What is a smart contract? The code that runs crypto

A smart contract is not smart, and it is barely a contract. It is a small program that lives on a blockchain and runs itself when its conditions are met, with no person to enforce it and no way to undo it. Understanding this one idea unlocks almost everything in crypto.

A smart contract is a program stored on a blockchain that automatically executes when certain conditions are met, with no person, company, or middleman needed to carry it out. That is the whole concept, and it is simpler than the intimidating name suggests, because a smart contract is not artificial intelligence and it is not really a legal contract in the traditional sense. 

It is code, a set of instructions that says “if this happens, then do that,” running on a network that no single party controls, in a way that cannot be stopped, censored, or reversed once it is set in motion. Almost everything interesting in crypto beyond simply sending coins, decentralized finance, NFTs, tokens, decentralized applications, runs on smart contracts, which makes understanding them the key that unlocks how the modern crypto world actually works.

This guide explains smart contracts in plain English, from the ground up, with no coding or technical background assumed. It covers what a smart contract actually is and where the idea came from, the vending-machine analogy that makes it click, how smart contracts actually work under the hood, what they are used for across crypto, their real advantages, and, just as importantly, their serious risks and limitations, because the same properties that make smart contracts powerful also make them dangerous when they go wrong. 

By the end you will understand not just the definition but the deeper idea, why “code is law” is both the promise and the peril of smart contracts, and why this single invention reshaped what blockchains could do.

What a smart contract actually is

The name causes more confusion than the concept deserves, so it helps to take it apart before building it back up.

A smart contract is “smart” only in the sense that it executes automatically; the word does not imply intelligence or any kind of thinking, and the person who coined the term was careful to say so. It is a “contract” only in the loose sense that it encodes an agreement, a set of conditions and the actions that follow from it, but it is not a legal document sitting in a drawer waiting for a court to enforce it. 

The clearest way to describe it is what it actually is: execution logic, a small computer program that lives on a blockchain and runs by itself when its predefined conditions are satisfied. It takes an input, checks whether the conditions are met, and if they are, it performs the actions it was programmed to perform, moving funds, updating records, transferring ownership, issuing a token, without any human stepping in to make it happen.

The idea is older than blockchain. A computer scientist and legal scholar named Nick Szabo proposed the concept in the 1990s, defining a smart contract as a set of promises specified in digital form and the protocols within which the parties perform on those promises, and he was explicit that “smart” did not mean intelligent. 

For years the idea was theoretical, because there was no platform on which such self-executing agreements could run reliably without a trusted party to host them. Bitcoin, launched in 2009, introduced a limited form of programmability, but it was the launch of Ethereum in 2015 that made fully featured smart contracts a practical reality, providing a blockchain designed from the start to run arbitrary programs. 

Ethereum turned Szabo’s theoretical idea into working infrastructure, and most of the smart contracts in use today run on Ethereum or on networks built on the same model. The concept waited two decades for a platform that could run it without anyone in charge, and the blockchain was that platform.

The vending machine: the analogy that makes it click

The single best way to understand a smart contract is through an analogy that the concept’s own inventor used, because it captures the essential idea perfectly.

Think of a vending machine. You walk up, insert the right amount of money, press the button for your selection, and the machine dispenses your item, all without a cashier, a clerk, or any human involved in the transaction. The machine enforces the agreement automatically: if you put in enough money and make a valid selection, you get the product, and if you do not put in enough, you get nothing. 

The rules are built into the machine, they execute on their own when the conditions are met, and there is no person you need to trust or negotiate with, because the machine simply does what it was built to do. A smart contract is the digital, blockchain-based version of exactly this: a mechanism that holds a set of rules, checks whether the conditions are satisfied, and automatically delivers the outcome, with no intermediary required.

The analogy illuminates the key properties. The vending machine is automatic, it acts without a human; it is deterministic, the same input always produces the same output; and it is trustless in the sense that you do not need to trust the machine’s owner to be honest, because the machine’s behavior is fixed by its mechanism, not by anyone’s goodwill in the moment. A smart contract shares all three properties and adds the powers of a blockchain: it can hold and move large amounts of value, it runs on a network no single party controls so no one can secretly alter its rules, and its actions are permanently recorded and visible. 

Where a vending machine dispenses a candy bar, a smart contract can release thousands of dollars, transfer ownership of an asset, or trigger a chain of further actions, all on the same simple principle of automatic execution when conditions are met. The vending machine is the intuition; the smart contract is that intuition scaled up to handle money, ownership, and complex agreements with no one in charge.

How a smart contract actually works

Going one level deeper, it helps to understand the mechanics, because the way a smart contract runs explains both its power and its dangers.

A smart contract is written as code, typically in a programming language designed for the purpose, and then deployed onto a blockchain, where it is stored at a specific address much like a wallet has an address. Once deployed, the contract lives on the blockchain permanently, its code visible to anyone and its rules fixed, and it sits there waiting to be used. 

