Corporate

Smart Contracts and Turkish Law: A Practical Guide for Foreign Businesses

18 September 202413 min read
Reviewed by Lexin Legal · Updated 14 June 2026

Yes, a smart contract can be legally binding in Türkiye. Turkish law treats it as an ordinary contract expressed in code, so the usual rules on form, consent, and evidence decide whether it holds up. Two things change the picture in 2026: mandatory form requirements still apply to certain deals, and a new crypto-asset regime now regulates many on-chain arrangements connected to Türkiye. This guide explains how foreign businesses can use smart contracts here while staying enforceable and compliant.

What Is a Smart Contract?

A smart contract is a piece of software, usually deployed on a blockchain, that automatically performs predefined actions when agreed conditions are met. A classic example is an escrow arrangement: once payment is confirmed on-chain, the code releases an asset or token to the buyer without a bank, agent, or court verifying the step manually.

It helps to separate two ideas that marketing language often blurs:

  • The legal agreement — the meeting of minds between the parties on price, obligations, and remedies.
  • The executing code — the automated mechanism that carries out part (or all) of that agreement.

Under Turkish law, a smart contract is not a special category of contract. It is simply one possible form in which a contract is expressed and performed. The familiar rules of the Turkish Code of Obligations (TBK, Law No. 6098) still decide whether a valid, binding agreement exists, whether the terms sit in a Word document or in Solidity code. Getting that legal layer right is what our work on drafting and reviewing commercial contracts is built around.

Are Smart Contracts Legally Binding in Türkiye?

In principle, yes. Turkish contract law follows the principle of freedom of form: unless a statute requires a specific form, a contract is validly formed by the parties' mutual and corresponding declarations of intent. A contract can therefore be concluded electronically, including through code that records offer and acceptance.

The law: A contract is formed once the parties express their intentions in a mutual and corresponding way (TBK art. 1). Its validity does not depend on any particular form unless a statute says otherwise (TBK art. 12, freedom of form / şekil serbestisi).

However, two qualifications matter for foreign businesses:

  • Mandatory form requirements survive. Some transactions must be in writing or completed before an official — for example, the sale of real estate (handled at the Land Registry) or certain company share transfers. A blockchain entry does not replace these formalities. A smart contract purporting to transfer Turkish real estate would not, by itself, transfer title.
  • Capacity and consent rules still apply. Mistake, fraud, and duress (TBK arts. 30-39) can void or annul an agreement even if the code executed flawlessly. Code that runs correctly is not the same as consent that is legally valid.
Tip: The blockchain proves what the code did. It does not prove that the underlying agreement was lawful, fairly negotiated, or free of defects in consent. Those questions stay with the Turkish courts under ordinary contract principles, so keep a clean written agreement behind every on-chain mechanism.

Form Requirements: What Code Can and Cannot Do

The single most important question for any Türkiye-connected smart contract is the form requirement of the underlying transaction. Turkish law sorts contracts into three broad groups, and code can only carry the first one on its own.

Form categoryExamplesCan code alone do it?
Free formMost commercial supply, service, licensing, and distribution dealsYes — on-chain execution is generally acceptable.
Written formCertain guarantee and assignment arrangements; some commercial undertakingsOnly with a qualified electronic signature or a separately signed master agreement. A raw wallet key is not enough.
Official formReal estate transfers; LLC (limited şirket) share transfersNo — a notarial or registry step is required and cannot be replaced by code.

Two practical points foreign businesses often get wrong:

  • Sureties and guarantees. Many guarantee contracts (teminat sözleşmeleri) — a personal surety (kefalet) is the clearest case — cannot be cured by an electronic signature at all. They need a written or notarial form with strict content requirements, so a smart contract cannot substitute for them.
  • Company share transfers differ by company type. A limited liability company (limited şirket) share transfer requires a notarised written transfer agreement plus registration (TTK art. 595) — code cannot replace the notarial step. In a joint-stock company (anonim şirket), registered shares generally pass by endorsement and delivery, which leaves more room for digital workflows but still depends on proper corporate records. If you are setting up a Turkish company with on-chain mechanics in mind, design the share structure around these rules from the start.

Electronic Signatures and the Written-Form Trap

Where a contract must be in written form, Turkish law recognises the secure (qualified) electronic signature as equivalent to a handwritten signature. A qualified electronic signature issued by an accredited Turkish certification service provider (ESHS) has the same legal effect as a wet-ink signature.

The law: A secure electronic signature produces all the legal consequences of a handwritten signature (TBK art. 15). It has the same legal effect and the same evidentiary value as a wet-ink signature (Electronic Signature Law No. 5070, art. 5). The same law expressly excludes official-form transactions and certain guarantee contracts from e-signature altogether.

