This is good for bitcoin tx and p2p tx. Best practice is still on the work of smart contracts.
For a bitcoin transaction to occur, there have to be satisfied certain conditions specified in a special script. A script executes automatically once a sender of funds provides certain information. This script is no different from a smart-contract except that it is written in Turing-incomplete language that doesn't allow for loops and DDoS attacks. All transactions in bitcoin, including a multisignature one used for escrow, are therefore very robust smart-contracts albeit simple.
But if we consider about a system hacked, this lines of codes can be altered with malicious one if this codes are held in traditional hosting servers. If there will be a decentralized hosting servers, idk how it will be made, but it could be the best IMO.
It is an open-source project
https://github.com/bisq-network/bisq which means the code is available for everyone to review, share, fork, and download. It will be difficult for Bisq developers try to inject malicious code without being caught by those constantly monitoring and reviewing the changes.