Bundlers operate at a loss. The current pay-per-UserOperation model fails to cover the real cost of computation and inclusion, forcing bundlers to subsidize transactions or censor them.
smart-contract-auditing-and-best-practices
Blog
Why Bundler Incentives Are Broken in EIP-4337
A first-principles analysis of the flawed economic model for EIP-4337 bundlers. They shoulder transaction risk and infrastructure costs for non-guaranteed, minimal fees, creating a market failure that inevitably leads to centralization and threatens the security of account abstraction.
introduction
THE MISALIGNMENT
Introduction
EIP-4337's bundler incentive model is structurally flawed, creating a system where security and profitability are at odds.
Profit requires centralization. The only viable bundler strategy is to run a private mempool, like JiffyScan or Stackup, to capture MEV and cross-subsidize operations, defeating the permissionless intent of Account Abstraction.
The fee market is broken. Unlike Ethereum's base layer, there is no priority fee mechanism for UserOperations, creating a first-price auction that is inefficient and vulnerable to spam.
Evidence: Major infrastructure providers like Alchemy and Biconomy subsidize bundling services, treating them as a loss leader for their broader platform, which is not a sustainable ecosystem model.
key-insights
THE INCENTIVE MISMATCH
Executive Summary
EIP-4337's paymaster-centric model creates a systemic vulnerability where bundler incentives are misaligned with network security and user experience.
01
The Free Rider Problem
Bundlers earn fees from UserOperations, but the protocol's most critical security feature—paymaster staking—pays zero rewards. This creates a classic public goods failure where no rational actor is incentivized to stake and validate paymasters, leaving the network exposed to insolvent or malicious actors.
- Key Consequence: Paymaster validation is optional, not enforced.
- Systemic Risk: A single unvalidated, malicious paymaster can drain all sponsored user funds.
$0
Staking Reward
100%
Optional Validation
02
The Miner Extractable Value (MEV) Vortex
Without a native block-building market, bundlers are forced to become searchers to capture profit. This merges execution and block production, centralizing power and creating toxic MEV loops that harm users.
- Centralization Force: Profitable bundling requires sophisticated MEV extraction, raising barriers to entry.
- User Impact: Transaction ordering becomes adversarial, leading to front-running and worse prices versus systems like UniswapX or CowSwap.
~90%
MEV-Dependent Profit
High
Entry Barrier
03
The Latency-Cost Death Spiral
Bundlers optimize for batch size over speed, creating a poor UX. They wait to aggregate transactions, increasing latency, because their per-op fee is fixed and does not reward faster inclusion.
- UX Trade-off: Users face 5-30 second delays for marginal cost savings.
- Market Failure: No mechanism to bid for priority, unlike base layer EIP-1559. This makes 4337 wallets non-competitive for time-sensitive DeFi actions.
5-30s
Added Latency
Fixed
Fee Model
04
Solution: Separated Proposer-Builder (PBS)
The fix is to decouple block building from execution, importing Ethereum's PBS model. Let specialized builders compete on inclusion, while proposer/validators (staking paymasters) earn rewards for security. This aligns incentives with Ethereum's core design.
- Key Benefit: Stakers earn fees for securing the system.
- Key Benefit: Builders compete on speed and cost, improving UX.
- Analogy: Functions like Flashbots SUAVE for the account abstraction layer.
Decoupled
Roles
Aligned
Incentives
thesis-statement
THE INCENTIVE MISMATCH
The Core Argument: A Market Without a Market Maker
EIP-4337's bundler design creates a commodity market for block space with no mechanism to reward sophisticated market makers.
Bundlers are commodity executors. Their only job is to include valid UserOperations in a block. This creates a perfectly competitive market where the only differentiator is gas price, eliminating profit margins for advanced execution.
No reward for complex optimization. A bundler that finds MEV or uses private mempools like Flashbots Protect gains no extra revenue. The user pays a flat fee, disincentivizing the infrastructure needed for mass adoption.
Compare to searcher-builders. In Ethereum's PBS model, builders profit from sophisticated block construction. EIP-4337 bundlers have no claim to surplus value, making them a pure cost center versus a profit center.
Evidence: P2P mempool stagnation. The dominant bundlers, like Stackup and Alchemy, rely on public mempools. Specialized entities like Eden Network or BloXroute have no incentive to participate, starving the system of liquidity and efficiency.
