Web3 Development: How to Build Decentralized Apps
Web3 development swaps the central server for a blockchain, and that one change rewrites the whole stack. Here's what building a decentralized app actually involves — wallets, smart contracts, and the front-end that ties them together.

Web3 development is building apps that run against a blockchain instead of a single company's server. Swap the central server for a public chain, and that one change rewrites everything above it — where the data lives, who owns the accounts, how a click turns into a state change. The app you end up with is a decentralized app, or dApp: business logic deployed as smart contracts, data on-chain, and users who connect a wallet they control rather than an account you store and can reset. That's the whole idea, and it's also why Web3 app development is harder than it looks from the front-end.
This guide walks the stack the way we'd actually build it — what Web3 development is, what genuinely changes versus Web2, the layers of the web3 stack, the steps to ship a dApp, the parts that bite, and what it costs. For a deeper, layer-by-layer walkthrough, our dApp development guide is the companion to this overview; here we stay at the level of how the pieces fit.
What Web3 development is
Web3 development means the source of truth lives on a blockchain, not on infrastructure you own. In a normal web app, your server holds the database, runs the logic, and decides what's true. In a dApp, a public chain does that job. Logic ships as smart contracts that anyone can read and that run exactly as written. State — balances, ownership, whatever the app tracks — sits on-chain, verifiable by anyone, changeable by no single party.
The user side flips too. There's no signup row in your database. People connect with a wallet like MetaMask, prove who they are by signing with a private key only they hold, and carry their identity and assets between apps. You never store their password because there isn't one. That's the trade at the heart of decentralized app development: you give up the control a central server gives you, and in return nobody — including you — can quietly censor the app or seize what a user owns. Worth saying plainly: that's a feature for some products and dead weight for most. Decentralization earns its complexity when trustlessness is the point, not by default.
Web3 vs Web2 (what actually changes)
The honest answer: the front-end barely changes, and almost everything behind it does. A Web3 app is still React, still TypeScript, still a browser talking to something over the network. What moves is the something. In Web2 your backend is the authority. In Web3 the chain is, and your code reads from and writes to it instead of to a database you control.
Three differences do the real work. First, state is shared and public — there's no private table you alone can see or edit; the chain is the database, the same for everyone. Second, logic is immutable once deployed — a smart contract can't be hot-patched the way you'd push a server fix on a Friday, so a bug that ships tends to stay shipped. Third, users hold their own keys — lose the password-reset flow, gain a world where a wrong signature can drain a wallet with no support line to call.
That last point reshapes UX more than people expect. Every write costs gas, every action needs a signature, and a submitted transaction isn't a finished one. None of that exists in Web2, and pretending otherwise is how a dApp ends up feeling broken even when the contracts are flawless.
The web3 stack
The web3 stack is five layers, and each one has a Web2 cousin — the difference is that the source of truth slides from your database to the chain. Here's how they line up.
| Layer | Its job | Typical choices |
|---|---|---|
| Front-end + wallet connect | What the user sees, and how they sign | React, wagmi, viem, RainbowKit, MetaMask |
| Smart contracts | The on-chain logic and state | Solidity, OpenZeppelin, Foundry or Hardhat |
| Blockchain (L1 / L2) | Where everything settles | Ethereum (L1), Base / Arbitrum / Optimism (L2) |
| Nodes & RPC | How the app talks to the chain | Alchemy, Infura, QuickNode |
| Indexers & storage | Fast reads and off-chain files | The Graph, IPFS |
A few opinions on that table. The front-end layer is the one your existing web team already knows — wagmi and viem are just typed hooks over the chain, and RainbowKit hands you the connect modal. The L1-versus-L2 call is the consequential one: most application dApps in 2026 ship to an L2 like Base or Arbitrum because mainnet gas makes ordinary actions painful, and you reach for Ethereum mainnet directly only when you genuinely need its security and liquidity.
The two layers beginners skip are nodes and indexing, and skipping them is exactly what makes a dApp feel slow. You don't run your own node — you rent access through an RPC provider. And you can't query a chain like a database, because it's an append-only log, not Postgres. An indexer like The Graph listens to contract events and serves them over a normal API, so the front-end fetches lists and history fast and only hits the chain directly for live reads and sending transactions. IPFS, meanwhile, holds the files you'd never want on-chain — images, metadata — referenced by hash from the contract.
How a dApp is built, step by step
The build sequence runs bottom-up: the contract defines what's possible, so it goes first, not the UI. Rough order, with the overlaps noted as they come.
- Pick the chain. This cascades into fees, security, and which tools and developers you can hire. Most app dApps land on an EVM L2; the choice drives the rest of the stack.
- Write and test the contracts. Model on-chain state minimally — storage is your most expensive resource — and emit an event for every state change you'll later want to read. Test hard here; this is the layer you can't cheaply fix.
- Wire up the wallet. Connection, reading state (free, no signature), and writing state (a signed transaction that costs gas). Both paths get built against the contracts as they stabilize.
- Stand up indexing. Deploy a subgraph that maps your events to a schema, then query it from the front-end. This is what makes reads quick instead of crawling a raw node.
- Build the front-end against real status. Wire the React app to the contracts and the indexer, and make the UI tell the truth about every transaction — pending, confirmed, reverted, dropped.
