Building on Web2 platforms usually means accepting the constraints of databases you don't control and rules enforced by someone else’s application logic. But what happens when the logic lives on the protocol level, and you hold the keys?
Over the past week, as part of my #100DaysOfSolana journey, I’ve gone from installing the Solana CLI to creating custom tokens with built-in metadata, permanent transfer fees, and even non-transferable "Soulbound" credentials. This is a look at what I built, how it works, and what surprised me along the way.
Context: Why Solana Token Extensions?
Before diving in, I assumed creating a token on a blockchain was as simple as writing a smart contract and deploying it. But on Solana, things work a bit differently. Instead of every developer writing their own custom smart contracts for tokens (like ERC-20 on Ethereum), Solana uses a standardized program called the SPL Token Program.
The Token Extensions Program (commonly called Token-2022) is an upgraded version of the original SPL Token Program that adds protocol-level features like metadata pointers, transfer fees, confidential transfers, and non-transferable (soulbound) tokens. I spent my week exploring exactly what this new program can do.
The Walkthrough: Building the Tokens
Here is a breakdown of the core token features I built using the Solana CLI and the Token Extensions program.
- The Foundation: Minting My First Token
Before getting into the fancy extensions, I needed to understand the basics. In Solana, a Mint is the blueprint for a token. It doesn't hold tokens; it simply defines them.
Using the CLI, creating a mint on Devnet was incredibly fast:
spl-token create-token --program-id TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb
Notice the --program-id Tokenz... flag? That tells the network to use the new Token-2022 program instead of the legacy SPL Token Program.
- Giving it an Identity: The Metadata Extension
A token is just a string of numbers until you give it a name and a logo. Previously, metadata on Solana required interacting with a completely separate program (Metaplex). With Token-2022, you can embed metadata pointers directly into the token mint itself.
spl-token initialize-metadata <MINT_ADDRESS> "My Awesome Token" "MAT" "https://my-metadata-url.json"
This single command gave my token a name, ticker symbol, and a pointer to off-chain JSON metadata. No additional smart contracts were required.
- Enforcing Economics: The Transfer Fee Extension
This is where things became really interesting.
In traditional finance or gaming platforms, operators often take a small percentage from every transaction. On a blockchain, however, users can transfer assets directly between wallets without any middleman.
Using the Transfer Fee Extension, I configured my token to automatically deduct a 50 basis point (0.5%) fee on every transfer while also setting a maximum fee limit.
spl-token create-token \
--program-id TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb \
--transfer-fee 50 50000
The most impressive part was that this rule is enforced by the blockchain itself—not by a website or frontend application. Every wallet or application interacting with the token must respect the transfer fee because it is part of the token's protocol-level behavior.
- Digital Credentials: The Non-Transferable Extension
Finally, I experimented with Soulbound Tokens.
In Web2, things like verification badges, employee IDs, and course certificates stay attached to your account. They aren't supposed to be sold or transferred.
The Non-Transferable Extension brings the same concept to blockchain assets.
spl-token create-token \
--program-id TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb \
--enable-non-transferable
I minted a few tokens and then attempted to transfer them to another wallet.
Instead of succeeding, the network rejected the transaction with the following message:
Program log: Transfer is disabled for this mint
That failure was actually the success of the experiment.
Unlike a frontend validation or backend API check, this restriction exists directly inside the Token-2022 program itself. No wallet, application, or script can bypass it.
Interestingly, although transfers are blocked, the token owner can still burn (destroy) the token if they choose. This makes it perfect for credentials such as:
- University certificates
- KYC verification badges
- Event participation NFTs
- Employee IDs
- Membership credentials
What Surprised Me
The biggest "aha!" moment for me was understanding the difference between application-layer logic and protocol-layer logic.
As a Web2 developer, I'm used to enforcing rules through backend APIs, databases, and frontend validation. If I don't want users to transfer something, I simply disable the button or reject the API request.
On Solana, things work very differently.
By enabling a single flag during token creation, the blockchain itself becomes responsible for enforcing the rule. Every application, wallet, explorer, and SDK automatically follows the same behavior because the rule is part of the token's definition—not the application's implementation.
It completely changed the way I think about where business logic should live.
What's Next?
Building everything through the CLI gave me a solid understanding of how accounts, token mints, and extensions actually work under the hood.
My next goal is to move these concepts into JavaScript using:
@solana/web3.js@solana/spl-token
I want to build a frontend application where users can create and interact with custom Token-2022 assets directly from their browser.
A week ago, terms like Mint, Metadata Pointers, and Token-2022 were simply buzzwords to me.
After building these tokens myself, I now understand that Solana isn't just about creating cryptocurrencies—it's about creating programmable digital assets whose behavior is enforced directly by the blockchain itself.
That shift in perspective has been one of the most valuable lessons I've learned during this journey, and I'm excited to keep building.
Helpful Resources
- Solana Tokens: https://solana.com/docs/core/tokens
- Token Extensions (Token-2022): https://solana.com/docs/core/tokens/token-2022
- SPL Token CLI: https://spl.solana.com/token
This post was created as part of the #100DaysOfSolana challenge.
Top comments (0)