This is where many cross-border smart-contract designs run into difficulty. A cryptographic key controlling a blockchain wallet is not automatically a secure electronic signature under Law No. 5070, because that status requires a qualified certificate from an accredited provider, not just a private key. So a transaction signed only with a wallet key may be perfectly valid for a free-form contract, yet fall short where the law demands written form — and may not be capable of meeting it at all where the law excludes e-signature (for example, a surety that needs notarial form).

Tip: Map each transaction to its form category before you rely on on-chain execution alone. For free-form deals, code is fine. For written-form deals, pair the smart contract with a qualified e-signature or a signed master agreement. For official-form deals, plan the notarial or registry step from day one.

When Does the Crypto-Asset Law Apply to Your Smart Contract?

This is the part of the picture that changed most recently, and it now sits at the centre of many smart-contract projects. Until 2024, crypto activity in Türkiye lived in a largely unregulated space. That is no longer true.

The law: Law No. 7518 (published in the Official Gazette on 2 July 2024) amended the Capital Markets Law No. 6362 to define crypto assets as intangible assets created through distributed-ledger technology and to place crypto-asset service providers (CASPs) under the licensing and supervision of the Capital Markets Board (SPK/CMB). The SPK issued implementing communiqués (III-35/B.1 and III-35/B.2) in March 2025 to detail the licensing and operating regime.

Why this matters for a smart contract: your arrangement is no longer judged only as a contract. If it involves issuing, trading, transferring, or custodying crypto assets with a connection to Türkiye, it may amount to a regulated crypto-asset activity that needs an SPK licence and triggers ongoing supervision. The article's own classic examples — a token sale, an on-chain escrow, an automated payment platform — are exactly the kind of activity this regime can capture.

Three layers to check before you deploy:

  • Licensing (SPK). Acting as a crypto-asset platform, custodian, or service provider for Turkish users generally requires authorisation. Running such a service without a licence is a serious regulatory risk.
  • Anti-money-laundering (MASAK). Crypto-asset service providers are obliged entities under Türkiye's AML framework, with customer-identification (KYC) and reporting duties. The crypto Travel Rule — requiring originator and beneficiary information to travel with transfers — applies to in-scope providers.
  • Perimeter questions. Pure peer-to-peer code, or a contract that merely uses a token as a payment rail without offering a regulated service, may sit outside the licensing perimeter. The line is fact-specific and worth getting checked early.
Watch the perimeter: A Türkiye-connected token sale or crypto-escrow that looked merely innovative a few years ago can now be a licensable activity. Confirm your regulatory status before you market to Turkish users or move client funds on-chain — not after.

DAOs, DeFi, and the Grey Areas

Foreign founders frequently ask where decentralised structures stand. The honest answer in 2026 is: at the edges of the framework.

  • DAOs. Turkish law does not yet give a decentralised autonomous organisation its own legal personality or a bespoke definition. A DAO with members or operations connected to Türkiye is usually analysed through existing categories — an ordinary partnership, a company, or a contractual arrangement — each with different liability and tax consequences. There is no "DAO wrapper" recognised by statute.
  • DeFi protocols. Genuinely autonomous, non-custodial protocols can fall outside the crypto-asset licensing perimeter, but the moment an identifiable operator offers a service to Turkish users, the analysis shifts toward regulation. Labels like "decentralised" do not decide the question; function and control do.
  • Tax treatment. The tax treatment of token issuances, on-chain transfers, and crypto gains is still developing in Türkiye. Stamp duty, income, and corporate-tax questions can all arise. Treat tax as a live issue and seek specialist tax advice rather than assuming a transfer is tax-neutral because it happened on-chain.
Tip: If your project relies on being "outside the rules", that is the project most in need of a written legal opinion. The grey areas are exactly where a careful structure protects you.

Evidence: Proving a Smart Contract in Turkish Courts

A common myth is that blockchain records are automatically conclusive. The Turkish position is more nuanced, and in one respect stronger than people expect.

The law: The Code of Civil Procedure (HMK, Law No. 6100) expressly treats data in an electronic environment as a document (HMK art. 199). Data created with a secure electronic signature carries the force of a deed (senet) (HMK art. 205/2). A plain blockchain log without a secure e-signature is admissible documentary evidence whose weight the judge assesses, not a self-proving deed.

So the strength of your on-chain evidence depends on how it was signed. A record bound to a secure electronic signature can reach deed-grade force; a bare wallet-key transaction is strong corroboration of timing and content, but the judge still weighs it alongside the rest of the file.

