What blockchain are smart contracts on?

Smart contracts were pioneered on Ethereum and it remains the most widely used platform for them. However, many other blockchains now support smart contracts, including Arbitrum, Optimism, Base, Polygon, Solana, Avalanche, and BNB Chain. Each of these networks has its own trade-offs in terms of transaction speed, cost, and security. Most DeFi lending protocols like Aave v3 deploy across multiple chains.

Can smart contracts be changed after deployment?

Standard smart contracts are immutable — once deployed to the blockchain, their code cannot be altered. This immutability is actually a feature, because it means the rules cannot be changed arbitrarily. However, many DeFi protocols use upgradeable smart contract patterns (like proxy contracts) that allow the protocol's governance to update the logic while keeping the same address. This creates a trade-off between flexibility and the guarantee of unchanging rules.

Are smart contracts secure?

Smart contracts are as secure as their code. Well-written, thoroughly audited contracts from established protocols have strong security track records. However, smart contracts can contain bugs or vulnerabilities, and several major exploits have occurred in DeFi history. Security audits, formal verification, bug bounty programs, and time-tested deployment all contribute to smart contract security, but no system is 100% risk-free.

How do smart contracts relate to DeFi lending?

Smart contracts are the core technology that makes DeFi lending possible. They manage every aspect of the lending process: accepting collateral deposits, issuing loans, calculating and accruing interest in real time, monitoring collateral values, and executing liquidations when necessary. All of this happens automatically, without any human intervention, which is why DeFi lending can operate 24/7 and serve anyone with a crypto wallet.

What Is a Smart Contract?

Learn what smart contracts are, how they work on blockchain networks, and why they are the foundation of DeFi applications like lending protocols and decentralized exchanges.

What Is a Smart Contract?

A smart contract is a self-executing program stored on a blockchain that automatically carries out the terms of an agreement when predefined conditions are met. Once deployed, it runs exactly as programmed — no intermediary, no discretion, no business hours.

The concept was first described by computer scientist Nick Szabo in 1994, but smart contracts only became practical with the launch of Ethereum in 2015. Ethereum was specifically designed to support arbitrary programmable logic on the blockchain, making it the first platform where developers could build complex applications — not just transfer currency.

Today, smart contracts are the foundation of the entire decentralized finance ecosystem. Every DeFi lending protocol, decentralized exchange, yield optimizer, and stablecoin system runs on smart contracts.

How Smart Contracts Work

The Basic Mechanism

A smart contract works in a straightforward sequence:

A developer writes the contract code. This code defines the rules, conditions, and actions of the contract. For example: "If address A deposits 1 ETH and address B deposits 3,000 USDC, swap the assets between them."
The contract is deployed to the blockchain. Once deployed, the contract gets its own address on the blockchain, just like a user wallet. The code becomes part of the permanent blockchain record.
Users interact with the contract. Anyone can send transactions to the contract address. These transactions trigger specific functions defined in the code.
The contract executes automatically. When the conditions coded into the contract are satisfied, it performs the specified actions. This execution is carried out by every node on the network, ensuring consensus on the outcome.
The result is recorded on the blockchain. The output of the contract execution — token transfers, state changes, or any other effects — is permanently recorded on the blockchain.

A Concrete Example

Consider a simple escrow smart contract:

Alice wants to buy a digital asset from Bob for 1 ETH.
They use a smart contract that holds Alice's 1 ETH.
When Bob transfers the digital asset to the contract, the contract automatically sends the 1 ETH to Bob and the asset to Alice.
If Bob does not deliver within the agreed timeframe, the contract returns the 1 ETH to Alice.

No escrow agent, no legal paperwork, no trust required — just code executing predictably on the blockchain.

Smart Contracts in DeFi

Smart contracts are not just a component of decentralized finance — they are its entire infrastructure. Every DeFi application is a collection of smart contracts working together.

Lending and Borrowing

In DeFi lending protocols like Aave v3 and Morpho Blue, smart contracts handle:

Deposit management: Accepting and tracking lender deposits, issuing receipt tokens that represent the lender's share of the pool.
Loan origination: Verifying that a borrower has sufficient collateral, then disbursing the requested loan amount.
Interest calculation: Continuously computing interest based on the pool's utilization rate, updating balances for both lenders and borrowers.
Collateral monitoring: Checking collateral values against oracle price feeds to determine if any positions have become undercollateralized.
Liquidation execution: Automatically allowing liquidators to repay undercollateralized loans and claim collateral at a discount, protecting lenders from losses.

All of this happens automatically, 24 hours a day, 7 days a week. When you use an aggregator like Borrow by Sats Terminal to take out a Bitcoin-backed loan, you are interacting with these smart contracts through a simplified interface.

Decentralized Exchanges

On a decentralized exchange, smart contracts manage liquidity pools, calculate exchange rates using mathematical formulas, execute swaps, and distribute fees to liquidity providers — all without a central operator.

Stablecoin Systems

Algorithmic and crypto-collateralized stablecoins rely on smart contracts to maintain their peg to a target value. DAI, for example, is issued by smart contracts that accept crypto collateral and maintain system-wide collateralization ratios.

Programming Languages for Smart Contracts

Solidity

Solidity is the most widely used smart contract language, designed specifically for Ethereum and compatible blockchains (including all EVM-compatible chains like Arbitrum, Optimism, Base, and Polygon). Its syntax is similar to JavaScript, making it accessible to web developers. The vast majority of DeFi protocols — including Aave, Morpho Blue, Compound, and Uniswap — are written in Solidity.

Vyper

Vyper is an alternative language for EVM-compatible blockchains. It prioritizes simplicity and security over flexibility, intentionally omitting features like inheritance and operator overloading that can introduce subtle bugs. Curve Finance is a notable DeFi protocol that uses Vyper extensively.

