Smart contracts enable autonomous decentralized organizations (DAOs) in large, trustless and open trading networks by specifying conditions for automated transactions of cryptographically secured data. This data could represent cryptocurrencies but also sensor data or commands to Cyber-Physical Systems (CPS) connected to the Internet. To provide reliability, the contract code is enforced by consensus and the transactions it triggers are non-revertible, even if they were not intended by the programmer, which could lead to dangerous system behavior. In this paper, we conduct a survey over existing smart contract platforms and languages to determine requirements for the design of a safer contract language. Subsequently we propose concepts that enhance the understanding of code by limiting confusing lan- guage constructs, such as nesting, arbitrary naming of operations, and unreadable hash identifiers. This enables human reasoning about the contract semantics on a much higher abstraction layer, because a common understanding can be derived from the language specification itself. We implement these concepts in a new domain specific language called SmaCoNat to illustrate the feasibility and show that our concepts are barely covered by existing languages but significantly enhance readability and safety without violating deterministic parsability.