The U.S. Commodity Futures Trading Commission (CFTC)’s fintech innovation hub LabCFTC has issued a Primer on Smart Contracts, according to an official announcement Nov. 27.

The primer is LabCFTC’s second fintech-educational publication, the first being its October 2017 primer on virtual currencies. As outlined by the lab’s director Daniel Gorfine, the new primer engages with blockchain-enabled smart contract technology, which he notes “[Is] being used to drive further automation in our markets and may have an impact across a range of economic activities.”

LabCFTC’s primer opens with a definition of smart contracts as “a set of coded computer functions” that allow “self-executing computer code to take actions at specified times and/or based on reference to the occurrence or non-occurrence of an action or event.”

It sets out to explore a range of their potential applications, from rudimentary looped code for vending machine dispensal to more complex instances such as self-executing insurance and settlement of credit default swaps.

While recognizing the far-reaching potential benefits of using smart contracts — which include enhanced market efficiency, secure identity verification, automated trade execution, and prompt regulatory reporting — the primer outlines several risks and challenges for regulators to tackle.

These are deemed to include the introduction of “operational, technical and cybersecurity” risks, as well as of fraud and manipulation. The CFTC argues that measures must be taken to mitigate their potential use for the unlawful circumvention of rules, and that liability mechanisms and good governance standards are required to properly attribute accountability and tackle dispute resolution in the case of misconduct or functional error.

The primer also outlines the remit of the CFTC’s oversight, highlighting areas where CFTC-regulated entities may have use for smart contracts, particularly in the financial sector. Many discussions of smart contracts, the document suggests, “use derivatives as examples,” as these “may be readily digitized and coded.” A smart contract may automate the fulfilment of a range of existing contracts such as forward, futures, options and swaps, it notes.

The lab also tackles smart contracts’ interaction with legal frameworks, emphasizing that “existing law and regulation apply equally regardless what form a contract takes.” Contracts or their constituent parts, whether or not they are written in code, remain subject to “otherwise applicable law and regulation.”

As reported, an arresting example of technical risk was raised this October by a group of analysts from Northeastern University and the University of Maryland. Their research argued that most Ethereum (ETH)-based smart contracts are “direct- or near-copies of other contracts,” carrying the risk that a copied smart contract contains a vulnerable or a buggy code, which is then duplicated across the ecosystem.