The Ethereum Foundation’s Trillion Dollar Security Project
The Trillion Dollar Security (1TS) initiative represents a broad, collaborative push to enhance Ethereum’s overall security. This document marks the project’s inaugural output. Over the past month, we’ve collected insights from a diverse range of stakeholders—users, developers, security professionals, and institutional participants—to better understand the most pressing security challenges and areas needing attention. We’re grateful to the many individuals and organizations who contributed their perspectives.
This report consolidates what we’ve learned across six key domains:
- User Experience (UX)
Examines how users interact with Ethereum securely, including challenges around private key management, app usability, and transaction signing. - Smart Contract Security
Focuses on the integrity and safety of smart contracts, as well as the development processes that impact their reliability. - Infrastructure and Cloud Security
Covers vulnerabilities in the supporting infrastructure that Ethereum applications rely on, such as Layer 2 networks, RPC endpoints, and cloud hosting services. - Consensus Protocol Security
Reviews the foundational protocol mechanisms that protect Ethereum from manipulation or attack. - Monitoring, Incident Response, and Mitigation
Highlights difficulties in detecting and responding to breaches, including fund recovery and operational response. - Social Layer and Governance
Looks at the human and organizational systems that influence Ethereum’s direction and decision-making.
This initial publication focuses on surfacing and framing the current set of challenges. The next phase of the project will prioritize these issues, propose actionable solutions, and coordinate across the community to implement them.
