New research by researchers at ZkseCurity, ProofLab and Imperial College London shows that Ethereum’s roll-up networks are incorrectly incorrect in small transactions, creating a variety of risks, ranging from user costs to denial of service attacks.
A survey titled “Unorganized Incentives: Pricing Attacks on Blockchain Rollups” was posted on Sunday, detailing how different rollups can perform, data availability, and proof costs. We concluded that the current pricing mechanism is too easy to balance fairness, security and ease of use.
Rollup is a Layer 2 network that batches transactions, solving them into Layer 1 blockchains such as Bitcoin, Ethereum, Solana, and more, reducing costs and increasing capacity. Rollups are central to Ethereum’s scaling roadmap, relying on these systems to handle large numbers of transactions, but base chain throughput remains limited.
To operate, the rollup must be paid for three different resources. The first is the calculation, the cost of performing transactions within a batch. The second is to enable data availability, the cost of redirecting transactional data back to the blockchain, allowing it to be verified. The third is the gas costs of batch payment and certification verification.
Although these three costs vary independently, this study shows that most rollups are not explained separately. Instead, they often collapse them into a single formula or apply fixed rules.
The design, according to researchers, means that small transfers can be priced incorrectly. Users who make low-value payments will pay more than they need, but attackers can take advantage of low-value transactions and send large amounts of spam at almost cost.
The author benchmarked five major rollups: polygon Zkevm, Zksync era, scrolls, optimism and arbitrum, and found a major difference in how the rates are set. Some networks will correct the fees when the transaction is submitted, others will wait for the batch to be sealed, and there will be a refund for the issue if the actual costs go below the expected price.
These mechanisms may seem technical, but they create opportunities for exploitation. For example, a refund system can play the game by attackers who submit a large number of transactions. You can then regain some of your fees while consuming network resources.
“A rustic pricing model creates exploitable seams,” the authors warn and warn that flat or static pricing curves are particularly vulnerable.
Beyond user complaints, they argue that these weaknesses create systematic risk. Mispricing allows attackers to choke networks, slow performance, or increase costs for honest users, if they can subsidize small transactions. The problem lies in the choice of economic design that forms an incentive, not the failed code.
This study highlights the importance of these issues as the Ethereum roll-up ecosystem grows. Today’s rollups secure tens of billions of dollars of assets and make them a high value target.
“It is no longer safe to ignore these incentive gaps,” the author writes.
As a mitigation, the paper seeks a “multidimensional” pricing mechanism that separately prices calculations, data submissions, and proofs. Adjusting the price to use the actual resource makes the system more resistant to spam, while providing users with more predictable costs.
Tools like dynamic adjustments, partial batches, and cost components disclosures all help to address the issue. Some roll-up teams have already experimented with adaptive fee curves and real-time modeling, but research has pointed out that standards have not yet been established.
The findings arise when Ethereum is working on a roadmap built around proof of zero knowledge and roll-up-centered scaling. A zero-knowledge virtual machine, or ZKVM, promises stronger validation of transactions, but also introduces proof costs that can surge depending on demand and available hardware. Models that do not explain the variation say they run the risk of breaking under stress.
For users, exchanges, and wallets, it means inconsistent fees and degraded services. For developers and investors, the research message is to go beyond headline throughput or nominal low rates and look at how those rates are calculated.
“Incentives are security,” the author argued, urging the Ethereum community to deal with transaction pricing as part of a consensus design rather than an afterthought.
