Imagine you're a backend developer. Your product manager walks in and says:
"We need gift cards that automatically deduct a 1% platform fee every time they're transferred. Oh, and some cards should expire. And the VIP ones should earn interest."
You sigh. You open your IDE. You start writing middleware, fee calculators, cron jobs, database triggers, and a transfer validation service that three other microservices now depend on.
That's the Web2 way.
On Solana, with Token Extensions, you configure this at token creation time and the blockchain enforces it automatically. No middleware. No off-chain logic. No service to maintain.
I spent Days 34β39 of my #100DaysOfSolana challenge building and inspecting tokens with different extension combinations. Here's what I learned, translated into Web2 terms.
What Are Token Extensions?
Token Extensions (also called Token-2022) is Solana's upgraded token program. The original SPL Token program gave you a basic ERC-20-style token. Token Extensions lets you bake additional behaviour directly into the mint at creation time.
Think of the original SPL Token as a plain database row. Token Extensions is that same row, but with constraints, triggers, and computed columns built in except instead of your database enforcing them, the entire Solana network does.
The key thing: you choose your extensions when you create the mint, and they cannot be added or removed later. This is a design decision, not a limitation. It means the rules are permanent and trustless.
The Extensions I Built This Week
- Interest-Bearing Token
Web2 equivalent: A savings account or yield-bearing stablecoin where the balance display reflects accrued interest.
The extension stores an annual rate in basis points on the mint itself. The raw token balance never changes but when any wallet queries amountToUiAmount, the RPC applies continuous compounding math to return the display amount.
`bash#
Create a token with 5% annual interest (500 basis points)
spl-token create-token \
--program-id TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb \
--interest-rate 500
Query the interest-adjusted display amount
curl -s https://api.devnet.solana.com -X POST \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "amountToUiAmount",
"params": ["YOUR_MINT_ADDRESS",` 1000000000000]
}'
What surprised me: the raw on-chain balance never changes. Interest is purely a display-layer calculation applied at read time. It's like a computed column in PostgreSQL stored as a formula, evaluated on query.
- Transfer Fees
Web2 equivalent: A payment processor that automatically withholds a platform fee on every transaction like Stripe taking 2.9% before funds hit your account.
You set a fee in basis points and a maximum cap. Every transfer automatically withholds that fee in the recipient's token account. The fee authority can then harvest and withdraw those fees.
`bash#
Create a token with 1% transfer fee, capped at 50,000 raw units
spl-token create-token \
--program-id TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb \
--transfer-fee-basis-points 100 \
--transfer-fee-maximum-fee 50000
After transfers occur, check withheld fees on a token account
spl-token display YOUR_TOKEN_ACCOUNT
Harvest fees from recipient accounts to the mint
spl-token harvest-withheld-tokens YOUR_MINT_ADDRESS YOUR_TOKEN_ACCOUNT
Withdraw collected fees to your own account
spl-token withdraw-withheld-tokens YOUR_DESTINATION_ACCOUNT --include-mint`
What clicked: fees are withheld in the recipient's token account first, not the mint. You have to harvest them to the mint before you can withdraw. It's a two-step collect flow like reconciling pending transactions before settling.
- Default Account State (Frozen)
Web2 equivalent: A KYC-gated account where new users are locked out until compliance verification passes. Think brokerage accounts you can open one, but you can't trade until identity is verified.
With this extension, every token account created for this mint starts in a frozen state. The freeze authority must explicitly thaw an account before it can send or receive tokens.
`bash
Create a mint where all new accounts start frozen
spl-token create-token \
--program-id TokenzQdBNbLqP5VEhdkAS6EPFLC1PHnBqCXEpPxuEb \
--enable-freeze \
--default-account-state frozen
Mint attempt on a frozen account this FAILS
spl-token mint YOUR_MINT_ADDRESS 100
Error: Account is frozen
Thaw the account (your KYC approval step)
spl-token thaw YOUR_TOKEN_ACCOUNT
Now mint and transfer succeed
spl-token mint YOUR_MINT_ADDRESS 100`
What surprised me: the error is enforced at the program level, not by your application. There is no way for a user to bypass it. In Web2, you'd need middle ware intercepting every transfer request. Here, the blockchain is your middle ware.
The Cost of Extensions
Extensions aren't free. Each one adds bytes to the mint account, and those bytes require SOL locked as rent. Here's what I measured this week:
Mint TypeExtensionsAccount SizeRent CostDefault-FrozenDefaultAccountState + Freeze171 bytes0.00208 SOLInterest-BearingInterest-Bearing222 bytes0.00244 SOLArcCoin (multi)Transfer Fees + Interest + Metadata599 bytes0.00506 SOL
The metadata extension is the biggest contributor it stores the token name, symbol, and URI string directly on-chain. Without it, ArcCoin would be around 250 bytes. With it, it's 599.
Web2 analogy: It's like choosing between a lightweight microservice and a feature-rich monolith. Both have their place, but you pay for what you include and you can't remove features after deployment.
What I'd Tell a Web2 Developer
If you've ever written:
A fee deduction service
An interest accrual cron job
A KYC gate on fund transfers
A compliance hold on token movements
...you've already thought through the logic that Token Extensions encodes. The difference is where enforcement lives.
In Web2, your application enforces the rules. If your service goes down, rules aren't enforced. If someone calls your database directly, rules are bypassed. If you have a bug in your fee calculator, fees are wrong.
In Token-2022, the Solana runtime enforces the rules. There is no "calling the database directly." There is no bypassing the fee logic. The rules live at the same layer as the asset itself.
That's not just a technical difference. That's a trust model difference.
Going Deeper
If this sparked your curiosity, the official Token-2022 Extensions Guide covers all available extensions with full TypeScript and CLI examples. The extensions I covered here are just three of over a dozen available.
I'm on Day 39 of #100DaysOfSolana, building and writing every day. If you're on the same journey, let's connect.