AI cost control

Embedding cache (Redis) avoids re-embedding identical chunks. Claude Haiku for screening, Sonnet only on shortlisted cases. Prompt caching for repeated legal context (~75% savings).

MVP infra budget

~$3.5k–5k/mo at launch (RDS db.r6g.large, 4 Fargate tasks, baseline traffic). Scales to ~$25k/mo at 25k MAU before optimization.

19 — People

Recommended Engineering Team

Role	Count (MVP → Yr 2)	Focus
CTO / Lead architect	1 → 1	Vision, architecture, security posture
Backend engineers	2 → 5	Services, payments, ledger, court ingestion
AI / ML engineer	1 → 2	Risk models, RAG, evaluation harness
Mobile engineer (RN)	1 → 2	iOS + Android shared codebase
Web engineer	1 → 2	Funder + admin dashboards, marketing site
DevOps / Platform	1 → 2	Terraform, CI/CD, observability, SOC 2
QA / SDET	0.5 → 2	E2E (Detox + Playwright), perf, security
Product designer	1 → 2	Trust-centric UX, mobile-first flows
Compliance lead (FT contractor → FTE)	0.5 → 1	SOC 2, state funding regs, KYC ops

20 — Vendors

Recommended Third-Party Services

Stripe Connect + Billing + Treasury

Marketplace payments, subscriptions, escrow-like balances

Persona

Plaintiff KYC / identity verification

Middesk

Funder & law firm KYB + accredited investor verification

Plaid

Bank account verification + ACH

Dropbox Sign (HelloSign) or DocuSign

Legally binding e-signature with audit trail

CourtListener / PACER / UniCourt / Trellis

Court docket data sources

AWS Textract

OCR for filed PDFs and uploaded documents

OpenAI + Anthropic + AWS Bedrock

LLMs for extraction, summarization, chat

Pinecone

Vector database for cross-tenant RAG

Ably / Pusher

Realtime channels

Firebase Cloud Messaging

iOS/Android push delivery

Postmark + Twilio

Transactional email + SMS

Datadog + Sentry

APM, logs, error tracking, RUM

Vanta

SOC 2 automation + continuous compliance

Cobalt / HackerOne

Pentesting + responsible disclosure