The Ethereum Foundation says a half-dozen security issues will challenge the future of its ecosystem, including aspects of its user experience and its social layer.

“A significant burden of security” falls on users of the Ethereum network, the foundation said in its overview report on security issues.

The foundation highlighted issues such as seed phrase storage, blind signing, and compromised web interfaces as the most common problems as users struggle with secure key management, understanding transactions, and avoiding scams.

“UX security and safety was the top issue identified through feedback and consultation with the ecosystem,” it said. “These issues affect users of all kinds, ranging from individuals to large enterprises. While many other areas of Ethereum’s technology stack are immensely secure, today user experience is the weakest link.

“Many users are not equipped to safely manage cryptographic keys,” it said.

This story is an excerpt from the Unchained Daily newsletter.

The foundation also identified issues such as smart contract security, infrastructure and cloud security, consensus protocol, monitoring and incident response, and risk mitigation efforts and governance.

The foundation’s report additionally drew attention to the community’s concerns about centralization, including stake centralization and offchain asset centralization. 

“Centralization of large amounts of stake can pose risks to Ethereum as a whole if the entities controlling that stake decide to collude,” it said. “This economic centralization creates the potential for social governance capture.”

The report follows last month’s announcement of a security upgrade named the Trillion Dollar Security Initiative, which saw it appoint foundation management team member Josh Stark and protocol security research lead Fredrik Svantes as co-chairs.