Setting default blessings involves mutating both the blessings store and the blessings roots which means that a failed attempt to modify one or the other can lead to inconsistent state - see lib/security.SetDefaultBlessings for example.
The APIs should be reworked to allow for rolling back changes to one if the change to the other fails.