There exists an unintentional and uncoordinated version of this attack which is inevitable due to its decentralized nature. Suppose that a small portion of users (e.g., 5%) are rational enough to pay less fee by waiting whenever their transactions are not an emergency. For instance, a wallet client has a built-in feature that asks how much the user is willing to wait if the base fee is currently declining. The simple strategy here is to wait as long as the mempool is considerably less than (e.g., half) the target size full. This gives a somewhat reliable prediction that the current block will not be full enough, and the base fee will decrease. Otherwise, the client will broadcast the transaction. This optimization is simple enough to be implemented and is very likely to be used by some people shortly after EIP-1559. However, this will result in the same result as mentioned before, which is the base fee will converge to zero over time. The intuition behind this is that even though users act uncoordinated, their incentives are well aligned to not broadcast transactions whenever blocks are less-than-target full. Therefore, their collective behavior mimics that of an attacker in the previous version. For a thorough simulation, see here.
This does not follow. I agree that block size volatility will make the fee lower than it otherwise would have been, but decreasing the fee brings in increased demand, until the fee reaches an equilibrium where the greater demand compensates for the distortion. The fee should never just keep decreasing until zero (unless there really is no demand even at extremely low gasprices).
Let me rephrase my point more eloquently:
“Assume that the cumulative deviation of the sum of gas cost from the target gas cost times the number of blocks is bounded (has a finite upper bound which can be arbitrary large enough). Then, gas price converges to zero unless the gas used in each block converges to the constant function equal to the target gas (which will never happen in reality).”
In other words, your point is valid but shows that we should constantly and unboundedly overuse the blockchain more than the target gas to keep the gas price at around the same level. This violates the purpose and use of the word “target” in the first place!
Right, I agree that because of this issue it’s possible that long-run average usage will exceed the target by a couple percent. I’d support replacing the formula with an exponential curve (or at least a degree-2 Taylor approximation thereof) to cut that down to <0.1%, though that can be done in some future fork.
This suggestion has theoretical guarantees that this problem will never happen, and a simple trick provides a neat equivalence to an AMM model for gas pricing. If you are interested, I can elaborate more on the mathematical details of this alternate way of thinking about it as a dynamic pricing mechanism by constant product market makers.
This suggestion has theoretical guarantees that this problem will never happen, and a simple trick provides a neat equivalence to an AMM model for gas pricing.
Consider a hypothetical automated market maker as a protocol-level price oracle for the trading pair GAS/ETH whose reserve of gas and ether after the n-th trade are g_n and f_n \times g_n, respectively. Moreover, let g_{n+1} = g_n + M/2 - w_n, that is, g += excess. It can be proved that the limit of f_n as the initial reserve g_0 goes to infinity is given by:
the Almgren-Chriss additive formula in the case of constant sum market maker,
and your proposed exponential formula in the case of constant product market maker.
This observation immediately implies that both of these update rules (and any other one based on another constant function market maker) are path-independent. Ironically, this is exactly why we have arrived at these formulas in the first place when attempting to solve a simple instance of path dependence attacks.
Apparently, they both have names in the economy. The version derived from the constant sum market makers is called the Almgren-Chriss model which I have mentioned two years ago. Also, your exponential formula has a name and is called the Bertsimas-Lo model, however, with a major difference explained and discussed in here.
