Roughly 18.7 million wallets opened a decentralized application every day in the third quarter of 2025, even as the same quarter set a DeFi total value locked record of $237 billion according to DappRadar. A dApp is an application whose backend logic runs on a public blockchain instead of a company server, so the rules can’t be changed by the owner, and the app keeps running as long as the network does. The pages below walk through what counts as a dApp, how one actually works, which chains and categories hold the users today, and where the model still breaks.
A decentralized application (dApp) is an app that combines a smart contract on a public blockchain with a frontend user interface, per the Ethereum Foundation’s technical documentation. The backend is executed by every node on the network, not by a central company. That single design choice is what produces every benefit and every trade-off discussed on this page.
Key Takeaways
- Daily unique active wallets on dApps averaged 18.7 million in Q3 2025, down 22.4% quarter-over-quarter, even as DeFi capital hit a record, per DappRadar.
- Ethereum‘s DeFi ecosystem holds $55.77 billion in Total Value Locked with 611,497 daily active addresses and 2.52 million daily transactions as of April 2026, per DeFiLlama live data.
- The Ethereum Foundation’s technical docs define four required dApp properties: decentralized, deterministic, Turing-complete, and isolated inside the Ethereum Virtual Machine.
- Gaming leads dApp usage at 25% of active wallets in Q3 2025 (up from 20.1% in Q2), followed by NFTs at 18.5% and DeFi at 17.9%, per DappRadar.
- Q3 2025 hack losses across dApps and exchanges totaled $434 million, with the GMX exploit ($42 million), CoinDCX breach ($44 million), and UXLINK multi-sig exploit ($21.7 million) as the largest events.
How Does a dApp Work?
A dApp stacks three parts: a smart contract deployed on a blockchain, a front-end interface users actually see, and a wallet that signs transactions on the user’s behalf. The Ethereum Foundation describes a dApp as “an application built on a decentralized network that combines a smart contract and a frontend user interface”. Every interaction that changes state, like a token swap or a loan, is broadcast to the network, executed by every node, and then written into a new block.
Think of a dApp as a vending machine bolted to a public bulletin board. The machine’s code is printed on the board for anyone to read. Drop in the right token and the machine dispenses automatically. No clerk can change the price at midnight, and the machine keeps running even if the store next door closes.
1. A developer writes and deploys a smart contract
The backend of a dApp is a smart contract, which the Ethereum Foundation defines as “code that lives on the Ethereum blockchain and runs exactly as programmed”. That immutability is both the core selling point and the core risk: a bug in a lending contract is frozen into the chain until developers deploy a new version and migrate users across.
2. A frontend calls the contract
The user-facing layer is typically a website or mobile app written in JavaScript, Swift, or any conventional framework. It reads contract state through RPC endpoints and asks the user’s wallet to sign transactions that call contract functions. The frontend can be hosted on standard cloud infrastructure or on decentralized storage like IPFS.
3. A wallet signs and broadcasts the transaction
The user’s wallet holds a private key and turns a “swap one ETH for USDC” request into a cryptographically signed message that the network will accept. Ethereum alone processes 2.52 million transactions per 24 hours across 611,497 daily active addresses, per DeFiLlama’s live data as of April 2026.
4. Every node validates and writes to the chain
Contract code is identical on every node. The same input produces the same output everywhere. The Ethereum Foundation lists this as the “deterministic” property, meaning dapps perform the same function irrespective of the environment in which they get executed. Once the transaction lands in a block, the state change is permanent.
dApp Component Stack (what’s on-chain vs off-chain)
| Layer | What it does | Where it lives | Typical failure mode |
| Smart contract | Bug exploited before patch was deployed | Ethereum, Solana, or another L1/L2 | Bug exploited before the patch was deployed |
| Frontend UI | Presents the app, triggers transactions | Centralized server or IPFS | CDN outage takes the UI down |
| Wallet | Signs messages, custodies keys | User’s device | Phishing or malicious token approval |
| RPC node | Reads chain state | Infura, Alchemy, self-hosted | Single provider goes offline |
| Oracle (optional) | Feeds off-chain data in | Chainlink, Pyth, custom | Data manipulation or stale price |
Source: Ethereum Foundation, DeFiLlama
The mechanics explain what a dApp is. The size of the market explains why anyone cares.
Why Does a dApp Matter?