Practical consequences for foreign parties:

  • Keep the human-readable agreement that the code is meant to perform. If a dispute reaches an Istanbul court, the judge will want to read terms in language, not bytecode.
  • Preserve transaction hashes, wallet addresses, and timestamps, and be ready to explain them through an expert report (bilirkişi).
  • Address the language issue early — foreign-language records typically need a sworn Turkish translation for use in court.

For transactions with a foreign element, the applicable law and competent court are governed by the International Private and Procedural Law (MÖHUK, Law No. 5718). Parties can usually choose the governing law of a commercial contract, but that choice should be set out clearly in the off-chain agreement, not assumed from the location of a server or node.

Personal Data on the Blockchain (KVKK)

Immutability is the headline feature of a blockchain — and the source of a real tension with data-protection law. Türkiye's Personal Data Protection Law (KVKK, Law No. 6698) gives individuals rights including the deletion of their personal data in defined circumstances. A chain that cannot be altered cannot easily honour a deletion request.

For a foreign business, the practical takeaways are:

  • Avoid writing personal data directly on-chain. Store it off-chain and keep only references, hashes, or pseudonymous identifiers on the ledger where possible.
  • Map your data flows against KVKK before launch, including any transfer of personal data abroad, which has its own rules.
  • Treat "the data is on a public chain forever" as a compliance problem to design around, not a neutral technical fact.

Commercial and Corporate Use Cases

For companies operating in Türkiye, the Turkish Commercial Code (TTK, Law No. 6102) is the backdrop for merchant transactions, and it already accommodates electronic records and registered electronic mail (KEP) for certain notices. Smart contracts can add real value in commercial settings such as:

  • Automated payments and milestones in supply or construction frameworks, reducing collection risk.
  • Escrow and conditional release in M&A earn-outs or token sales, where funds move only when verifiable conditions occur. In cross-border deals this can intersect with merger-control thresholds for foreign acquirers, which must be cleared independently of any on-chain mechanism.
  • Royalty and revenue splits that distribute incoming payments automatically among shareholders or licensors.

Even here, governance questions stay firmly in the realm of conventional law. Board authority, signing powers, and corporate approvals for a Turkish company are determined by the TTK and the articles of association — not by who holds a wallet key. A smart contract executed without proper corporate authority can expose the company and its directors to liability. Foreign acquirers structuring deals should align on-chain mechanics with their corporate and M&A documentation, and confirm signing powers before any company funds move.

Risks, Bugs, and the "Code Is Law" Problem

The slogan "code is law" is misleading in a Turkish-law context. If a smart contract contains a bug and transfers the wrong amount, or an exploit drains funds, the on-chain result is not the final word. Turkish law continues to recognise claims for unjust enrichment (TBK arts. 77-82), defective performance, and tortious liability (TBK arts. 49 et seq.). A party harmed by a coding error or a hack may still pursue restitution or damages through the courts — and where it comes to enforcing payment or recovering funds, an enforceable off-chain agreement is what gives you a route through the Turkish system.

Watch the deadline: Unjust-enrichment claims (sebepsiz zenginleşme) are time-barred. Under TBK art. 82, the claim must be brought within two years of learning of the enrichment, and in any event within ten years of when it arose. A "you can still sue after a hack" reassurance only helps if you act inside these windows.

This creates a tension every foreign business should plan for:

  • Immutability vs. correction. Once deployed, code may be hard to change, but the legal relationship can still be corrected or unwound by agreement or by a court.
  • Allocation of bug and oracle risk. An oracle is the off-chain data feed a smart contract relies on (a price, a delivery confirmation, an exchange rate). Oracles can fail or be manipulated, so the off-chain agreement should state who bears the consequences of code failure, oracle error, or third-party attack.
  • Dispute resolution. Specify a forum — Turkish courts or arbitration — and a governing law, so that "the chain decided" never becomes an excuse to avoid accountability.
Tip: A well-drafted smart-contract arrangement is really two documents working together — clean, audited code and a clear written agreement that governs what happens when the code and the parties' true intentions diverge.

A Worked Example: On-Chain Escrow for a Turkish Supplier

Imagine a foreign software company that wants to pay a Turkish supplier through an on-chain escrow: funds lock in a smart contract and release automatically when delivery is confirmed. What does a careful structure look like?

