Transaction quality trilemma

This is more of a quick speculative post, just thinking out loud. This trilemma is all about transaction quality — spam mitigation, censorship resistance and low fees. You can only have two. Web2 gives up censorship resistance, Bitcoin & Ethereum give up low fees, while Polygon PoS or Solana accept a lot of spam/bot transactions.

PS: Yes, you should read “Spam” as “Spam Mitigation”, but I like seeing “Spam” at the top!

It leads to a poor UX either way. If transaction fees are high, then the quality of transactions are also very high — no one’s going to spam a network with junk transactions. But no one likes high transaction fees. Once you have very low fees, let’s say $0.00-$0.01, your network is vulnerable to DDoS attacks and spam bloat. The former can cause instability and in an extreme scenario even crash the network entirely — like we saw with Solana recently. With the latter, worthless state bloat becomes socialized — a highly unsustainable and undesirable outcome. [Addendum: While state expiry may fix long-term bloat, it’ll still be an issue in the short to medium term.]

What happens when you are beyond limit (CPU, disk, network etc.)? The obvious answer is to have a fee market. But you could also not have one and let surplus transactions time out. But this is terrible UX, as in most cases it’s the bots that’ll win, with humans having a much lower probability of getting transactions accepted. There’s very little opportunity cost for bots to flood the network. Indeed, we have seen this be the case with some recent Solana & Cardano NFT drops. So, a fee market is essential — but if there’s not enough demand and fees are still too low, we’ll still see spam and bots infest the network. The best solution, then, seems to be to actually just increase fees and create a higher transaction fee floor to weed out some of the less desirable spam. This is the route Polygon PoS has opted for, setting the gas price floor to 30 gwei — 30 times higher than before. Given the options — I agree that this is the best solution, overall. Here, we have given up some of the low fees to gain back spam mitigation. [Addendum: EIP-1559-like mechanisms mitigate instantaneous DDoS & spam attacks, but they do not address persistent spam. Optimism & Arbitrum both have 1559-like mechanisms. Speaking of…]

However, things get very interesting when we add rollups to the mix — which is what I’m interested in anyway. You can actually have very low fees, no spam, but the trade-off is you give up some censorship resistance.

Take Immutable X, for example. It has literally $0.00 gas fees, thanks to a clever fee model where transaction fees are subsidized by trading fees on the platform. When highly active, Immutable X has had batches with cost of Ethereum settlement as low as $0.002. Whether this subsidy is sustainable remains to be seen, but either way, Immutable X is always going to have very low fees. So, how can Immutable X mitigate spam & DDoS? Just borrow some tricks from the Web2 world and simply reject transactions that have a high probability of being spam. Now, I don’t know what methods Immutable X uses, but the point is — you can certainly use some of the same techniques.

Is this censorship? Yes, it is, but there’s a catch here: you can always exit with your funds from Ethereum if you’re unsatisfied with the experience, and due to competitive pressures, the rollups/volitions will be well incentivized to only reject the worst offenders heuristically. So, it’s more of a weak censorship than web2-like censorship.

Unfortunately, this is probably not going to work for decentralized sequencers — which is where most rollups are headed — so the trilemma remains intact. But it’s interesting to see that there’s half-solution to the problem by just having a centralized sequencer. After all, if ultra-low fees are the top priority, a centralized sequencer may make a lot of sense for certain applications and users. Remember, even with a centralized sequencer you inherit the base layer’s security — and a censorship resistant exit mechanism is possible as mentioned above. There can be an improvement to this by having federated sequencers — so a smaller group of sequencers geographically distributed that enforce the same spam mitigation rules. This makes the setup significantly more resilient. [Addendum: this may also be possible with specific decentralized sequencer systems, but haven’t thought about the details yet.] As for a full solution — I don’t know if there’s one, but I won’t be shocked if the wizard rollup teams figure something out!

I’m going to keep this short — there are lots of other nuances that I’ll skip, such as bandwidth-based systems with zero fees, or zero fees but mitigation by proxy (e.g. dYdX, minimum order) etc.

PS: Some more thoughts on this, I believe recursive rollups or L3s can be the solution: polynya on Twitter: “The Polygon PoS & Solana situations are more interesting data points in the transaction quality trilemma discussion. By optimizing for low fees & censorship resistance, they suffer from spam and very low-quality transactions." / Twitter