A dApp matters because its rules are enforced by the network rather than a company, which changes who can shut it off and who can edit it. That’s a live distinction, not a theoretical one: Ethereum’s DeFi dApps currently secure $55.77 billion in Total Value Locked and Solana’s hold $5.888 billion as of April 2026, per DeFiLlama. That capital keeps settling through open contracts; no single entity can pause.
The Ethereum Foundation lists five benefits of dApp development: zero downtime, privacy, resistance to censorship, complete data integrity, and trustless computation. The zero-downtime point has been tested recently. During the November twenty-twenty-five Cloudflare outage, the underlying smart contracts for Uniswap and other major dApps kept executing while most users could not reach the UIs because the front-end hosting failed. CoinLaw has tracked dozens of DeFi protocols. The pattern that keeps showing up is a split between on-chain state (robust) and off-chain UX (brittle). A reader moving real money should know the difference because a “decentralized” app can still go dark for a day if Cloudflare does.
The scale has caught up to the claim. Q2 2025 daily unique active wallets averaged 24.3 million, up 247% compared to early 2024, per DappRadar. The user curve has bent upward faster than any previous cycle’s adoption curve, though Q3 2025 saw a 22.4% quarter-over-quarter drop to 18.7 million daily wallets, even as DeFi capital hit a record $237 billion. Capital is concentrating while active users thin out, a split that usually precedes either a consolidation wave or a retail return.
The upside is real. So are the trade-offs, and a wallet held the wrong way can lose money fast.
Pros, Cons, and Risks
Advantages
- Zero downtime at the contract layer. Once deployed, the logic keeps running as long as the base chain does. The Ethereum Foundation notes that malicious actors cannot launch denial-of-service attacks targeted toward individual dapps.
- Censorship resistance. No single entity on the network can block users from submitting transactions, deploying dapps, or reading data from the blockchain, per the Ethereum Foundation.
- Data integrity. State changes are cryptographically linked into the chain, so historical transactions cannot be silently rewritten by a provider.
- Open auditability. The contract code is typically public, letting security firms and community researchers review logic before depositing funds.
- Composability. A lending contract can call a DEX contract that calls an oracle contract in one transaction, which is why the category hit $237 billion in Total Value Locked by Q3 2025 per DappRadar.
Trade-offs and Risks
- Immutable bugs. Once a contract is deployed, its code cannot be edited. The Ethereum Foundation lists maintenance as a core drawback: dapps can be harder to maintain because the code and data published to the blockchain are harder to modify.
- Performance overhead. The Ethereum Foundation notes that every node runs and stores every transaction, and the base network caps at roughly 15 per second, with a floor near 10, though rollups raise the effective ceiling.
- Security loss concentration. Q3 2025 losses across the dApp and exchange sector hit $434 million, including the GMX exploit at $42 million, CoinDCX breach at $44 million, and UXLINK multi-sig exploit at $21.7 million, per DappRadar.
- Front-end centralization. Most dApps serve their UI through traditional CDNs, which can create single points of failure that undercut the “always on” claim when a provider goes down.
- User experience friction. Wallet setup, gas fees, and transaction signing still trip up new users compared to centralized alternatives.
Those risks don’t apply evenly. Each dApp category carries its own profile.
Types of dApps
dApps break into five main categories by active wallet share, according to DappRadar’s latest Industry Report. Gaming and NFTs lead activity, with DeFi holding the most capital. The ordering matters for readers picking a first dApp, because the category sets the risk model: a DeFi app can drain a wallet through a bad token approval, while a game typically risks only the in-game NFTs.
dApp Categories by Share of Active Wallets (Q3 2025)
| Category | Share of active wallets | Representative dApps |
| Gaming | 25% | Axie Infinity, Pixels, Gods Unchained |
| NFT marketplaces | 18.5% | OpenSea, Blur, Magic Eden |
| DeFi | 17.9% | Uniswap, Aave, Curve, Lido |
| AI | Declining (Q3 wallets below Q2) | Fetch.ai, Bittensor subnets |
| SocialFi | Declining (Q3 wallets below Q2) | Farcaster clients, Lens apps |
Source: DappRadar
DeFi dApps let users lend or borrow and swap or earn yield without a central broker. They also hold most of the money: DeFi reached 17.9% of daily active wallets in Q3 2025 while the sector captured $237 billion in TVL, per DappRadar. Readers looking at platform scale can see the category breakdown in our decentralized finance data.