EIP-4337 INCENTIVE ANALYSIS
Bundler Economics: Risk vs. Reward
A comparison of bundler strategies, their revenue models, and associated risks under the current EIP-4337 design.
| Key Metric / Risk Factor | Simple Bundler (Status Quo) | MEV-Boosted Bundler | Staked / Reputation Bundler |
|---|---|---|---|
Primary Revenue Source | User-paid fees only | User fees + MEV extraction | User fees + staking rewards |
Avg. Profit per Bundle | $0.10 - $0.30 | $0.50 - $5.00+ | $0.20 - $0.40 |
Upfront Capital Required | 0 ETH | 10-50 ETH for bidding | 100+ ETH for stake/slashing |
Oracle Risk (Gas Price) | High - Pays for failed txs | High - Pays for failed txs | Mitigated - Can use trusted oracles |
Paymaster Dependency Risk | High - Must front gas | High - Must front gas | Low - Can require prepayment |
Censorship Resistance | Low - Purely economic | Very Low - MEV-driven | High - Staked commitment |
Implementation Complexity | Low | High (requires integration with Flashbots, SUAVE) | Medium (requires slashing logic) |
Long-Term Viability | Low - Race to zero margins | High - Captures latent value | Medium - Depends on stake utility |
deep-dive
THE INCENTIVE MISMATCH
The Slippery Slope to Centralization
EIP-4337's economic model creates a fundamental misalignment between bundlers and users, leading to inevitable centralization.
Bundlers face negative externalities. They pay gas fees upfront but only earn from optional priority fees. This creates a high-risk, low-margin business that only large, capital-efficient operators like Etherspot or Stackup can sustain long-term.
The paymaster subsidy is a centralization vector. Bundlers must trust paymasters to reimburse their gas costs. This creates a trusted relay network similar to Infura's early dominance in RPC services, concentrating power in a few entities.
Permissionless entry is a myth. The capital requirements and operational risk create a natural oligopoly. This mirrors the centralization seen in MEV-Boost relays, where a handful of operators control the flow of transactions.
Evidence: The top three bundlers on networks like Polygon already process over 60% of all 4337 UserOperations, a concentration ratio that increases with network load and gas price volatility.
case-study
THE INCENTIVE MISMATCH
Real-World Evidence: The Bundler Landscape Today
EIP-4337's permissionless bundler design creates a market where rational economic actors are disincentivized from performing the network's most critical work.
01
The Problem: Paying for Your Own Execution
Bundlers must prepay gas for all user operations, creating direct capital lockup and liquidation risk. This turns a service role into a high-risk, low-margin trading operation.
- Capital Efficiency: Bundlers tie up ETH for ~12 seconds per bundle, scaling linearly with volume.
- Risk Profile: They bear 100% of the execution risk (reverts, gas spikes) for a tiny priority fee.
100%
Risk On Bundler
<0.1 ETH
Typical Fee
02
The Solution: Pimlico & Stackup's Paymaster Subsidy
Leading bundlers circumvent the broken model by vertically integrating with sponsored transaction services. They act as the paymaster, subsidizing gas to capture user flow and monetize elsewhere.
- Real Model: Loss-leading on gas to capture wallet integrations and SDK usage.
- Centralization Force: This creates bundler-paymaster oligopolies, contradicting EIP-4337's permissionless ideal.
>60%
Market Share
Vertical
Integration
03
The Consequence: MEV as the Only Rational Incentive
With base fees negligible, sophisticated bundlers are forced to maximize extractable value to be profitable. This turns user transactions into a search game.
- Backrunning Dominates: The most reliable profit is from observing the public mempool and inserting profitable trades.
- Privacy Erosion: To capture MEV, bundlers must analyze and reorder user ops, breaking semantic privacy assumptions.
MEV-Driven
Profit Motive
0
Base Fee Profit
04
The Architectural Flaw: No Native Staking Slash
Unlike validators in Proof-of-Stake, bundlers have no skin in the game beyond their transient gas deposit. There's no mechanism to punish censorship or malicious bundling.
- Trust Assumption: Users must trust bundlers won't censor or reorder ops maliciously.
- Comparison: Lido validators face slashing; EIP-4337 bundlers face only wasted gas on a failed bundle.
$0
Stake Required
No Penalty
For Misbehavior
05
The Data: Anemic Bundler Profit Margins
On-chain analysis shows bundler economics are unsustainable without vertical integration or MEV. Priority fees are often zero, making pure bundling a charity.
