Fatskills
Practice. Master. Repeat.
Study Guide: Blockchain and Web3 Development: Career and Portfolio Building a Web3 Developer Portfolio GitHub Dapp Demo Hackathons
Source: https://www.fatskills.com/cryptocurrency-bitcoin-blockchain-and-more/chapter/blockchain-and-web3-development-blockchain-and-web3-development-career-and-portfolio-building-a-web3-developer-portfolio-github-dapp-demo-hackathons

Blockchain and Web3 Development: Career and Portfolio Building a Web3 Developer Portfolio GitHub Dapp Demo Hackathons

By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.

⏱️ ~5 min read

What This Is

A Web3 developer portfolio is a curated collection of open‑source code, live dApp demos, and competition results that proves you can design, build, and ship decentralized applications. Because every smart‑contract deployment is immutable and publicly verifiable, a strong portfolio lets recruiters and investors instantly audit your technical chops and product sense. Think of a portfolio like a “GitHub résumé” for crypto: a Uniswap‑style token swap you coded from scratch, an NFT‑minting site that writes to IPFS, and a DAO voting contract you showcased at a hackathon.


Key Terms & Code Snippets

  • Solidity ≥ 0.8.20: The primary language for EVM contracts.
    solidity pragma solidity ^0.8.20; contract SimpleERC20 { /* … */ }

  • Hardhat: A local development environment that compiles, tests, and deploys contracts.
    bash npx hardhat compile npx hardhat run scripts/deploy.js --network goerli

  • Ethers.js Provider/Signer: JavaScript objects that read chain state (provider) and send transactions (signer).
    js const provider = new ethers.JsonRpcProvider(INFURA_GOERLI); const signer = provider.getSigner();

  • ERC‑20 transferFrom pattern: Allows a spender to move tokens on behalf of an owner after approve.
    solidity token.transferFrom(owner, recipient, amount);

  • ERC‑721 Mint Function: Creates a new NFT and assigns it to a wallet.
    solidity function mint(address to, uint256 tokenId) external {
    _safeMint(to, tokenId); }

  • IPFS CID (Content Identifier): A hash that points to immutable off‑chain data (e.g., NFT metadata).
    js const cid = await ipfs.add(JSON.stringify(metadata));

  • GitHub Actions CI/CD: Automates linting, testing, and deployment on every push.
    ```yaml

  • name: Run tests
    run: npx hardhat test ```

  • Chainlink VRF (Verifiable Random Function): On‑chain source of randomness for fair draws.
    solidity requestRandomWords(keyHash, subscriptionId, 3, 200000, 1);

  • Optimistic Rollup (e.g., Arbitrum): Scales Ethereum by assuming transactions are valid and only posting fraud proofs when challenged.

  • ZK‑Rollup (e.g., zkSync): Packs many transactions into a single proof that is verified on‑chain, offering privacy and lower gas.

  • DAO Governance vote(uint256 proposalId, bool support): Simple on‑chain voting function.

  • Reentrancy Guard (nonReentrant modifier): Prevents a contract from being called back into before the first call finishes.
    solidity modifier nonReentrant() {
    require(!locked, "Reentrancy");
    locked = true;
    _;
    locked = false; }


Step‑by‑Step / Process Flow

  1. Design & Scaffold – Sketch the dApp’s user flow, then npx hardhat init to generate a Solidity project skeleton.
  2. Write & Test Contracts – Implement core logic (ERC‑20, ERC‑721, DAO) in contracts/, write unit tests in test/ with chai/ethers. Run npx hardhat test.
  3. Deploy to a Testnet – Create an Infura/Alchemy API key, fund a Goerli wallet, then run npx hardhat run scripts/deploy.js --network goerli. Verify the contract address on Etherscan.
  4. Build the Front‑End – Use React + wagmi + ethers to connect MetaMask, call contract methods, and display IPFS‑hosted metadata.
  5. Publish the Demo – Host the UI on Vercel or Netlify, point the domain to the testnet contract, and add the live link to your GitHub README.
  6. Showcase & Iterate – Submit the project to a hackathon (e.g., ETHGlobal), add the badge to your repo, and iterate based on judges’ feedback.

