What Is a Smart Contract? Code That Moves Money by Itself
Self-running code that holds real money, explained through a 1990s vending machine and the bug that split Ethereum in two.

TL;DR
- A smart contract is a program on a blockchain that holds funds and runs exactly as written, with nobody behind the counter.
- Nick Szabo coined the term in the mid-1990s; his original analogy was the vending machine, and it still fits.
- The DAO hack of 17 June 2016 drained roughly 3.6 million ether and split Ethereum in two.
- A contract cannot see beyond its own chain without oracles, and its bugs are permanent unless an upgrade path was built in.
- Educational guide only, not financial advice.
The theft that split Ethereum broke no rules at all, and that is the strangest thing about it. Through a Friday in June 2016, thousands of people sat refreshing block explorers, watching ether drain out of The DAO, a crowdfunded investment pot that had raised more money than any crowdfund before it. The code moving that money was the pot's own. Someone had found a way to ask it for a withdrawal that repeated itself before the balance caught up, so the fund paid, then paid again, and kept paying until roughly 3.6 million ether was gone. That was 17 June 2016, and nobody rang a fraud line, because there was no fraud line.
The DAO was a smart contract: a program that holds money and follows its own rules, with nobody behind the counter. So is the code keeping a stablecoin stuck to the dollar, and so is whatever mints an NFT. You can buy and hold coins without ever thinking about contracts. Touch anything cleverer and you are trusting one, which is why that Friday is worth more than any definition.
A vending machine, 1994
The idea is two decades older than the technology. Computer scientist Nick Szabo coined 'smart contract' in essays written between 1994 and 1996, before any blockchain existed to run one, and nearly every explainer written since has borrowed his example without crediting him. That example was a vending machine: coins in, can out, no shopkeeper. The deal enforces itself because of how the box is built, and the box does not care who you are. Szabo worked all of this out when most households were still on dial-up.
What a smart contract actually is
Deploy a program to a blockchain and it stays there, in public, for anyone to read. Give it money and the money is properly its own: no bank sits behind it, no company account feeds it, and the code alone decides when funds move. When something triggers it, it runs exactly as written.
The part that separates it from every other program you have ever used is that once live, nobody gets to quietly edit it. Ordinary software gets patched every week. Here the patch option is gone: anyone can read the deployed code, and a change happens in full view of the whole network, or never.
You could not have built The DAO on Bitcoin, which has allowed simple conditions since its 2009 launch and nothing fancier. Ethereum took the limits off when it went live on 30 July 2015: write what you like, hand it real money, set it running. The DAO arrived within a year, and it held the biggest crowdfund the world had seen.
The DAO, and what 'code is law' cost
The DAO's withdrawal function did two jobs in the wrong order, a flaw the trade calls a re-entrancy bug: it sent the ether out first and updated its ledger second. The attacker's contract lived in that gap, and each time a payout landed it asked for the next one before the books caught up, so the fund kept honouring requests against a balance it had already paid out, over and over, exactly as its own rules demanded. The bug class had even been written about publicly in the days before, and the project said funds were not at risk. Every drained coin followed the published rules, so in the strictest sense nothing was hacked. The contract was used exactly as written and nothing like as intended.
The one stroke of luck was in the plumbing: the stolen ether had landed in a holding contract that could not pay out for weeks, so the theft sat in plain sight while the community argued about what a ledger is for. Ethereum rolled the chain back and returned the funds, which rescued the backers and bruised the principle that the record is final. The minority who refused the rollback kept the original chain going as Ethereum Classic, from July 2016 to this day.
One bug, two blockchains. The clearest real-world test of 'code is law' so far, and the verdict was: sort of, until enough money is at stake.
What runs on contracts now
Most of the interesting bits of crypto, quietly. USDC has run since 2018, and under the branding it is a contract that tracks dollars and shifts balances between addresses. A decentralised exchange is a pool of funds quoting you prices by formula, no firm on the other side. NFT mints, lending pools, token sales: same shape every time, rules in code, money inside the contract, nobody behind the counter.
Gas, or what running code costs
Nothing here runs free: every operation on Ethereum consumes gas, the network's fee unit, and a heavy contract call costs more of it than a plain transfer. EIP-1559 repriced the mechanics in August 2021, introducing a base fee that gets destroyed rather than paid out. So minting and swapping cost more than sending, and busy days cost multiples of quiet ones.
The limits, stated plainly
This part matters more than the sales pitch.
A contract only knows what its chain tells it. Any outside fact, the price of a coin or the winner of an election, has to be carried in by oracles, and Chainlink is the best-known network doing the carrying. A contract fed bad data executes bad data, faithfully.
Bugs are permanent unless the developers built in an upgrade path, and an upgrade path is its own trust decision, because somebody now holds keys that can change the rules under you.
Audits reduce risk but never get it to zero, and plenty of drained contracts had been reviewed by clever people first.
Smart means automatic, not intelligent: a contract has no judgement, no discretion, and no idea what you meant.
Where you will actually meet one
Sooner than you expect: your first token swap, NFT mint or stablecoin transfer will be a contract call wearing a friendly button. None of it requires reading code, it does require ether for gas. Getting that ether is the unglamorous bit an on-ramp handles. Banxa has run this fiat-to-crypto plumbing since 2014, with 100-plus payment methods across 100-plus countries, in the markets it serves. Two timings are worth having: a card order typically completes within about 10 minutes of issuer approval, and a quoted price holds for roughly 3 minutes.
This guide is an explainer, not financial advice, and nothing in it recommends buying anything.
So one habit, before the first clever thing you try. Ask where the contract gets its facts and who can change its code, and if nobody can answer, walk. The contracts that fail usually fail on one of those two questions. The rules will be followed to the letter either way, and whether that comforts you or frightens you is the only question left.
Frequently Asked Questions
Not by default. A smart contract enforces itself by moving funds, which is not the same thing as being recognised by a court. Some legal systems are starting to catch up, but if an agreement matters offline, you still want it on paper as well as on chain.
Not quietly, and often not at all. Some teams build in upgrade paths, which lets bugs be fixed but means somebody holds keys that can rewrite the rules. Either way you are trusting something, so it pays to know which.
No. Your wallet does the talking. Every token swap, NFT mint or stablecoin transfer is a contract call dressed up in buttons. A rough idea of what happens underneath mainly helps you judge what to trust.
The DAO was a crowdfunded investment contract on Ethereum. On 17 June 2016 an attacker exploited a re-entrancy bug, requesting repeated payouts before the balance updated, and drained roughly 3.6 million ether. Ethereum rolled its chain back to undo the theft, and the group that rejected the rollback carried on as Ethereum Classic.
No. Ethereum made them general-purpose when it went live on 30 July 2015 and has the longest track record, but Solana, Cardano, Polygon and plenty of other chains run them too, each with its own languages and fee model.
It cannot fetch anything itself. A contract sees only what is already on its blockchain, so outside facts such as prices arrive through oracles, services that publish data on chain. If the feed is wrong, the contract executes the wrong thing without blinking, which is why the data source matters as much as the code.