There’s a peculiar cult in software development that I’ve been observing for years. Its members gather in code reviews, Slack channels, and conference talks, chanting their sacred mantra: “Keep it simple.” They wield simplicity like a holy relic, dismissing anything remotely sophisticated as “over-engineering,” and they’re driving the industry into a ditch while feeling morally superior about it. Don’t get me wrong—I’m not anti-simplicity. But I am deeply suspicious of dogmatism in any form, and the modern religious fervor around “simple code” has reached levels that would make medieval monks look pragmatic.
The Simplicity Paradox
Let me start with something that will probably upset some people: simplicity is overrated as an absolute value. The tech industry’s obsession with it has created a false dichotomy where we pretend that complex systems are inherently bad, and simple ones are automatically good. This is approximately as helpful as claiming that all short books are better than long ones. The real issue is that we’ve conflated several different concepts and bundled them under the umbrella term “simplicity.” We talk about simple code, simple architecture, simple interfaces, and simple features—as if they were all the same thing. They’re not. Consider this: a feature that appears simple to implement is often simple only in the moment. It becomes complex when you try to maintain it, extend it, or integrate it with other parts of your system. A simple interface that hides a complex internal structure might be simple to use, but complicated to build and maintain. These are not the same thing.
The Fourth Law Nobody’s Following
There’s an elegant principle in software design that deserves far more attention than it gets: the maintainability of a system is inversely proportional to the complexity of its individual pieces. Let that sink in for a moment. Notice what it doesn’t say. It doesn’t say that maintainability is inversely proportional to the overall complexity of the system. It doesn’t say you should make everything ridiculously simple. It specifically talks about individual pieces. This distinction is crucial, and most developers miss it entirely. You can have a sophisticated, feature-rich system that’s easy to maintain—if you break it down into simple, understandable components. Conversely, you can have a codebase that appears simple on the surface but is a nightmare to work with because the individual pieces are poorly abstracted. Think of it this way: building a skyscraper by melding everything into three enormous custom steel beams is not the same as building it from standardized girders. Yes, the three-beam approach looks “simpler” from certain angles. Until one beam cracks, and you realize you’ve built yourself into an architectural corner.
Where Obsessive Simplicity Breaks Down
The dangerous myth is that reducing system complexity to its absolute minimum is always the right move. But here’s the uncomfortable truth: over-simplification leads to inadequate solutions. When you strip away complexity indiscriminately, you often strip away capability, flexibility, and sustainability.
Let me give you a practical example. Say you’re building an e-commerce system, and someone insists on keeping the database schema “simple.” So you create a single products table with a json column for all the variant data. Boom. Simple. Clean. Beautiful.
Then requirements change. You need to filter products by size and color. Your JSON blob approach suddenly becomes a liability. You’re now doing inefficient full-table scans, you can’t add proper indexes, your queries are either brutally slow or nightmarish to write. You’ve optimized for simplicity at the design phase and paid for it in complexity at every other phase.
The What-If Trap vs. The Over-Simplification Trap
There’s a real phenomenon in development that I call “Schrödinger’s Simplicity”—where developers are torn between two anxieties. On one hand, there’s the what-if anxiety: “What if we add this abstraction, what if we prepare for this feature, what if we structure it this way?” This leads to over-engineering. On the other hand, there’s the simplicity anxiety: “What if we strip this down too far? What if we can’t extend it later?” This leads to under-engineering. The current zeitgeist heavily penalizes over-engineering (and rightly so—YAGNI is real), but it has created a covert acceptance of under-engineering. You rarely get called out in a code review for making something too simple. But I’ve seen plenty of systems brought to their knees by architectural decisions made under the banner of simplicity. The solution isn’t to swing the pendulum in the other direction. It’s to understand that complexity is context-dependent. Some problems require sophisticated solutions. Some don’t. Pretending they all require the same level of simplicity is intellectual dishonesty wrapped in a performance of humility.
A Practical Framework: Separating Concerns
Rather than dogmatically insisting on simplicity everywhere, let’s think about where simplicity actually matters and where it doesn’t.
of Individual Components"] F -->|No| H["Pursue Radical Simplicity"] G --> I["Implement with
Clear Abstractions"] H --> J["Implement Direct Solution"] I --> K["Modular, Testable Code"] J --> L["Minimal Dependencies"]
Here’s a framework I find useful: Simplify ruthlessly at the boundaries. Your public APIs, your user interfaces, your configuration formats—these should be as simple as possible. This is where the cost of complexity is paid by users, and it’s usually worth the effort to hide complexity behind simple interfaces. Allow appropriate complexity in the internals. If your internal implementation needs sophisticated patterns, data structures, or abstractions to handle the actual problem domain, that’s perfectly fine. Your users don’t see it. Your team understands it. That’s not over-engineering; that’s proper engineering. Separate integration complexity from core complexity. A system can be internally coherent and elegant while using sophisticated libraries and frameworks. What matters is whether the integration points are well-managed. You don’t need to reinvent everything to keep things simple.