Gaming dApps put item ownership and in-game economies on-chain. Gaming grew from 20.1% to 25% share of daily active wallets in Q3 2025 per DappRadar, solidifying its market dominance over DeFi and NFTs.
NFT marketplaces are dApps that list and settle transfers of non-fungible tokens. The category moved 18.1 million NFTs in Q3 2025, generating $1.6 billion in volume, a 158% quarter-over-quarter increase per DappRadar.
AI dApps pair smart contracts with off-chain inference providers. The category is the most volatile: AI dApp daily active wallets fell from 4.8 million (Q2) to 3.1 million (Q3) per DappRadar, one of the sharpest retracements in any dApp category.
SocialFi dApps tokenize the follower graph and creator tipping. Social dApp daily active wallets fell from 3.8 million (Q2) to 1.57 million (Q3) per DappRadar, a sign the novelty premium has faded.
Real-World Applications
Token Swap on a DeFi DEX
A user opens Uniswap, connects a wallet holding crypto exchange market data-level liquidity, picks a pool, and signs a transaction that swaps one token for another. The Uniswap contract computes the output amount, deducts a pool fee, and updates the pool’s reserves, all in one block. Ethereum DEXs processed $1.075 billion in 24-hour volume as of April 2026 per DeFiLlama. The exchange has no order book and no custody account. The contract itself is the market maker.
Lending on Aave
A saver deposits USDC into a money-market contract and receives an interest-bearing receipt token. A borrower posts ETH as collateral and borrows against it. Rates adjust algorithmically based on utilization. If the collateral’s value drops past the liquidation threshold, anyone can call the liquidation function and collect a bonus, which keeps the protocol solvent without a human credit officer. This is where the composability advantage shows up: the deposit receipt token can then be used as collateral somewhere else.
Play-to-Earn on Axie Infinity
Players purchase NFT creatures. They battle them and earn tokens redeemable on exchanges. The game runs across its own chain and wallet stack. The NFT inventory lives in the player’s wallet rather than a game studio’s database. Gaming’s 25% share of Q3 2025 daily active wallets, up from 20.1% in Q2, per DappRadar, is driven largely by this category of on-chain inventory. If the studio shuts down tomorrow, the NFTs remain tradable as long as the chain runs.
Frequently Asked Questions (FAQs)
“dApp” stands for “decentralized application” and describes software whose backend logic runs on a public blockchain rather than a central company server. The term is written dApp, DApp, or dapp interchangeably, and the Ethereum Foundation uses “dapp” in its technical documentation. The defining criterion is that no single party can change, censor, or shut down the core logic once it’s deployed on-chain.
A regular app runs its backend on company-controlled servers. The company can change features or ban users, or take the service offline. A dApp runs its backend on a public blockchain, which the Ethereum Foundation describes as “an open public decentralized platform where no one person or group has control”. Front-ends can look identical, while rules underneath are enforced by the network rather than the company.
Bitcoin is sometimes called a dApp and sometimes excluded from the category, depending on the definition used. Wikipedia lists Bitcoin as an example of a DApp, while the Ethereum Foundation’s definition requires a smart contract plus a frontend interface, which Bitcoin’s scripting system meets only in a limited way. Most practitioners reserve “dApp” for applications built on programmable chains like Ethereum, Solana, and their layer-2s.
As of Q3 2025, DappRadar tracked 18.7 million daily unique active wallets interacting with dApps, down 22.4% from the prior quarter but still up 247% compared to early 2024. DeFiLlama monitors thousands of protocols across hundreds of chains. The count of unique dApps is harder to pin down. Active usage runs into the thousands rather than hundreds of thousands.
Conclusion
A dApp is software whose backend is enforced by a blockchain rather than a company, which is why the logic can’t be changed at will and why the app keeps running through outages that would take a centralized service offline. That single design choice explains both the appeal and the risk profile: DeFi TVL hit a record $237 billion in Q3 2025 while $434 million was stolen in the same period, per DappRadar. Readers checking wallet data can cross-reference adoption against our MetaMask wallet data coverage and our self-custody wallet data breakdown.
The next phase for dApps centers on honest labeling. Across CoinLaw’s coverage, the dApps that keep users through a bear market are the ones that are open about which layers they actually decentralize and which layers depend on Cloudflare, AWS, or a multisig. The ones that overstate their independence tend to be the ones that break in a headline-grabbing way. Expect the distinction between on-chain enforcement and off-chain hosting to become a standard disclosure rather than a footnote.