- Fee Reality: Most user ops pay the 1-5 gwei base fee, with zero priority fee.
- Result: The 'public good' bundler is a myth; profitable ones are either VC-subsidized or MEV machines.
~0 gwei
Avg. Priority Fee
Charity
Pure Bundling
06
The Future: SUAVE & Intent-Based Alternatives
The broken bundler market is accelerating the shift to intent-based architectures. Systems like UniswapX, CowSwap, and Across abstract execution entirely, using solvers who compete on outcome, not transaction ordering.
- Paradigm Shift: From 'how' (transaction) to 'what' (intent).
- Natural Fit: Solvers have inherent economic incentives, solving the bundler motivation problem at the design layer.
Intent-Based
Architecture
Solver Competition
Incentive Model
counter-argument
THE INCENTIVE MISMATCH
Counter-Argument: "It's Early, Builders Will Figure It Out"
The core economic model for bundlers is fundamentally misaligned, a problem that cannot be patched with time alone.
Bundlers are profit-maximizing agents competing in a low-margin, winner-take-all auction. Their incentive is to extract MEV, not to provide a public good. This creates a structural conflict with user experience and decentralization goals.
The paymaster subsidy model is unsustainable. Projects like Biconomy and Stackup currently subsidize gas to attract users, but this is venture capital burn, not a sustainable fee market. When subsidies end, user acquisition costs will spike.
Compare this to L2 sequencer incentives. Arbitrum and Optimism have clear, protocol-level revenue streams from sequencing and MEV. EIP-4337 bundlers have no such guarantee, relying on a fragmented, user-paid fee market that hasn't materialized.
Evidence: The mempool is empty. The Pimlico bundler dashboard shows most UserOperations are sponsored paymaster transactions. Organic, fee-paying user demand for permissionless bundling does not exist, proving the base economic layer is broken.
FREQUENTLY ASKED QUESTIONS
FAQs on Bundler Incentives & Security
Common questions about the economic and security flaws in the current EIP-4337 bundler model.
Bundlers are underpaid and disincentivized to operate, creating a fragile network. The current fee structure offers minimal, volatile profits, leading to centralization around a few altruistic or subsidized operators like Pimlico and Stackup, which is a critical liveness risk.
takeaways
EIP-4337 BUNDLER ECONOMICS
Key Takeaways for Builders
The current pay-per-op model for bundlers creates misaligned incentives and systemic fragility. Here's what to build instead.
01
The Problem: Pay-Per-Op is a Race to the Bottom
Bundlers compete on fee priority, not reliability or quality of service. This leads to volatile user experience and centralization pressure on the few bundlers willing to operate at a loss.
- Creates zero incentive for bundler redundancy or uptime SLAs.
- Encourages spam and MEV extraction as primary revenue sources.
- Results in ~90%+ of bundles being submitted by a handful of entities.
~90%+
Centralization
Volatile
User Fees
02
The Solution: Staked Reputation & Service-Level Agreements
Shift from pure transaction fees to a stake-for-work model. Bundlers post a bond and earn the right to serve a user base based on proven performance metrics.
- Slashable stakes penalize downtime or malicious ordering.
- Enables predictable, subscription-like revenue for builders.
- Allows users/paymasters to choose bundlers based on reputation, not just price.
Staked
Security
SLA-Based
Revenue
03
The Architecture: Separating Sequencing from Execution
Decouple the roles. Let specialized sequencers (like those from Arbitrum, Optimism) order user operations for a fee, while execution bundlers focus on efficient inclusion. This mirrors the proposer-builder separation (PBS) model from Ethereum consensus.
- Sequencers profit from ordering and MEV capture.
- Execution Bundlers profit from gas optimization and reliability.
- Creates a competitive market for both functions, reducing centralization.
PBS Model
Architecture
Two-Sided
Market
04
The Opportunity: Intent-Based Bundling
Move beyond simple transaction forwarding. Let users submit signed intents (e.g., 'buy X token at best price'). Bundlers compete to fulfill this intent optimally, capturing value from execution quality, not just inclusion speed. This is the model pioneered by UniswapX and CowSwap.
- Higher revenue potential from improved execution.
- Better UX: Users get optimal outcomes, not just fast failures.
- Aligns with cross-chain intent systems like Across and LayerZero.
Intent-Based
Paradigm
Value Capture
From Execution
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall