What is a smart contract in simple terms?

A smart contract is a program stored on a blockchain that runs automatically when specific conditions are met. Think of it like a vending machine: you put in money and make a selection, and the machine delivers the item without any human intermediary. Smart contracts work the same way for financial transactions, token transfers, voting, and more.

Are smart contracts safe?

Smart contracts carry inherent risks. Bugs in the code can lead to loss of funds, and billions of dollars have been stolen through smart contract exploits. However, well-audited contracts from established protocols with years of operation and large amounts of value have strong track records. The safety of a smart contract depends on code quality, audit history, and the complexity of the protocol.

Can smart contracts be changed after deployment?

It depends on the contract's design. Immutable contracts cannot be changed by anyone after deployment -- the code is permanent. Upgradeable contracts use proxy patterns that allow an admin to change the underlying logic. Immutable contracts offer stronger trust guarantees, while upgradeable contracts allow teams to fix bugs and add features. Both approaches involve tradeoffs.

What programming language are smart contracts written in?

The most common language is Solidity, used on Ethereum and all EVM-compatible chains (Arbitrum, Optimism, Base, BNB Chain, Polygon, Avalanche). Solana uses Rust. Aptos and Sui use Move. StarkNet uses Cairo. Each blockchain ecosystem has its own language and development tooling.

What happens if a smart contract has a bug?

If a smart contract has a bug, attackers can exploit it to drain funds. Because blockchain transactions are irreversible, stolen funds usually cannot be recovered. Major exploits have resulted in hundreds of millions of dollars in losses. For immutable contracts, a bug cannot be fixed -- users must migrate to a new contract. For upgradeable contracts, the team can deploy a fix, but this requires users to trust the team with that power.

Do I need to understand smart contracts to use DeFi?

You do not need to read code to use DeFi applications. Most protocols have user-friendly interfaces that abstract away the technical details. However, understanding that you are interacting with smart contracts -- and that those contracts carry risks including bugs, exploits, and admin key compromise -- is essential for making informed decisions about where you put your money.

What Is a Smart Contract? How Blockchain Programs Work

A program on the blockchain

A smart contract is a program stored on a blockchain that executes automatically when predefined conditions are met. The term was coined by computer scientist Nick Szabo in 1994, but the concept became practical only with the launch of Ethereum in 2015.

The simplest analogy is a vending machine. You insert money, press a button, and the machine dispenses your item. There is no negotiation, no intermediary, no trust needed. The machine follows its programming every single time. A smart contract works the same way, except it runs on a blockchain where thousands of computers verify that the code executed correctly.

What makes this powerful is the combination of automation and trust. A smart contract cannot decide to change its rules mid-transaction. It cannot play favorites. It cannot be bribed. It runs exactly as written, and the result is recorded permanently on a public ledger that anyone can verify.

How smart contracts work

The lifecycle of a smart contract has several stages:

Writing. A developer writes the contract's logic in a programming language (most commonly Solidity for Ethereum). The code defines what the contract does: accept deposits, execute trades, issue tokens, manage votes.
Deployment. The compiled code is sent to the blockchain in a special transaction. Once deployed, the contract has its own address -- just like a wallet -- and lives on the blockchain permanently.
Interaction. Users and other contracts send transactions to the contract's address. Each transaction triggers a function in the code. For example, calling the "swap" function on Uniswap sends tokens in and receives different tokens back.
Execution. The network's validators (or miners, on Proof of Work chains) execute the contract's code. Thousands of independent computers run the same computation and verify that they all get the same result. This is what makes the execution trustworthy -- no single party can fake the outcome.
State change. The result of the execution is recorded on the blockchain. Balances update, tokens move, records change. The new state is permanent and transparent.

What smart contracts do in practice

Nearly everything in crypto beyond simple Bitcoin transfers is powered by smart contracts. Here are the major categories:

Token management

Every ERC-20 token (USDC, UNI, LINK, AAVE) is a smart contract. The contract tracks every holder's balance and processes every transfer. When you "hold" USDC, what you really hold is a balance entry in the USDC smart contract.

Decentralized trading

Uniswap, Curve, and other DEXs are smart contracts that hold pools of tokens and execute swaps using mathematical formulas. No order book, no matching engine, no exchange operator -- just code.

Lending and borrowing

Protocols like Aave and Compound are smart contracts that accept deposits, track interest rates algorithmically, and manage collateral. Liquidations happen automatically when positions become undercollateralized.

Governance

DAO governance contracts manage proposals, voting, and treasury spending. Token holders vote on-chain, and if a proposal passes, the contract can execute the approved action without any human intermediary.

Staking

Staking contracts lock tokens and distribute rewards. Liquid staking protocols like Lido use smart contracts to pool user deposits, manage validators, and issue liquid staking tokens (stETH) in return.

Immutable vs. upgradeable contracts

This is one of the most important distinctions in smart contract security, and it deserves careful attention.

Immutable contracts cannot be changed after deployment. The code is permanent. No admin, no team, no governance vote can modify it. Uniswap V2 and Liquity V1 are examples -- once deployed, they run exactly as written until the Ethereum blockchain itself stops functioning. This provides the strongest possible trust guarantee: you can verify the code today and know it will behave the same way forever.

