Building a reliable client on a public L1 is mostly engineering discipline: use idempotent request ids (x-cache-id in the node API,fetch_balance), don’t trust a single untested node, and show users meaningful errors when broadcast fails.
On-chain vs. off-chain state
Your database should reconcile with chain history; the HTTP API is the source of truth for final settlement. Reorg depth and display rules for “confirmed” are product choices — document them.
Rate limits and abuse
Public nodes can throttle. Cache reads, use websockets or batch calls only if the deployment supports them, and host your own infrastructure at scale.
Keys
Prefer hardware or OS-backed signing for any hot wallet. Never ship passphrases in front-end bundles.