Exploring the proposer/collator split

One potential issue is that, since ε_n may be negative (a proposer may subsidise a proposal), it is possible for a proposer to censor transactions on a shard for arbitrary lengths of time.

I am not convinced that this is an issue. Consider that in the current system, it is possible to simply send 8 million gas transactions with a high gasprice, which seems like it would have a similar effect.

The non-full shard

Agree that in these cases state is not required for self-proposals.

for example, using the order in which transactions appeared in the shard’s transaction pool.

This is actually an interesting hidden insight: you can use nodes in the network to filter out non-fee-paying transactions for you for free, and use this as a source of transaction data. Though this technique is likely to be quite imperfect.

In Phase 1 sharding, there is no concept of a “spam” or invalid transaction

To clarify, there is never a concept of an invalid transaction at the collation finalization layer.

This model degenerates either to there being only one super-efficient (or malicious) proposer per shard

Not necessarily. I would argue that if there is only one proposer, then that proposer gets the incentive to start rent-seeking (increasing \epsilon), and that by itself creates the incentive for more proposers to undercut. It seems like the Nash equilibrium is that there is always some nonzero probability for the dominant proposer to lose any particular bidding round, which means multiple proposers. Also, there is the possibility of proposers that represent specific applications, as well as the possibility of proposers that acquire specialized domain knowledge about fee payment in specific applications (eg. accepting fees in E-DOGE).

It’s additionally worth pointing out that if the dominant proposer tries censoring, then that by itself confers an economic advantage to all of the other proposers.

I would be interested to hear what you think about the proposal/notarization separation model that I outline in the newer post I linked (A general framework of overhead and finality time in sharding, and a proposal).

Couldn’t censoring by proposers be much more subtle and efficient than this rather blunt instrument? For example, a proposer could easily hold a business to ransom by selectively filtering transactions to its contracts. The proposer needn’t even lose out on Tx fees if there are alternative Txs it could include instead (to address the later point). DoS attacks are a thing, and it would be a shame to make it easy. The company’s defence is to spin up its own subsidised proposer to rescue its Txs, or tell its users to use higher fees, and escalate from there… Anyway, it seems undesirable.

Which means that, in this stateless client regime, self-proposals become the dominant strategy. QED.

Yep, will be taking a look at it.

As you say this is flawed, it leads to a tragedy of the commons by exploiting the use of a resource at no internalized cost, but the externalized cost is nevertheless pushed onto the commons. EIP-908: Reward clients for a sustainable network

Reading the Truebit white paper I see parallels in this statement:

As an example of the second type, consider a situation where the Solver deposit is small (say 10 ETH) but the expected jackpot payout per task is high (say 1000 ETH). An individual playing both the role of the Solver and Verifier could offer a bogus solution and then challenge his own answer, hypothetically netting, on average, 1000 − 10 = 990 ETH without providing any useful service. Such an action would degrade other Verifiers’ incentive to participate.