Trillion Dollar Security Phase 2: Boosting Ethereum Wallet Safety & User Experience

Source: Trillion Dollar Security - Phase 2

The Ethereum Foundation is moving forward with the next phase of its Trillion Dollar Security effort. After surveying the community, they’ve identified user experience (UX) security issues as the most urgent priority for both individuals and institutions using Ethereum and its ecosystem.

Focus Area 1: Establishing a Minimum Security Standard for Wallets

Wallets are the frontline of Ethereum security. Without safe key management, secure transaction signing, and reliable app interactions, users remain vulnerable. To address this, the Foundation proposes creating a minimum security standard for Ethereum wallets designed to:

• Ensure transparent transactions
• Provide interfaces resistant to compromise
• Support user privacy
• Define behavioural standards for signature approvals, key handling, and frontend verification

Inspired by the success of L2BEAT’s work on layer 2 transparency, this standard aims to guide users toward wallets that meet high security requirements and encourage wallet developers to prioritize key safety features.

The Foundation is collaborating closely with Walletbeat, an organization aligned with this goal, to help develop, measure, and promote the standard in the coming months.

Focus Area 2: Combating Blind Signing with Improved Transaction Transparency

Blind signing-when users approve transactions without knowing the full impact-is a major UX risk. To reduce this, the Foundation aims to:

• Improve transaction decoding so wallets show clear, human-readable descriptions instead of raw code. For example, “Sending 1,000 ABC tokens to 0x123” vs. a hexadecimal string.
• Promote resources like VERA, an open-source database with over 8 million contract signatures, to enable wallets to decode transactions better.
• Explore R&D on standards requiring applications to add clarity code to smart contracts, revisiting older proposals like ERC 4430, EIP 7730, and EIP 719.
• Enhance wallets’ ability to simulate transaction outcomes on Ethereum’s current state, helping users see precise effects before signing.
• Develop tools to assess contract trustworthiness, pushing more wallets to adopt these features.
• Investigate potential in-protocol improvements for optional transaction assertions and additional security layers.

Focus Area 3: Helping Developers Avoid Deploying Vulnerable Code

Preventing vulnerable smart contracts benefits the entire ecosystem. The Foundation plans to:

• Create an open-source database of known vulnerabilities accessible to IDEs and developer tools.
• Encourage tooling that scans contracts pre-deployment to catch security issues early.
• Invite auditors, white hats, and incentive platforms to contribute findings and data.
• Support efforts to build practical prevention solutions based on this database.

Call for Community Input

The Foundation is seeking help to build wallets tailored for audience segments often overlooked:

• Ultra-simple wallets for non-technical users with features like easy friend and business payments (avoiding direct public keys), simple swaps, and wallet recovery options.
• Enterprise-grade wallets addressing concerns around privacy, censorship resistance, and compliant key management.

If you have innovative ideas or want to contribute, reach out via trilliondollarsecurity@ethereum.org

This phase blends short-term, high-impact projects with long-term R&D. As these efforts progress, the team will expand focus to other security domains within Ethereum’s vast ecosystem.