When someone wants to interact with it, they send a transaction to the contract’s address, providing whatever input the contract requires, and the network’s computers, the thousands of nodes that maintain the blockchain, all run the contract’s code with that input. Because every node runs the same code on the same input, they all arrive at the same result, which is how the network agrees on the outcome without any central authority, and that agreed result, the funds moved, the ownership transferred, the record updated, is written permanently to the blockchain.

Several features of this process are worth understanding because they shape everything about how smart contracts behave. First, execution costs money: running a contract’s code consumes computational resources, and the user pays a fee, often called gas, to compensate the network for that work, which means complex contracts that do more cost more to run. Second, execution is deterministic and verifiable: because every node runs the same code and reaches the same answer, anyone can verify that the contract did exactly what its code specifies, with no hidden behavior. 

Third, and most consequentially, once a contract is deployed, its code generally cannot be changed: the rules are fixed at deployment, and the contract will do exactly what it was programmed to do, forever, which is a strength when the code is correct and a catastrophe when it contains a flaw. This combination, code that runs automatically across a decentralized network, costs a fee to execute, produces verifiable results, and cannot be altered after deployment, is what makes smart contracts both remarkably powerful and unforgiving of error. The machine does precisely what it was built to do, whether or not that is what its creators intended.

What smart contracts are used for

The abstract concept becomes concrete when you see what smart contracts actually do, because they are the engine behind nearly every crypto application beyond simple payments.

Decentralized finance, or DeFi, is where smart contracts found their fullest expression. Decentralized exchanges like Uniswap run entirely on smart contracts, handling the pools of capital that enable trading and settling trades automatically through code rather than through a traditional order book or a company. 

Lending protocols like Aave use smart contracts to let people borrow against crypto collateral with no manual approval and no loan officer, with the contract automatically enforcing the loan terms, holding the collateral, and liquidating it if the borrower’s position falls below the required threshold. Stablecoins rely on smart contracts to manage the issuance and redemption of tokens and to maintain their peg. In each case, the smart contract replaces the bank, the broker, or the clearinghouse, performing the function that an institution would traditionally perform, but doing it automatically through code that anyone can inspect.

Beyond DeFi, smart contracts power much of the rest of crypto. Every NFT, a token representing ownership of a unique digital item, is governed by a smart contract that defines the token, tracks who owns it, and handles transfers when it is bought or sold on a marketplace. Tokens of all kinds, the thousands of assets that run on networks like Ethereum, are themselves smart contracts that define the token’s supply and rules. 

Decentralized applications, or dApps, are built from smart contracts that provide their backend logic, enabling everything from games to social platforms to run without a central server. Decentralized autonomous organizations use smart contracts to manage shared funds and to execute the outcomes of member votes automatically. The common thread is that wherever crypto replaces a trusted intermediary, a bank, an exchange, a registrar, a voting authority, with automatic, transparent code, a smart contract is doing the work. They are the building blocks from which the entire programmable-money ecosystem is constructed, which is why understanding them illuminates so much of crypto at once.

The advantages: why smart contracts matter

The reasons smart contracts have become foundational come down to a set of real advantages over the traditional way agreements are made and enforced.

The first advantage is the removal of intermediaries. Traditional agreements often require trusted third parties, banks to hold and transfer money, brokers to execute trades, lawyers and courts to enforce terms, and each intermediary adds cost, delay, and the need to trust that party. A smart contract performs the enforcement itself, automatically and without a middleman, which can make transactions faster and cheaper and removes the dependence on any single trusted party. 

The second advantage is transparency and verifiability: a smart contract’s code is visible on the blockchain, so anyone can inspect exactly what it will do, and its execution is verifiable, so anyone can confirm it did what it was supposed to, which is a level of openness traditional agreements rarely offer. You do not have to trust a promise; you can read the code that will keep it.

The third advantage is automation and reliability. A smart contract executes exactly as written, every time, without the delays, errors, or discretion of human processing, which means an agreement encoded in a smart contract carries itself out the moment its conditions are met, with no waiting and no possibility of a party simply refusing to perform. 

This combination, no intermediary, full transparency, and automatic reliable execution, is what makes smart contracts powerful, because it lets people transact and cooperate without needing to trust each other or any central authority, relying instead on code that anyone can verify and that runs itself. For the first time, agreements can enforce themselves across a global network with no one in charge, and that capability is the foundation on which the entire world of decentralized applications is built. The advantages are real and significant, and they explain why smart contracts moved from a theoretical idea to the engine of an industry.

The risks: why “code is law” cuts both ways

Here is where honesty matters most, because the same properties that make smart contracts powerful make them truly dangerous, and anyone using them needs to understand the risks as clearly as the benefits.

