Kik’s announcements yesterday (here and here, for example) to fork the Stellar blockchain and develop a “fee-free blockchain” of their own invoked the question — is this even possible? Does it make sense? Can a fee-free blockchain be kept secure? What about spam?

Kik’s intent is very simple. Just as it subsidises all its users’ operations over the Kik app, it wants to subsidise its users’ transactions over the blockchain. Basically, Kik is adopting the general policy of “subsidising all users’ activity” in the messenger app to the blockchain. Such attempts are very likely by any big app that aims at making micro-payments a common service that users follow regularly, like sending a message or a photo over to a friend.

Kik planned to do this over Ethereum but found a surprisingly tricky fee mechanism. A transaction fee doesn’t seem to be determined according to the value transferred or in accordance with processing costs, but rather with supply and demand. When the “transaction demand” is high, fees go up; and when the “block gas supply” is high, fees go down. This resulted in unpredictability regarding the accumulated fees Kik would have to pay by the end of the month. Kik’s verdict — the fee structure is business infeasible for their use-case.

Moving to Stellar, the situation seemed better, but there was still a significant vulnerability — a classic Sybil attack. The attack would work as follows. Transacting in the Stellar blockchain requires a minimal amount of XLM in the sending account. Kik, following its subsidising policy, would thus fund a small amount of XLM in each of its users’ wallets (a user accesses his wallet seamlessly from the Kik app, potentially not even aware the app is communicating with the Stellar blockchain). An abuser could then easily open many fictive Kik users, getting a small amount of XLM in each. Kik would have no simple means to distinguish abusers from real users. This was a death blow for the Stellar model for Kik.

And so, Kik, for lack of choice, decided to build its own fee-free blockchain, which seems like the only valid decision they could make.

So let’s try to understand — why are we paying fees in Bitcoin in the first place? Can we avoid them with a different blockchain design?

The answer to the first question is quite clear — any platform that operates transactions and executes code has costs. Users pay fees in order to cover these costs. The catch is that in PoW-based blockchains, these costs are significantly governed by security costs rather than the cost of the actual resources (such as storage, compute and bandwidth) needed in order to process transactions. Put differently, users pay a significant fee in order to enjoy the security offered by PoW and the decentralization it enables. Just to be clear, in the “reward era” of PoW blockchains these fees come (mostly) in the form of inflation tax that miners collect (the core role of transaction fees is to incentivize miners to include transactions in blocks), while in the “post-reward era” transaction fees will have to do the work (check out this paper or this one to gain some insight as to the “post-reward era” in Bitcoin).

From a competitive standpoint, Bitcoin is not very attractive relative to centralized platforms that process transactions for much smaller fees. In these services, the core part of the fee serves as an insurance, which enables the companies managing these platforms have their users file complaints and get back stolen money. Today, there is no platform for transferring money that has no extra costs over the bare operational costs. With plain data such as text or photos this problem has been solved — the costs for sending a photo over the Internet has become negligible, enabling free-to-the-user data transfer services.

What the crypto space (or at least a part of it) is trying to do is develop “cheap” consensus, where the operational costs reduce while the network is kept usable and trusted by the users. The famous Proof-of-Stake paradigm falls under this category, trying to preserve the same amount of security as PoW, while reducing security costs.

A prominent approach for “cheap” blockchains rely on communication-based classic consensus protocols that have been developed in the distributed systems community for years. These protocols have been formally proven both safe (no forks are ever possible, not even temporary ones) and live (the chain keeps growing as long as messages are transferred as expected). These protocols have two main “catches” though. First, they take place among a given set of identified entities, and second they require a strict bound on the amount of Byzantine nodes, i.e., the amount of nodes that don’t behave as they are instructed by the protocol.

If we believe “a given set of identified entities” can be decentralized enough and if we can assume the bound on Byzantine nodes holds, we can solve our “cheap” blockchain challenge. Maybe the system doesn’t have to be theoretically open (today, Bitcoin and Ethereum can’t claim to be practically open systems — becoming a profitable miner is an extremely complicated and expensive task). And maybe if the entities running the network are sufficiently diverse and frequently changed, then we still have a decentralized system. To assure the desired bound on the Byzantine nodes holds, we can include stake, slashing conditions and other incentivization techniques so that attacks feel as ridiculous and uneconomical as in PoW circumstances.

To conclude, in the current state of Bitcoin, Ethereum and other PoW-based blockchains, fees are not paid to secure the network, inflation tax does that. Fees are paid in order to incentivize miners to include transactions in blocks. In the “post-reward era”, fees will have to cover security costs (as well as operational costs). The question of a feasible fee-free blockchain boils down to the possibility of a blockchain that is governed by a non-resource-wasteful consensus protocol such as PBFT. Some people claim such solutions are already possible (e.g., utilizing Tendermint as the consensus layer of a DPoS architecture, or a reliable implementation of Algorand), others claim these are very far away and potentially inherently impossible or contradict real decentralization (check out this work, for example). It remains an open question and up for the general public to decide as these solutions come to maturity.

As a side note, we in Orbs generally believe that “cheap” consensus is possible (you can read the white paper for our Helix consensus here). We are not sure about PoS though. PoS-based chains give the political power of the system to the major currency holders (early investors, etc.). They will drive the system according to their interests, which are probably to increase the value of their tokens. This is not necessarily what’s best for the users. PoW-based chains, on the other hand, give much of the power to the miners — this was seen in SegWit, where Bitmain opposed the soft fork because of internal financial interests (as was claimed by Greg Maxwell and others, check out this blog post) and were able to delay the proposal significantly. Indeed, the users were able to activate SegWit and proved to be a significant political power in the Bitcoin ecosystem. It is clear now that miners’ interests are not aligned with those of the users, which is a very unhealthy property of the system.

We believe it makes more sense to put the political power in the hands of app developers that run their apps on top of the blockchain. They have a clear incentive to process transactions and keep the operation costs to a bare minimum while not sacrificing security. They probably best represent the users, which we cannot expect to be active and aware of economical/technical issues as the space scales to mass consumption (as Bitcoin users today are).