Upgradeable contracts use a design pattern called a "proxy." Users interact with a proxy contract that delegates calls to a separate implementation contract. An admin (usually a multisig wallet controlled by the protocol team) can swap the implementation contract, effectively changing the logic users interact with. This lets teams fix bugs and add features, but it also means the admin can change the rules.

The tradeoff is stark:

Immutable contracts: maximum trust, but bugs can never be fixed. If there is a vulnerability, the only option is to deploy a new contract and ask users to migrate.
Upgradeable contracts: flexibility to fix problems, but users must trust the admin not to make malicious changes. A compromised admin key means a compromised protocol.

Most major DeFi protocols use some form of upgradeability with safeguards: timelocks (changes take effect after a delay, giving users time to exit), multisig admin keys (multiple people must approve changes), and governance votes (token holders decide on upgrades). But none of these are foolproof. Understanding a protocol's upgrade mechanism is a core part of assessing its risk.

Smart contract audits

Before deploying a smart contract that will hold significant value, responsible teams hire independent security firms to audit the code. An audit involves experienced security researchers reviewing the code line by line, testing edge cases, and attempting to find vulnerabilities before attackers do.

Key facts about audits:

Multiple audits are better. Different auditors catch different things. A protocol with three audits from reputable firms is generally safer than one with a single audit.
Audits are not guarantees. An audit reduces risk but does not eliminate it. Many hacked protocols had been audited -- sometimes by multiple firms. Auditors find some bugs, not all bugs.
The scope matters. An audit of the core contracts does not cover peripheral contracts, oracle integrations, or deployment configurations. Attacks often exploit the gaps between audited components.
Post-audit changes invalidate audits. If a team modifies code after an audit, the audit no longer applies to the modified code. This is a common source of vulnerabilities.

Open source transparency

Most DeFi smart contracts are open source -- the code is published on block explorers like Etherscan, and anyone can read, verify, and analyze it. This transparency is a fundamental feature of the ecosystem. You do not have to trust a team's marketing; you can read their code.

In practice, most users cannot read Solidity code, and that is fine. What matters is that security researchers, auditors, competing teams, and the broader developer community can read it. This creates a collective verification layer that centralized financial systems lack. When a protocol's code has been live and open source for years without being exploited, that is meaningful evidence (though not proof) of security.

Smart contract risks

Billions of dollars have been lost to smart contract vulnerabilities. The most common attack vectors include:

Reentrancy. An attacker's contract calls back into the victim contract before the first execution completes, draining funds repeatedly. The 2016 DAO hack ($60 million) used this technique. Modern best practices and reentrancy guards have made this less common, but it still appears.
Oracle manipulation. Smart contracts that rely on price feeds (oracles) can be exploited if an attacker manipulates the price data. Flash loan attacks often work by temporarily distorting prices on a DEX that the victim contract uses as its oracle.
Logic errors. Simple programming mistakes -- incorrect math, missing access controls, flawed state transitions -- that let attackers extract value in ways the developers did not anticipate.
Admin key compromise. If the private key that controls an upgradeable contract is stolen, the attacker can upgrade the contract to drain all funds. This is why admin keys should be protected by multisig wallets and timelocks.
Upgrade attacks. A malicious or compromised team pushes a contract upgrade that includes a backdoor. Timelocks help by giving users a window to withdraw before the upgrade takes effect.

For practical advice on protecting yourself, see our guide to staying safe in crypto.

Major smart contract hacks

Incident	Amount lost	Cause
The DAO (2016)	$60 million	Reentrancy vulnerability
Ronin Bridge (2022)	$625 million	Validator key compromise
Wormhole (2022)	$325 million	Signature verification bug
Euler Finance (2023)	$197 million	Logic error in donation function
Curve Finance (2023)	$73 million	Compiler bug in Vyper language

Smart contract programming languages

Different blockchains use different languages for smart contract development:

Solidity -- The dominant language, used on Ethereum and all EVM-compatible chains (Arbitrum, Optimism, Base, BNB Chain, Polygon, Avalanche). JavaScript-like syntax. The largest developer community and the most mature tooling.
Rust -- Used on Solana (via the Anchor framework). A systems programming language known for memory safety and performance.
Move -- Used on Aptos and Sui. Designed specifically for blockchain use with built-in resource safety -- tokens cannot be accidentally duplicated or destroyed.
Cairo -- Used on StarkNet. Designed for writing provable programs that can be verified using zero-knowledge proofs.
Vyper -- An alternative to Solidity on Ethereum, designed to be simpler and more auditable. Used by Curve Finance and other protocols.

Smart contracts and your portfolio

Every time you deposit into a DeFi protocol, swap tokens on a DEX, or stake your assets, you are interacting with smart contracts. Your tokens are held by these contracts, and your returns depend on them functioning correctly. This makes understanding smart contract risk a practical necessity, not just an academic exercise.

CleanSky detects your positions across DeFi protocols -- each of which is a set of smart contracts -- and shows you where your money is, what it is doing, and which protocols hold it. Combined with an understanding of how DeFi works and the fundamentals of blockchain, this gives you the visibility needed to make informed decisions.

See which smart contracts hold your money -- and what risks they carry -- across all your wallets.

Try CleanSky Free →

Choisir la langue

What is a smart contract?