This paper identifies the potentially critical legal and technical aspects of smart contracts, i.e. software programs used to articulate, verify and execute an agreement between parties on a DLT. It is a first step towards developing guidelines, derived from best practices, on the use of smart contracts for the provision of banking, financial and insurance services.
Following an analysis of the main characteristics of blockchain technology, we put forth a methodological approach for the acquisition of the data necessary to describe and analyse platforms based on that technology. We then examine the components of smart contracts, analysing and comparing account-based and token-based models. Finally, we propose a taxonomy of the fundamental characteristics of smart contracts, an in-depth examination of the challenges that developers face in building secure and reliable decentralised applications, and a classification of the possible vulnerabilities that can affect smart contracts.