The cost would scale directly with how many transactions are sent and how much fees are paid. We have no way of knowing how much protection is enough. We can't define it in a fixed fashion. The best way is to have some sort of a market. More transactions and more fees would lead to more protection. Less would lead to less protection.

What is enough and what is not enough? That is a problematic fundamental question.