The central risk follows directly from a central strength: smart contracts are immutable and self-executing, which means that if the code contains a bug or a vulnerability, that flaw executes automatically too, and there is often no way to stop it or reverse the damage. A traditional contract with a mistake can be renegotiated, and a fraudulent transaction at a bank can sometimes be reversed, but a smart contract does exactly what its code says, and if its code says to send all the funds to an attacker who found a loophole, it sends all the funds, irreversibly. 

The history of crypto is full of expensive examples: hundreds of millions of dollars have been lost to smart-contract bugs and exploits, where attackers found flaws in the code and the contracts dutifully executed the attackers’ will because that is what the code, as written, permitted. The phrase “code is law” captures this: the code is the final authority, and it will enforce whatever it actually says, not what its creators meant it to say.

Several specific risks flow from this. Smart-contract bugs are flaws in the code that attackers can exploit, and because the code cannot easily be changed after deployment, these flaws can be catastrophic and permanent. Bad inputs and faulty external data are another danger, since many contracts rely on outside information delivered by oracles, and if that data is wrong or manipulated, the contract executes on false premises, which can trigger cascading liquidations or other harm. 

Complexity compounds the problem, because the more a contract does, the more places a flaw can hide, and the harder it is to verify that the code is safe. And scams exploit the trust people place in code, with malicious contracts written to look legitimate while containing hidden behavior that drains the funds of anyone who interacts with them. The lesson is not that smart contracts are bad, but that “trustless” does not mean “riskless”: you no longer have to trust a person, but you do have to trust that the code is correct, and code written by humans contains human errors. Auditing, caution, and using well-tested, battle-hardened contracts instead of unknown ones are the practical defenses, but the underlying truth remains that a smart contract will do precisely what it is written to do, and getting that writing exactly right is hard.

The limitations worth knowing

Beyond the risks, smart contracts have inherent limitations that shape what they can and cannot do, and understanding these prevents overestimating them.

A smart contract can only see and act on information that exists on its own blockchain. It cannot natively know anything about the outside world, a price, a weather reading, the result of an event, because it is sealed inside the blockchain, which is why oracles exist to feed external data in, and that dependence on oracles is itself a source of risk and limitation. 

A smart contract also cannot reach out and act in the physical world; it can move digital assets and update digital records, but it cannot make a physical delivery or enforce a real-world outcome on its own. And a smart contract is only as good as its code: it has no judgment, no ability to interpret intent, and no capacity to handle situations its programmers did not anticipate, so it executes the letter of its code with no understanding of the spirit behind it, which is why an unforeseen edge case can produce an outcome no one wanted.

These limitations matter because they define the boundary between what smart contracts are genuinely good for and where they fall short. They excel at automating clear, well-defined, on-chain agreements where the conditions and outcomes can be precisely specified in code, which is why they work so well for financial applications like trading, lending, and token transfers. 

They struggle with anything requiring judgment, interpretation, real-world enforcement, or reliable outside information, because those need capabilities a self-contained piece of code does not have. Understanding the limitations keeps the technology in perspective: a smart contract is a powerful tool for automating precise digital agreements without a middleman, not a magical replacement for all human agreements, and its strengths and weaknesses both flow from the same root, that it is rigid, automatic code running on a sealed, decentralized network. Knowing where that root helps and where it hinders is the difference between using smart contracts well and expecting more from them than they can deliver.

The code that changed crypto

A smart contract is, in the end, a simple idea with profound consequences: a small program that lives on a blockchain and runs itself when its conditions are met, enforcing an agreement automatically with no person, company, or court required. The vending machine captures the intuition, money in, product out, no cashier, and the blockchain scales that intuition up to handle money, ownership, and complex agreements across a global network that no one controls. From this single concept flows nearly everything in crypto beyond simple payments: the decentralized exchanges, the lending protocols, the stablecoins, the NFTs, the tokens, the decentralized applications, all of them built from smart contracts doing automatically what institutions used to do.

The power and the peril come from the same source. Because a smart contract executes exactly as written, automatically and irreversibly, it can replace trusted intermediaries with verifiable code, which is the breakthrough that made decentralized finance and the rest of the ecosystem possible. But that same rigidity means a flaw in the code executes just as faithfully as a feature, with no one to stop it and no way to reverse it, which is why hundreds of millions have been lost to bugs and exploits and why “code is law” is a warning as much as a promise. Smart contracts removed the need to trust people and replaced it with the need to trust code, and code, written by humans, is only as good as the humans who wrote it. 

Understanding that tradeoff, the extraordinary power of self-executing agreements and the real danger of their unforgiving precision, is understanding the invention that turned blockchains from simple ledgers into the programmable foundation of an entire industry. The contract is not smart, and it is barely a contract, but it changed what money and agreements could be.

Frequently Asked Questions

This guide is educational information, not financial or technical advice. Interacting with smart contracts carries real risk; use well-tested, audited contracts and never commit more than you can afford to lose.