Blog
Technical writing on Web3, AI, and building things. Written by Uvin Vindula.
130 articles
A practical guide to implementing ERC-2981 royalty standard in NFT smart contracts. Covers the standard explained, custom royalty splits, marketplace support reality, on-chain enforcement strategies, the Operator Filter Registry, and the future of creator compensation on Ethereum.
A hands-on guide to achieving 95+ Lighthouse scores in Next.js — covering LCP, INP, CLS, bundle optimization, image strategy, font loading, and Server Components. Based on real production numbers from FreshMart and other projects I have shipped.
A transparent breakdown of how I price software development services from $8K to $80K per project and $5K/month retainers — including real numbers, the mistakes I made, and why I stopped competing on price from Sri Lanka. A guide for developers and clients alike.
A technical deep dive into yield farming — LP token staking mechanics, reward distribution math, auto-compounding vaults with ERC-4626, multi-pool farming architecture, APR vs APY calculations with code, and building farm contracts that don't collapse.
Battle-tested Next.js middleware patterns I use on every production app — authentication redirects, rate limiting at the edge, geo-based routing, bot detection, A/B testing, and a complete middleware.ts template you can drop into any project.
A practical guide to working as a remote developer from Sri Lanka with clients in the UK, USA, Canada, and Europe. Uvin Vindula shares real numbers on pricing ($8K-$80K projects), time zone management across IST and GMT, payment solutions that actually work for Sri Lankan developers, and the common mistakes that keep talented developers undercharging. Based on years of experience running Terra Labz and building production software for international clients from Colombo and London.
A security auditor's guide to smart contract access control — from simple Ownable to role-based AccessControl, multi-sig patterns, timelocks, and emergency pauses. Includes real anonymized audit findings, vulnerable vs fixed code, and Foundry tests that catch access control bugs before attackers do.
A battle-tested guide to Supabase Row Level Security policies — SELECT, INSERT, UPDATE, DELETE patterns, auth-based policies, role-based access, multi-tenant RLS, performance tuning, and the mistakes I have made so you do not have to.
Production authentication patterns I use in every Next.js project with Supabase Auth. From email/password and OAuth flows to middleware-based session management, protected routes on both server and client, role-based access control, and the auth bugs that cost me hours. Real patterns from uvin.lk and EuroParts Lanka that handle expired sessions, OAuth callback races, and edge cases most tutorials skip.
A hands-on guide to building on-chain SVG NFTs with dynamic metadata that evolves based on blockchain state. Covers Solidity SVG generation, base64 encoding for tokenURI, gas optimization patterns, and comparison with IPFS-based approaches.
A practical guide to building MVPs that validate your idea and attract real users — with real budgets, timelines, and examples from building products like GemStore.lk and EuroParts Lanka. Stop overbuilding. Start shipping.
Battle-tested streaming and Suspense patterns from production Next.js apps. Learn how to get LCP under 1.5 seconds by streaming expensive data fetches while showing an instant shell. Real examples from EuroParts Lanka and FreshMart.