Other Languages

Rust is used for smart contracts on Solana (via the Anchor framework) and for Cosmos-based chains (via CosmWasm). Move is used on Aptos and Sui. Each language reflects the design philosophy of its target blockchain.

Key Properties of Smart Contracts

Immutability

Once a smart contract is deployed to the blockchain, its code generally cannot be changed. This is a powerful guarantee: users can verify exactly what the contract will do, and no one — not even the original developer — can alter the rules after the fact.

However, this immutability also means that bugs cannot be simply patched. If a vulnerability is discovered in an immutable contract, the only option may be to deploy a new contract and migrate users to it.

Determinism

Given the same inputs and the same state, a smart contract will always produce the same output. This determinism is essential because thousands of nodes must independently execute the contract and agree on the result. If execution were non-deterministic, the network could not reach consensus.

Transparency

Smart contract code on public blockchains is visible to anyone. Major protocols publish their source code on GitHub, and verified contracts on block explorers like Etherscan allow anyone to read the code and understand exactly how the protocol works. This transparency enables community auditing and builds trust.

Composability

Smart contracts can call other smart contracts, enabling complex applications to be built by combining simpler building blocks. A single transaction might interact with a lending protocol, a DEX, and an oracle contract in sequence. This composability is one of DeFi's most powerful features and is often described as "money Legos."

Smart Contract Security

Why Security Matters

Smart contracts often control millions or billions of dollars in user funds. A single vulnerability can lead to catastrophic losses. The history of DeFi includes several high-profile exploits where attackers drained hundreds of millions of dollars from vulnerable contracts.

Security Measures

The DeFi industry has developed several layers of defense:

Code audits: Independent security firms review smart contract code line by line to identify vulnerabilities. Major protocols typically undergo multiple audits from different firms before launching.
Formal verification: Mathematical proofs that the contract code behaves exactly as intended under all possible conditions. This is more rigorous than auditing but also more time-consuming and expensive.
Bug bounty programs: Protocols offer financial rewards to researchers who discover and responsibly report vulnerabilities. Some bounties reach into the millions of dollars for critical findings.
Time and battle-testing: The longer a contract has been live and handling significant value without incident, the more confidence users can have in its security. This is sometimes called the "Lindy effect."
Timelocks and governance: Many protocols require a waiting period between when a change is proposed and when it takes effect, giving users time to review and exit if they disagree.

Smart Contract Audits

Smart contract audits are professional reviews conducted by specialized security firms. Auditors analyze the code for common vulnerability patterns, logic errors, access control issues, and potential attack vectors. While an audit significantly reduces risk, it is not a guarantee of security — auditors may miss novel attack vectors, and the protocol's security also depends on external factors like oracle reliability and governance decisions.

Upgradeable Smart Contracts

While the base property of smart contracts is immutability, the DeFi industry has developed patterns that allow contract logic to be updated:

Proxy Patterns

The most common approach uses a proxy contract that delegates calls to an implementation contract. When an upgrade is needed, a new implementation contract is deployed, and the proxy is pointed to it. The proxy's address — and therefore all user interactions and stored data — remains the same.

Trade-offs

Upgradeability introduces a trust assumption: users must trust that whoever controls the upgrade mechanism (usually a governance process or a multisig wallet) will not deploy malicious code. Protocols manage this through:

Decentralized governance: Token holders vote on upgrades.
Timelocks: Upgrades are delayed, giving users time to exit.
Multisig requirements: Multiple parties must approve an upgrade.

Some protocols, like Uniswap v2, have chosen to deploy immutable contracts with no upgrade capability, accepting the limitation in exchange for stronger trust guarantees.

Smart Contracts and the User Experience

For most DeFi users, smart contracts work behind the scenes. When you visit a platform like Borrow by Sats Terminal and deposit Bitcoin as collateral to borrow stablecoins, you interact through a web interface that translates your actions into smart contract calls. Your wallet prompts you to approve each transaction, showing you exactly what the contract will do before you confirm.

Understanding that smart contracts power these interactions helps you:

Evaluate risk by checking whether the underlying contracts have been audited
Understand gas fees — each smart contract interaction costs a transaction fee paid to network validators
Recognize the importance of approving transactions carefully and understanding what permissions you are granting

Smart contracts are the engine of decentralized finance. They make it possible to lend, borrow, trade, and earn without intermediaries — and understanding how they work gives you a better foundation for navigating the DeFi ecosystem safely and effectively.

Common Questions

A smart contract is a program stored on a blockchain that runs automatically when certain conditions are met. Think of it like a vending machine: you put in the right inputs (money and a selection), and the machine automatically delivers the output (your snack) without needing a cashier. Similarly, a smart contract automatically executes agreed-upon actions — like transferring funds or issuing a loan — without needing a middleman.

What Is Decentralized Finance (DeFi)?

Learn what decentralized finance (DeFi) is, how it works, and why it matters. Understand the core concepts of DeFi including smart contracts, blockchain, and permissionless financial services.

DeFi Basics

What Are DeFi Lending Protocols?

Understand how DeFi lending protocols work, including how interest rates are set, how collateral is managed, and which protocols are most widely used for crypto-backed borrowing.

Crypto Borrowing

How Does Crypto Borrowing Work?

A complete guide to how crypto borrowing works — from depositing collateral to repaying loans — covering DeFi protocols, CeFi lenders, and key concepts every borrower needs to know.

Crypto Borrowing

What Are the Risks of Borrowing Against Bitcoin?

Understand the key risks of borrowing against Bitcoin, including liquidation risk, smart contract vulnerabilities, market volatility, and how to mitigate them.