TECHNOLOGIES

Smart Contract

Code that runs on a blockchain, executes deterministically, and cannot be changed once deployed (unless you designed it to be).

Last reviewed: 2026-05-24 byKevin Riedl wiki β†—

A smart contract is a program deployed to a blockchain. Once deployed, its bytecode is immutable, its state is publicly readable, and its execution is governed by consensus rules that nobody can override. That permanence is the feature and the risk: a bug in production is a bug forever, unless you built upgrade machinery in (which itself is a vulnerability surface).

Most production smart-contract systems are not a single contract but a set of them: a proxy for upgradeability, an implementation contract for the logic, often an access-control contract for governance. The pattern is familiar to anyone who has built versioned APIs; the cost of getting it wrong is higher.

Wavect writes smart contracts in Solidity (EVM chains) and Rust (Solana, Near, ICP). For any contract holding non-trivial value we recommend a third-party audit before mainnet deployment. We have shipped audited contracts to production; the audit cost is usually 1 to 2 weeks of the build budget.

// FAQ

FAQs

FAQs

For any contract holding non-trivial value: yes. The audit cost is usually 1 to 2 weeks of the build budget. Skipping it is one of the cheapest ways to lose all of the value the contract is holding. Insurance and bug bounties are complements, not substitutes.
Solidity for EVM chains (Ethereum, Polygon, Arbitrum, Optimism, Base). Rust for Solana, Near, and ICP. The choice is downstream of which chain matches your use case; the language is a constraint, not a preference.
Proxy pattern with a timelock and a multisig on the admin keys. Immediate upgrade authority is a single point of failure; no upgrade path leaves you stuck with the first bug. The middle ground (timelocked upgrades, transparent to users) is what most production systems converge on.