Common Mistakes

  • Mistake: Hard‑coding tx.origin for access control.
    Correction: Use msg.sender and role‑based AccessControl because tx.origin can be spoofed through phishing contracts.

  • Mistake: Forgetting to await asynchronous ethers calls, leading to “nonce too low” errors.
    Correction: Always await contract.method(...).wait() so the transaction is mined before the next step.

  • Mistake: Deploying contracts with the default Solidity optimizer disabled, causing high gas fees.
    Correction: Enable optimizer: { enabled: true, runs: 200 } in hardhat.config.js to shrink bytecode and lower gas.

  • Mistake: Storing large NFT metadata on‑chain (e.g., base64 strings).
    Correction: Store only the IPFS CID on‑chain; keep the JSON and image off‑chain to keep gas cheap.

  • Mistake: Using a single private key for both testnet and mainnet deployments.
    Correction: Separate keys (or use a hardware wallet) to avoid accidental mainnet loss and to keep testnet credentials public‑friendly.


Blockchain Developer Interview / Practical Insights

  1. call vs delegatecall – Interviewers ask you to explain why delegatecall runs in the caller’s context (shares storage) and when it’s safe (e.g., proxy patterns).
  2. ERC‑20 vs ERC‑777 – Be ready to compare the basic transfer/approval model of ERC‑20 with ERC‑777’s hooks (tokensReceived) that enable “send‑and‑receive” callbacks.
  3. Optimistic vs ZK Rollups – Know the trade‑off: Optimistic rollups rely on fraud proofs (faster finality, higher latency) while ZK rollups provide instant finality with heavy proof generation costs.
  4. Gas‑price vs Gas‑limit – Explain why a transaction can succeed with a low gas‑price but fail with an insufficient gas‑limit, and how to estimate limits with estimateGas.

Quick Check Questions

  1. Scenario: A contract uses tx.origin to restrict withdrawals to the contract owner.
    Answer: Dangerous – a malicious contract can trick the owner into calling it, making tx.origin the attacker’s address, thus bypassing the check.

  2. Scenario: Your front‑end calls contract.transfer(address, amount) but the transaction reverts with “insufficient allowance”.
    Answer: You must first approve the spender (your contract) for that amount; transferFrom requires an allowance set by the token holder.

  3. Scenario: You see a DAO proposal that can be executed by anyone after the voting period ends.
    Answer: Ensure the execution function checks proposal.state == Passed && block.timestamp >= endTime to prevent premature or unauthorized execution.


Last‑Minute Cram Sheet (10 one‑liners)

  1. ⚠️ Never rely on tx.origin for auth – use msg.sender + role contracts.
  2. Gas tip: Use uint256 instead of uint128 when you need arithmetic safety; the EVM works on 256‑bit slots anyway.
  3. Compiler: Solidity 0.8.20 is the current LTS; most audits target ^0.8.0 for built‑in overflow checks.
  4. ERC‑20 = Fungible, ERC‑721 = Non‑fungible, ERC‑1155 = Multi‑token (both).
  5. Reentrancy Guard is a one‑line nonReentrant modifier; add it to any external payable function.
  6. IPFS CIDv1 starts with bafy...; CIDv0 (legacy) starts with Qm....
  7. Hardhat “fork” lets you test against mainnet state locally: npx hardhat node --fork https://eth-mainnet.alchemyapi.io/v2/KEY.
  8. Chainlink VRF costs ~0.1 ETH per request on testnet; budget accordingly for demos.
  9. Optimistic Rollup fraud window is typically 7 days; ZK rollup finality is seconds.
  10. GitHub Actions: actions/setup-node@v4 + actions/cache@v3 speeds up CI by caching node_modules.


ADVERTISEMENT