What Smart Contracts Actually Do (And What They Can't)

# What Smart Contracts Actually Do (And What They Can't)

The phrase "smart contract" does a lot of rhetorical work. It sounds like a contract — legally binding, enforced by some neutral party. But what a smart contract technically is: an autonomous program running on a deterministic virtual machine that can hold and transfer value. The "smart" part is debatable. The "contract" part is legally contested.

## The EVM and Determinism

Ethereum's *Ethereum Virtual Machine* is the runtime environment for all smart contracts. Every validator node on the network maintains an identical copy of the EVM state. When a transaction calls a contract function, every validator executes the same code against the same state and arrives at the same output. This determinism is the point — consensus requires that independent actors agree on outcomes without coordination.

*Gas* is the mechanism for metered computation. Every operation in EVM bytecode costs a specific amount of gas. Complex operations cost more; simple storage reads cost less. This prevents infinite loops (you'll run out of gas before completion) and creates a cost model for execution that users pay as transaction fees. When the network is congested, gas prices rise via a priority fee auction.

Determinism has real consequences for what contracts can do. They can't make network requests, access a reliable system clock, or generate cryptographically secure randomness from within the EVM. They can only process inputs and modify state deterministically. This isn't a bug — it's a deliberate design choice to maintain consensus across thousands of independent nodes. But it has major implications.

## What "Trustless" Actually Means — and Doesn't

"Trustless" is the word crypto uses to describe smart contracts. It's simultaneously accurate and deeply misleading.

Accurate in the limited sense: the contract executes exactly as written. No counterparty can unilaterally change the rules after deployment. If the code says you receive 100 USDC when you deposit 1 ETH into the pool, that happens automatically — no bank clerk can freeze your account mid-transaction.

Misleading in a more important sense: you're trusting the code. *Someone* wrote that code. *Someone* deployed it. It may have bugs, unintended edge cases, or deliberate backdoors. Calling the system "trustless" obscures a real transfer of trust — from human institutions with legal accountability to computer code with none.

The DAO hack in 2016 exposed this clearly. The code worked exactly as written. The problem was that the code allowed a recursive call pattern that let an attacker drain funds before the internal balance was updated. Thousands of validators faithfully executed the exploit. "Trustless" execution worked perfectly. The outcome was a catastrophic loss for users who trusted the audited code.

The "code is law" framing has cost users billions. It obscures responsibility in a way that benefits code deployers and hurts users. Code can't be law because law requires interpretation, context, and the ability to recognize when outcomes are unjust — even if they're technically correct. Code executes literally. That's a feature for efficiency and a disaster for edge cases.

## The Oracle Problem

Smart contracts are isolated from external data by design. So how does a derivatives contract settle against the real price of ETH? How does an insurance contract know if a flight was delayed?

*Oracles* bridge on-chain computation and off-chain data. Services like Chainlink maintain networks of independent nodes that source data from multiple providers, aggregate it, and post it on-chain. Uniswap v3's time-weighted average price (TWAP) is a simpler on-chain oracle for token prices, using the DEX's own trade history.

The oracle problem: every oracle introduces a new trust assumption. Chainlink has its own security model, governance, and failure modes. TWAP oracles can be manipulated during low-liquidity windows with flash loans. The contract may be trustless; the data it reads is not.

Oracle manipulation attacks have caused hundreds of millions in losses — not through smart contract bugs, but by exploiting the gap between what the oracle reports and the true market price. The attacker isn't breaking the contract; they're feeding it a lie that the contract faithfully executes.

## What Comes Next

Understanding these fundamentals — determinism, gas, the oracle problem, and the limits of "trustless" — is the foundation for understanding everything else in DeFi. Automated market makers, lending protocols, yield aggregators: they all run on this substrate. And they all inherit its strengths and its constraints.

The next chapter deals with AMMs — which solved one of the hardest problems in DeFi by ignoring the order book model entirely.

What Smart Contracts Actually Do (And What They Can't)

// COMMENTS

ON THIS PAGE