Just a quick note.
DEX orders stays in memory for ever, so at current market cap and 0.1 BTS fee for limit_order_create operation, it will take ~20K USD to exhaust all witnesses memory. ( Assuming 4GB mem witnesses )
0.003186*0.1*4*1e9/64 ~= 20K USD
64 = memory usage of 1 limit_order_object
0.1 = fee
4*1e9 = 4GB
0.003186 = USD per BTS
Memory exhausting protection need to be taken into account also.
Thanks ElMato, this is good information to have. However, I think at this stage the difference between 0.1 BTS and 1 BTS is negligible. In other words, we could easily raise the cost of spamming the network from $20,000 to $200,000 and still require only 1/3 of a cent (1BTS) fee.
The question is, would $200,000 in new income from the attack be enough to justify paying the witnesses more money so they could upgrade their RAM? Probably yes. Especially since Ram is cheap. However, would this be a security risk in the interim? I don't know the answer to that. Wouldn't the network technically survive if just some of the witnesses were using more than 4 GB or RAM at the time of the attack?
Edit: Seems like Xeldal beat me to the punch ^^