System and method for generating highly scalable temporal graph database

What is claimed is: 1. A system comprising: a non-transitory memory storing instructions; and one or more hardware processors configured to execute the instructions to cause the system to perform operations comprising: receiving, via a wireless network communication, an event update associated with a first user account, wherein the event update is associated with a transaction conducted between the first user account and a second user account at a particular time; determining a graph mutation on a graph-based model based in part on the event update; ingesting an event log for the graph mutation; transforming the ingested event log to a temporal-based journal entry recorded in a temporal-based journal, wherein the temporal-based journal entry represents a change of a first node corresponding to the first user account in the graph-based model based on a relationship between the first node and a second node corresponding to the second user account in the graph-based model; identifying a particular time period prior to the particular time; analyzing a set of transformations of the graph-based model that occurred within the particular time period based on one or more temporal-based journal entries recorded in the temporal-based journal, wherein the analyzing comprises determining that the set of transformations comprises a first transformation corresponding to establishing a first direct connection between the first node and a third node representing a device within the particular time period and a second transformation corresponding to establishing a second direct connection between the second node and the third node within the particular time period; determining that the first user account has been used to perform a malicious activity based on the analyzing the set of transformations; and performing an action to the first user account based on the determining that the first user account has been used to perform the malicious activity. 2. The system of claim 1 , wherein the operations further comprise: documenting the graph mutation in the event log; and storing the event log. 3. The system of claim 1 , wherein the operations further comprise: ingesting a graph mutation simulation that simulates the graph mutation. 4. The system of claim 3 , wherein the graph mutation simulation is created by an external graph builder. 5. The system of claim 1 , wherein the operations further comprise: deploying queries using the temporal-based journal entry. 6. The system of claim 1 , wherein the temporal-based journal entry is vertex centric. 7. The system of claim 1 , wherein the graph mutation includes a timestamp corresponding to the particular time. 8. A method comprising: receiving, by one or more hardware processors, an event log associated with a first user account, wherein the event log indicates a transaction conducted between the first user account and a second user account at a first point in time; determining a first transformation to a graph based on the event log, wherein the first transformation represents an establishment of a first connection between a first node corresponding to the first user account in the graph and a second node corresponding to the second user account in the graph based on the transaction, and wherein the first transformation is associated with a timestamp indicating the first point in time; analyzing, by the one or more hardware processors, a set of transformations of the graph that occurred at different points in time within a particular time period prior to the particular time based on one or more temporal-based journal entries from a temporal-based journal, wherein the analyzing comprises determining that the set of transformations comprises a second transformation corresponding to an establishment of a second connection between the first node and a third node representing a device at a second point in time within the particular time period and a third transformation corresponding to an establishment of a third connection between the second node and the third node at a third point in time within the particular time period; determining, by the one or more hardware processors, that the first user account has been used to perform a malicious activity based on the analyzing the set of transformations; and performing, by the one or more hardware processors, an action to the first user account based on the determining that the first user account has been used to perform the malicious activity. 9. The method of claim 8 , further comprising: simulating a graph mutation based on the event log. 10. The method of claim 8 , further comprising: in response to a query indicating the first point in time, accessing a temporal graph-based journal entry corresponding to the first transformation from a physical data store. 11. The method of claim 8 , further comprising: generating a journal entry snapshot for the event log. 12. The method of claim 8 , wherein the transaction comprises a purchase transaction for purchasing an item through the first user account from the second user account. 13. The method of claim 8 , wherein the one or more temporal graph-based journal entries are node centric. 14. The method of claim 8 , wherein the first transformation includes connecting the first node to the second node based on the transaction. 15. A non-transitory machine-readable medium having stored thereon machine-readable instructions executable to cause a machine to perform operations comprising: receiving an event update associated with a first user account, wherein the event update is associated with a transaction conducted between the first user account and a second user account at a first point in time; determining a graph mutation on a graph-based model based in part on the event update; transforming an event log associated with the graph-based model to a temporal-based journal entry recorded in a temporal-based journal, wherein the temporal-based journal entry represents a first transformation of the graph-based model, wherein the first transformation corresponds to a change of a first node corresponding to the first user account in the graph-based model based on a relationship between the first node and a second node corresponding to the second user account in the graph-based model, and wherein the first transformation is associated with a first timestamp indicating the first point in time; analyzing a set of transformations of the graph-based model that are associated with timestamps indicating different points in time within a predetermined time period prior to the point in time based on one or more temporal-based journal entries recorded in the temporal-based journal, wherein the analyzing comprises determining that the set of transformations comprises a second transformation corresponding to an establishment of a first direct connection between the first node and a third node representing a device at a second point in time within the predetermined time period and a third transformation corresponding to an establishment of a second direct connection between the second node and the third node at a third point in time within the predetermined time period; determining that the first user account has been used to perform a malicious activity based on the analyzing the set of transformations; and performing an action to the first user account based on the determining that the first user account has been used to perform the malicious activity. 16. The non-transitory machine-readable medium of claim 15 , wherein the operations further comprise: ingesting a gra