38 structural questions across 8 opportunity areas

Users must buy and transfer ETH before they can do almost anything. This multi-step onramp process creates a massive barrier for newcomers. Sponsoring initial transactions through paymasters is the most promising path forward.

The entire space is filled with unexplained technical terms. Worse, fundamental concepts lack consistent naming: "seed phrase," "mnemonic," "secret key," "recovery phrase," and "secret recovery phrase" all refer to the same thing. No industry glossary standard exists.

BIP-39 defines wordlists in several languages, yet virtually no wallet implements them. Over 75% of crypto users are non-native English speakers, leaving them to memorize words in a foreign language.

Fiat onramps inside wallets rely on third-party providers that largely cater to Western banking systems. Users in emerging markets or highly regulated jurisdictions frequently face KYC rejection and unsupported local currencies.

A new user installs a wallet out of curiosity with no funds, no tokens, nothing at stake. Yet many wallets immediately present a 12-word recovery phrase and block all access until it is written down. This kills the moment of curiosity and trains users to dismiss security prompts later.

Users are prompted to approve transactions without a clear, human-readable summary. This is the leading enabler of phishing attacks. Clear signing could prevent wallet drainer losses ($84M in 2025, down from $494M in 2024).

Users are constantly prompted with pop-ups asking them to "sign." The volume leads to rubber-stamping, creating massive security risks. Learned behavior is the primary reason phishing succeeds on experienced users.

Before users can swap or interact with most dapps, they must first "approve" the token in a separate transaction. This is where most first-time users abandon their first DeFi interaction — they assume the dapp is broken.

Users can't easily find, review, or revoke existing token approvals from within their wallet. Stale unlimited approvals are ticking time bombs — exploited contracts months later drain funds from forgotten approvals.

When a user needs to sign multiple messages in a row, the wallet shows no context about how many signatures are needed. Without context, users can't distinguish legitimate multi-step requests from phishing inserted between steps.

Wallets apply identical red warnings to all unlimited token approvals regardless of context. Users stop reading alerts entirely after repeated false alarms — truly dangerous approvals are treated identically to routine ones.

70% of onboarded wallet users never complete a bridge transaction. Users who bridge incorrectly can lose funds permanently with no recourse. Bridging between chains is expensive for small amounts, slow, and anxiety-inducing.

Smart contract accounts are deployed per chain, risking different addresses on different L2s. Funds sent to an Ethereum address on a new L2 may be unreachable — irreversible and deeply frustrating with no standard recovery mechanism.

Tokens scattered across chains create artificial friction. $100 spread across 5 chains can't meet DeFi minimum amounts. Users can't participate in opportunities on the "wrong" chain.

Users must manually switch networks to see their full balances. "I find myself mostly sticking to 2-3 chains max. Every time I try to spread out more, tracking everything becomes a nightmare."

When a wallet is connected to chain A and the user wants chain B, they must manually switch. Users don't understand why their transaction "didn't work." Funds sent on the wrong network require recovery steps.

Sophisticated phishing attacks and address poisoning cause thousands of victims monthly. Each major scam event suppresses adoption across the entire ecosystem — media narratives after high-profile thefts erode public trust broadly.

Addresses are cryptic hexadecimal strings. Clipboard hijack malware swaps addresses silently. Sending to wrong address is the #1 fear preventing mainstream users from sending transactions, and there is no recourse — no undo, no customer support.

Users are solely responsible for securing a private key or seed phrase that controls all their assets. Lose it and everything is gone. Get phished and everything is gone. This single point of failure is the primary reason mainstream users stay on centralized exchanges.

Users are airdropped random junk tokens and NFTs. Interacting with malicious tokens can trigger approval phishing. Token names containing URLs are social engineering at scale.

On mobile, tapping a dapp link opens the default browser, not the wallet. The user must copy the URL, switch to the wallet app, paste it into the in-app browser, and reconnect. iOS 17+ made this worse by removing automatic redirect back to browser-based dapps.

Mobile wallet apps drop WalletConnect sessions silently. A Safari bug from iOS 15 still causes socket failures. A Chrome WebSocket change in May 2025 broke Android flows. Users tap "confirm" and nothing happens — no error, no feedback, just silence.

EIP-6963 has largely solved wallet extension conflicts on desktop. The remaining friction is on mobile, where EIP-6963 does not apply and users still face unreliable connection flows between browser and wallet apps.

Embedded and app-scoped wallets tie users to a single application. Users who switch apps start over with a new address, losing transaction history, DeFi positions, governance participation, and on-chain reputation.

The entire space is filled with unexplained technical terms. Even where localization exists, there is no shared glossary. Terms are either left in English surrounded by local-language UI, or translated inconsistently.

Users arriving from traditional finance expect bank-like concepts: accounts with balances, simple transfers, customer support. Instead they encounter gas fees, signing prompts, and token approvals. Every dapp assumes prior knowledge of both financial and blockchain mechanics.

An estimated 80% of protocols fail to meet WCAG accessibility standards. Research shows 6 out of 10 widely used wallets have no dedicated accessibility features. As digital accessibility regulation tightens globally, this is becoming a legal compliance issue.

When users get stuck, they turn to Telegram groups and Discord servers where scammers pose as helpers. There is no way for a newcomer to distinguish a real community moderator from someone trying to drain their wallet.

Most dapps run English-only. Even where localization exists, there is no shared glossary for translating crypto-specific terms. Each project invents its own translations for gas, staking, and wallet — creating inconsistencies across languages.

On Ethereum, EOAs remain the default account type. Users must manage private keys, pay gas in ETH, and approve every action individually. Without native AA, dapps must support two account models, increasing complexity.

Every transaction on Ethereum and major L2s is permanently public. Users often don't realize their complete financial activity — salary, purchases, DeFi positions — is visible to anyone who knows their address.

Gas costs have dropped dramatically — fee market averages around 3 gwei in 2025. But users still cannot predict what a transaction will cost before they commit. Fee spikes during network congestion still catch people off guard.

Some wallets force users to enter transaction amounts denominated in token (e.g., 0.0012 ETH) rather than in their local currency. Users have to mentally convert token prices before every send or swap.

Tracking a complete financial picture across multiple chains, wallets, DeFi positions, LP rewards, airdrops, and bridge transactions is still impossible in a single tool. Users who actively use DeFi face hours of manual work each tax season.

Wallets struggle to display NFTs across multiple chains. RPC endpoints go down, indexers serve stale data, and IPFS-hosted media loads slowly or not at all. The result is blank thumbnails and users who think their NFTs are gone.

There is no universal token registry. Users regularly encounter tokens that do not appear in their wallet or swap interface, forcing manual contract address imports that most newcomers will not attempt.

There is no common component library or interaction pattern library for Ethereum dapps. Every team reinvents wallet connection, transaction confirmation, error states, and gas estimation UI from scratch.

Cancelling a pending transaction requires sending a replacement with the same nonce and a higher gas fee. Most major wallets now offer speed-up and cancel buttons. On L2s, where transactions confirm in seconds, stuck transactions are rare.