The Real Cost of Over-Simplification
Let me show you a concrete example of where “keep it simple” advice leads us astray. Suppose you’re building an authentication system, and someone suggests: “Just use plain text passwords and compare them directly. Simple!”
# "Simple" approach - DO NOT USE IN PRODUCTION
def authenticate_user(username: str, password: str):
user = db.find_user(username)
if user and user.password == password:
return True
return False
This is objectively simple. It’s also objectively insecure, inefficient, and violates multiple security best practices. The “simple” solution is inadequate. The actually appropriate solution is more complex:
import hashlib
import secrets
from cryptography.fernet import Fernet
import time
class AuthenticationService:
def __init__(self, secret_key: str):
self.cipher = Fernet(secret_key.encode())
def hash_password(self, password: str, salt: str = None) -> tuple[str, str]:
"""Hash password with salt using PBKDF2 for security."""
if salt is None:
salt = secrets.token_hex(32)
# Use PBKDF2 instead of simple hashing
hash_obj = hashlib.pbkdf2_hmac(
'sha256',
password.encode(),
salt.encode(),
100000 # iterations
)
return hash_obj.hex(), salt
def authenticate_user(self, username: str, password: str) -> bool:
"""Authenticate user with timing-attack resistance."""
user = db.find_user(username)
# Always perform computation to avoid timing attacks
start_time = time.time()
if user:
stored_hash, stored_salt = user.password_hash, user.salt
provided_hash, _ = self.hash_password(password, stored_salt)
# Use constant-time comparison
result = secrets.compare_digest(provided_hash, stored_hash)
else:
# Still do dummy computation to avoid user enumeration
self.hash_password(password)
result = False
# Add deliberate delay to prevent timing attacks
elapsed = time.time() - start_time
if elapsed < 0.5:
time.sleep(0.5 - elapsed)
return result
Yes, it’s more complex. Yes, it requires understanding of security principles. And yes, it’s necessary. The simpler version is not just inadequate—it’s actively harmful. This is the distinction we need to make: necessary complexity vs. unnecessary complexity. A good engineer distinguishes between them. A dogmatist denies the distinction exists.
When You Actually Should Keep It Simple
I’m not saying complexity is always good. There are absolutely times when simplicity is the right call. Let me be specific: 1. Utility code and helpers. If you’re writing a formatting function or a simple wrapper, keep it simple. Don’t abstract it to death. 2. Proof of concepts and exploratory code. When you’re still figuring out the domain, simple code lets you iterate quickly. 3. Small, focused modules. A function with a single, well-defined responsibility should be simple by nature. If it’s not, you might be violating SRP anyway. 4. User-facing interfaces. Your API contract, your CLI, your configuration format—these should be as simple as possible.
# Good: Simple utility function
def format_currency(amount: float, currency: str = "USD") -> str:
"""Format amount as currency string."""
symbols = {"USD": "$", "EUR": "€", "GBP": "£"}
return f"{symbols.get(currency, currency)} {amount:,.2f}"
# Appropriate complexity: Data processing pipeline
class EventProcessor:
def __init__(self, transformers: list[Transformer], filters: list[Filter]):
self.transformers = transformers
self.filters = filters
self.cache = LRUCache(maxsize=10000)
def process(self, event: Event) -> Optional[ProcessedEvent]:
"""Process event through transformation and filtering pipeline."""
cache_key = hash(event)
if cached := self.cache.get(cache_key):
return cached
try:
result = event
for transformer in self.transformers:
result = transformer.apply(result)
for filter_fn in self.filters:
if not filter_fn.evaluate(result):
return None
self.cache.put(cache_key, result)
return result
except TransformationError as e:
logger.error(f"Transformation failed: {e}")
return None
The first function is simple because it should be. The second is complex because the problem it solves requires that complexity.
The Step-by-Step: Evaluating Complexity in Your Code
Here’s a practical decision tree you can use when facing a design choice: Step 1: Define the Problem Precisely Don’t start with “make it simple.” Start with “what exactly are we trying to solve?” List the specific requirements, constraints, and edge cases.