  • The agreement layer. A written supply contract in English, governing law and jurisdiction chosen under MÖHUK 5718, setting price, delivery criteria, and who bears the risk if the escrow code or its oracle misfires.
  • The form check. A straightforward supply deal is usually free-form, so on-chain execution is acceptable — but confirm no guarantee or security element pulls it into written or official form.
  • The regulatory check. If the escrow holds a crypto asset rather than fiat, ask whether the arrangement amounts to a regulated crypto-asset service or custody activity under Law No. 7518, and whether MASAK obligations apply.
  • The evidence layer. Preserve transaction hashes and, where written form matters, anchor the agreement with a secure e-signature so the record can carry deed-grade weight under HMK art. 205/2.

The point of the example is simple: the code handles the mechanics, but a Turkish lawyer should sit across the contract, form, regulatory, and evidence layers before any money moves.

Practical Steps for Foreign Businesses

Before deploying a smart contract that touches Türkiye, foreign investors and companies should:

  1. Identify the form requirement for each transaction (free, written, or official form) and design accordingly.
  2. Check the crypto-asset perimeter: does the arrangement amount to a regulated activity needing an SPK licence and MASAK compliance under Law No. 7518?
  3. Keep a governing human-readable contract in English with a clear governing-law and jurisdiction clause under MÖHUK 5718.
  4. Use qualified electronic signatures where written form is mandatory — and recognise where e-signature is excluded entirely.
  5. Confirm corporate authority and signing powers under the TTK before any company funds move on-chain.
  6. Have the code independently audited and define who bears bug, oracle, and exploit risk.
  7. Keep personal data off-chain to manage KVKK obligations, and preserve transaction data and translations for potential evidentiary use under HMK 6100.

If you are structuring a token sale, an escrow mechanism, or an automated payment framework connected to Türkiye, our team can review both the legal and the technical alignment. Contact Lexin Legal to discuss your project with English-speaking Turkish lawyers.

Frequently asked questions

Is a smart contract a legally valid contract in Türkiye?

It can be. Turkish law follows freedom of form (TBK art. 12), so an agreement expressed and executed through code is generally valid for transactions that do not require a special form. Real estate transfers, limited liability company share transfers, and other formal transactions still require notarial or registry formalities that code cannot replace.

Does a blockchain signature count as a legal signature in Türkiye?

Not automatically. A private-key signature on a blockchain is not the same as a secure electronic signature under Law No. 5070, which requires a qualified certificate from an accredited Turkish provider. Where written form is mandatory, you need a qualified electronic signature or a separately signed master agreement. Some transactions, such as certain guarantees and official-form deals, are excluded from e-signature altogether.

Do I need an SPK licence for my token sale or crypto project in Türkiye?

You may. Since Law No. 7518 amended the Capital Markets Law No. 6362 in 2024, crypto-asset service providers connected to Türkiye fall under the licensing and supervision of the Capital Markets Board (SPK), with anti-money-laundering duties owed to MASAK. Whether your specific token sale, escrow, or platform needs a licence is fact-specific, so confirm your regulatory status before marketing to Turkish users.

Can a smart contract be challenged in a Turkish court?

Yes. Even if the code executes perfectly, the underlying agreement can be challenged for mistake, fraud, duress, lack of corporate authority, or other defects under the Turkish Code of Obligations. Courts can also award restitution or damages where a bug or exploit causes loss, although unjust-enrichment claims are subject to time limits under TBK art. 82.

Which law governs a cross-border smart contract connected to Türkiye?

For contracts with a foreign element, the International Private and Procedural Law (MÖHUK, Law No. 5718) determines the applicable law and competent court. Parties can usually choose the governing law of a commercial contract, but that choice should be stated clearly in the off-chain written agreement, not assumed from the location of a server or node.

Are blockchain records accepted as evidence in Turkish litigation?

Yes. Electronic data is expressly a document under HMK art. 199, and data created with a secure electronic signature carries the force of a deed under HMK art. 205/2. A plain blockchain log without a secure e-signature is still admissible, but the judge assesses its weight, so the human-readable agreement and an expert report usually matter.

Need a lawyer for this?We handle corporate & m&a for foreigners, end to end, in English, on a fixed fee.
Corporate & M&A

Related articles

Mandatory Lawyer Rule for Joint-Stock CompaniesCorporate Authorship Rights in TurkeyMerger Control Thresholds for Foreign Acquirers
Let's begin

Speak to a Turkish lawyer who speaks your language.

Tell us your commercial, corporate or personal matter and get a clear, fixed-fee answer from a real Turkish lawyer — usually within one business day.

★★★★★ 4.9 from 60 Google reviews · Recognised on Mondaq, Clutch & Trustpilot
Book a consultation WhatsApp us or email info@lexinlegal.com
WhatsApp us
A real lawyer replies — usually within a day
WhatsAppEmailBook a consultation