Smart contract best practices
Here are some general best practices that you should follow when developing smart contracts with Plutus.
Knowing the objective of your smart contract
Know exactly what your smart contract should do and test it to ensure that it fulfills the expected objective.
Check if previous, similar contracts exist
Does a contract that does the same thing already exist? If so, what is different about your smart contract?
Choose a clear and meaningful name for your smart contract. Keep it short and simple, and try to use the name to convey what the contract does.
Peer review of code
The benefits of code review are well known; reviewed code leads to consistency across the project, defect-free, and code optimized for performance. The knowledge of the code is shared among developers, reducing maintenance time and cost in the future. For smart contracts, correctness is absolutely crucial.
Testing on a testnet
You should always test your smart contracts on a testnet environment before running them on the mainnet. Write as many test scenarios as you can and run several iterations of your tests. To set up an Alonzo testnet see script examples here.
Documenting test cases
Keep a list of the test cases that you run so that you have them for reference and verification purposes.
Consider Formal Verification
The subject of formal verification is too large to adequately cover here. You can assume that your code will run in a hostile environment where highly skilled, well-resourced, and unscrupulous actors will be waiting to pounce on any vulnerability.