# Example: Building a caching layer
"""
Requirements:
- Cache frequently accessed user profiles
- Handle cache invalidation after profile updates
- Support distributed deployments (multiple servers)
- Reduce database hits by 80%
- Support TTL-based expiration
"""
Step 2: Identify Complexity Sources What actually adds complexity? Is it:
- The problem domain itself?
- Scaling requirements?
- Integration points?
- Team constraints?
# Complexity sources for the cache example:
# 1. Distributed cache coherency (problem domain)
# 2. Multiple deployment environments (integration)
# 3. TTL management (scalability)
# 4. Cache miss handling (reliability)
Step 3: Separate Essential from Accidental Complexity Essential complexity is what the problem intrinsically requires. Accidental complexity is what we add through poor design.
# ESSENTIAL COMPLEXITY: Handle concurrent cache access
import threading
class ThreadSafeCache:
def __init__(self):
self.data = {}
self.lock = threading.RLock()
def get(self, key: str) -> Optional[Any]:
with self.lock:
if key in self.data:
value, expiry = self.data[key]
if time.time() < expiry:
return value
else:
del self.data[key]
return None
# ACCIDENTAL COMPLEXITY: Unnecessary abstraction layers
class CacheAbstractorFactoryImpl: # Don't do this
def create_cache_wrapper_proxy(self):
return ProxiedCacheAccessor(
CacheImplementationAdapter(
UnderlyingCacheSystem()
)
)
Step 4: Choose Your Complexity Level Now make an intentional choice:
- Level 1 (Minimal): Simple in-memory dict, single-threaded
- Level 2 (Moderate): Thread-safe, TTL support, basic eviction
- Level 3 (Advanced): Distributed cache, cache coherency, metrics
- Level 4 (Complex): Multi-tier caching, adaptive TTL, predictive eviction Choose the level that actually solves your problem. Not simpler. Not more complex. Appropriate. Step 5: Document the Complexity Once you’ve accepted complexity, document why. Future maintainers (including yourself) need to understand it wasn’t arbitrary.
class CacheWithCoherency:
"""
Distributed-aware cache with consistency guarantees.
Why this complexity exists:
- Single-threaded dict insufficient for concurrent access (problem domain)
- Redis/Memcached needed for multi-server deployments (integration)
- TTL management required to prevent stale data (reliability)
Alternative simpler approach (rejected):
- Simple in-memory dict: Fails under concurrency and multi-server scenarios
- No TTL: Causes memory leaks and stale data issues
This complexity is necessary given our requirements.
"""
The Uncomfortable Truth About Technical Debt
Here’s something people don’t like to admit: sometimes the simplest approach creates technical debt, not prevents it. When you under-architect a solution to keep it “simple,” you’re not avoiding complexity. You’re deferring it, and you’re compounding the interest on the debt. Later, when requirements inevitably change, you’ll be paying complexity interest on top of complexity principal. The system that appears simple at month three often becomes nightmarishly complex by month eighteen, because every new requirement forces a hack. Every new team member gets confused because the abstraction boundaries weren’t properly established. Meanwhile, a system that accepted appropriate complexity upfront often becomes simpler to work with over time, because the architectural decisions were made intentionally rather than accidentally. The real skill is knowing which path you’re on. Some codebases start complex and become simpler as you understand them better. Others start simple and become increasingly baroque as requirements pile up. The difference usually comes down to whether the initial complexity was intentional or accidental.
Final Thoughts: Complexity as a Design Choice
I’m calling for a mindset shift: stop thinking of simplicity as an absolute value and start thinking of it as a design choice. Sometimes simple is right. Sometimes it’s a cop-out dressed in principles. The difference is whether you made the choice consciously or defaulted to it because that’s what everyone says you should do. The next time someone says “keep it simple,” ask them: simple for whom? Simple right now, or simple to maintain? Simple to implement, or simple to extend? Simple at the boundary, or simple all the way through? Because here’s the thing: the most complex systems in the world get that way through obsessive simplification at each individual step. Each time someone says “let’s keep this simple,” they’re making a tradeoff that’s invisible to them but visible to everyone who comes after. The developer who builds nuanced, well-architected systems isn’t doing it because they enjoy complexity. They’re doing it because they understand that appropriate complexity saves time, prevents bugs, and enables growth. The developer who insists everything be simple is often the one creating future catastrophes, one “simple” decision at a time. Be intentional. Be thoughtful. And be willing to accept that sometimes, the right answer is not simple.