- Deploy and verify. Ship the contracts, verify the source on the explorer so users can read it, point the front-end and indexer at the live addresses, and host the front-end like any static app.
Most of the calendar is contracts and integration, not the UI. Teams that start with the screens usually rebuild around an architecture they never really chose.
The hard parts (gas, keys, UX, immutability)
Here's where Web3 development gets genuinely tricky, and none of it is about writing more code. Gas is the first: every write costs real money, and a badly designed contract can make routine actions absurdly expensive. You design for cheap operations and usually pick an L2 to keep user costs sane.
Keys are the second, and they're unforgiving. Users hold their own private keys, which is the entire point — and also means a lost key is a lost account with no reset, and a malicious signature can empty a wallet. Your UI carries weight here: be explicit about what each signature does, because the user is the last line of defense. If wallets are central to your product rather than just a login, our guide to crypto wallet development digs into that side.
In Web2, a bad deploy is a rollback. In Web3, a bad deploy is a permanent feature of the chain. Build like the code can't be taken back, because it can't.
UX is the third, and it's where most dApps quietly fail. A submitted transaction isn't a done one — it can sit pending for minutes, revert on a require check, or get dropped. Treat "submitted" as "finished" and your app lies to users. Show real status, link to the explorer, handle the wrong-network case. The fourth is immutability: deployed contracts can't be hot-fixed. You either ship something you've tested to exhaustion, or you adopt an upgrade proxy from day one and take on its extra attack surface. Most production contracts stay deliberately non-upgradeable, which raises the stakes on getting them right. For anything holding real value, an external audit is the last gate before launch — our take on smart contract development covers why that step isn't optional.
What it costs
Web3 app cost tracks scope, not some blockchain premium. The front-end and integration work is roughly a normal web app build — the React app, the wallet flows, the screens. What sits on top is three Web3-specific line items, and that's where budgets actually go.
The first is contract engineering, which scales with how custom the logic is. A standard token or NFT contract built on audited base implementations is a small job; a novel protocol with bespoke economics is serious engineering weeks. The second is the security audit — for any contract holding meaningful value, a reputable firm reviews it for known exploit classes, a real planned cost, not an afterthought. The third is recurring infrastructure: RPC, hosted indexing, and storage bill by usage and scale with traffic. The thing people underestimate isn't the contract — it's the audit and the transaction-UX edge cases, which routinely cost more than the on-chain code. Scope those honestly and the number behaves. If you're weighing whether decentralization is even worth this overhead for your product, our look at the future of decentralized apps is the strategic companion to this build view, and our blockchain development hub is where the whole picture comes together.
Frequently asked questions
Web3 development is building apps that run against a blockchain instead of a single company's server. The business logic lives in smart contracts deployed on-chain, the data sits on the chain rather than in a private database, and users connect with their own wallet rather than an account you store. The result is a decentralized app, or dApp, where no single operator can quietly change the rules or seize a user's assets.
In Web2, your server is the single source of truth — it holds the data, runs the logic, and owns the accounts. In Web3, a public blockchain plays that role. State is shared and verifiable, logic runs as smart contracts anyone can read, and users hold their own keys instead of a password you can reset. The trade is control for trustlessness: nobody can censor or alter the app, but you also can't undo a mistake.
The Web3 stack has five layers: a front-end with wallet-connect (React plus wagmi and viem, with RainbowKit for the connect modal); smart contracts written in Solidity that hold the logic and state; a blockchain — an L1 like Ethereum or an L2 like Base or Arbitrum — that everything settles on; nodes and RPC providers like Alchemy or Infura that the app talks to the chain through; and an indexing and storage layer, typically The Graph for queries and IPFS for files. Each layer maps onto a Web2 equivalent, but the source of truth moves from your database to the chain.
A Web3 team needs ordinary web app skills plus a blockchain-specific layer. The front-end is React and TypeScript like any modern app, so those skills carry over. On top, you need Solidity for smart contracts, a real grasp of gas and transaction lifecycles, security instincts because deployed bugs are hard to patch, and familiarity with the tooling — wagmi, viem, Foundry or Hardhat, The Graph. The contract work is the part you can't fake.
Web3 app cost tracks scope, not chain magic. The front-end and integration work is comparable to a normal web app. On top sit three Web3-specific line items: contract engineering, which scales with how custom the logic is; a security audit before any contract holds real value; and recurring RPC, indexing, and hosting fees. Audit and transaction-UX edge cases usually cost more than the raw contract code, so scope those honestly rather than treating the smart contract as the whole bill.
More from the journal

dApp Development: A Step-by-Step Build Guide for Engineers
An engineering-led walkthrough of dApp development: how the contracts, frontend, and indexing layer fit together, which stack to pick, how to wire wallets, what to test, and what deployment actually costs.

How Does DeFi Work? A Technical Breakdown of the Mechanics
Most explainers stop at "no banks." This one goes deeper: how DeFi actually works at the level of smart contracts, AMM pricing math, liquidity pools, price oracles, composability, and on-chain settlement, plus where each piece tends to break.

Smart Contract Audit: What It Is, the Process, and Costs
A smart contract audit is the last gate before mainnet for code that can't be patched and holds real money. This guide covers what an audit checks, how the process and timeline work, what it costs, and how to prepare your contracts so reviewers find design flaws, not typos.