The Security and User Experience Implications of EIP-1559

  • Commentary
  • June 27, 2020

Many within the Ethereum community have long been concerned about poor user experience (UX) associated with first-price auctions and a parasitic relationship between some tokens, dApps, and services and the Ethereum base layer. Currently, users engage in first-price auctions to broadcast transactions on-chain, making it challenging for users and wallets to determine the optimal gas price, and resulting in unpredictable costs and wasted gas. Meanwhile, the ability for user groups to pay transaction fees with assets other than Ether supposedly allows these groups to benefit from Ethereum without returning value to the base layer’s native asset, ETH. EIP-1559 is one attempt to address these issues and has received increased attention of late, following an in-depth analysis by Hasu, a pseudonymous blockchain researcher and Georgios Konstantopoulos, a blockchain consultant and engineer.

In its current implementation, Ethereum requires users to bid to get their transactions included in blocks; with no effective method of knowing the minimally sufficient, or optimal gas price. While this is less of a concern for businesses and infrastructure providers who can invest in the analytics tools to better predict these gas prices, it arguably undermines the UX of regular users. EIP-1559 seeks to replace the current design with a fixed base fee of burnt ETH, and an optional gas premium paid in any Ethereum-based asset that is paid to miners. Instead of the current gas limit, the new design would introduce a 10,000,000 block gas target and a 20,000,000 block gas hard limit. When the network is uncongested users would simply be required to pay this fixed, predetermined base fee, with the fee increased by ⅛ every block when gas consumption breaches 10,000,000 and the ability for users to pay gas premiums at times of sudden congestion. Aside from introducing predictability to network fees and also allowing for increased flexibility concerning block sizes, the proposal attempts to support ETH appreciation by preventing economic abstraction and introducing a deflationary pressure, via burning, to counter the network’s current inflation rate and Ethereum 2.0’s future issuance schedule. These mechanisms are principally intended to increase network security by providing a more predictable income to validators by relying almost exclusively on inflation while also supporting a higher ETH price, thereby increasing security expenditure once the network transitions to Proof of Stake.

In their analysis, the authors conclude that the proposal largely achieves its stated goals, supporting their conclusion with detailed economic modeling while also largely rejecting the notion that miners would be able to successfully coordinate in manipulating the base fee. Agreeing with the logic of EIP-1559, Hasu and Konstantopoulos state that networks that have a perpetual subsidy are more secure than those that increasingly rely on transaction fees; thereby agreeing that the proposal’s requirement for a continued block reward in perpetuity is a reasonable one. While this is certainly true for now, this assumption does not necessarily hold as networks grow and develop, since a subsidy is only stable to the extent that the native asset’s price is not volatile.

While we commend the authors for their rigorous modeling and in-depth analysis, there are multiple open questions relating to the proposal and more broadly the inherent friction between user experience and base layer security across the majority of crypto networks. Both the original proposal and the analysis implicitly assume that the proposal’s design is a net positive for UX. However, reducing user choice in paying transaction fees is a potentially fraught choice. By mandating that users pay base fees with ETH and not allowing for payment via an ERC20 or other Ethereum-based token, as is currently possible, this design requires all users or at least all service providers to hold ETH to use the network. While it is possible that users and dApp providers will be willing to absorb this cost, accepting it as required working capital, it is equally possible that it will undermine the UX of regular users. Indeed the second goal of the proposal, increasing network security, is closely tied to the UX aspect; given that compromised UX may deter network usage, in turn lessening the demand for ETH, thereby reducing ETH’s value capture and so, Ethereum’s security capital after it transitions to Proof of Stake. Ultimately such considerations are entirely speculative and cannot be accurately modeled, hence making EIP-1559 a potentially high-risk network change, regardless of the review process.

While the authors do not directly recognize the other implications of a better supported ETH price, we believe such factors have also played a role in the proposal’s development. Ethereum and indeed, most other crypto networks’ ecosystems are largely dependent on the value of their respective native assets, for funding development and infrastructure efforts. As such the fate of a protocol and a network are highly dependent on the value capture potential of said assets. To the extent that this proposal seeks to address this and other dynamics, it should be commended and offers instructive lessons for other networks, especially those still in a bootstrapping phase. However, it also raises uncomfortable questions that most crypto networks will at some point encounter.