... I assume you mean that the confirming pools will also reject any blocks that contain a conflicting transaction.
Yes, if by "a conflicting transaction" you mean a fraudulent double-spending attempt. That's not a bug, it's a feature.
The protocol doesn't say that if there are two conflicting transactions (whether a fraudulent double-spend attempt or something else) you have to reject both and reject any block that contains either. It says you go with the one you encountered first, unless a block is found that contains the other and then you go with that. In your scenario (especially if there is a dedicated denial-of-service attack),
every block will be rejected by
every miner because it contains some transaction the miner committed to reject.
Reduction in block reward is arguably the second biggest challenge Bitcoin is facing (the first is legal attacks).
In my opinion, the first challenge is legal attacks. The second challenge is wallet security. Reduction in block reward doesn't feature as a problem at all. We'll know after December anyway.
In December the block reward will be 25 BTC. The problem is when block reward is close to 0. We're no going to have any empirical evidence for a long time.
I'm not saying the problem isn't solvable; I'm saying it's silly to think of it as "not a problem" when it was never tested, and when the proposed ideas of how the ecosystem will work depart completely from how Bitcoin works now and from its design principles.
Agreed. While this scheme helps protect the network integrity, I'm not sure this addresses the "Tragedy of the Commons " fallacy. They claim a conspiracy will form and that people will choose the side of the conspiracy because it human nature to exploit any public works to the point of failure. They will argue that people will not use network assurance contracts enough to counter a monopolistic attack because it is "someone else's problem to worry about." Game theory helps us find problems to address, but the real world isn't the zero-sum game that some folks want to believe it is. They are simply naive.
Yes, people will contribute more than what the immediate incentives can account for, due to altruism, fear of a snowball effect, superrationality, etc. But they will only do so by a small amount, not enough to sustain the expenditure that will be required. If you really want to be future-proof, you need to align the immediate incentives properly.
If anyone succeeded in monopolizing mining power, the price of bitcoin will plummet, thus eliminating the very incentive for obtaining that monopoly (unless your incentive is to destroy bitcoin).
A big unless. You'd want to attack the network either for profiting from double-spending, or for harming Bitcoin (political agenda, destroying competition, short-selling bitcoins). There's a tradeoff, some things you can do to protect against the former makes you more vulnerable to the latter.
I don't understand the assumption that you have to keep network speeds at the current level (argument 2). It seems to me very likely that network speeds are too high currently and could fall a lot without reversal attacks becoming overly problematic.
They are (arguably) too high now for the
current value of Bitcoin. As the impact of Bitcoin rises, so will the incentives to attack it. Since the attack incentive is more or less proportional to the purchase power of a bitcoin, it is safe to assume that the BTC reward per block is the invariant security factor. 50 BTC is high, but 1 BTC - which may very well be the future equlibrium - is not.
I believe Bitcoin already has everything required to handle this situation by having players who benefit from high network speeds automatically create and broadcast network assurance contracts:
https://bitcointalk.org/index.php?topic=67255.msg785122#msg785122
I think this correctly solves the problem by allowing co-operation amongst competing players to fund network security in such a way that one player doesn't end up carrying the rest.
This will certainly help. Decoupling compensation from individual transactions is a positive direction. But I think the fundamental problem remains. Someone would want to pledge his own funds only if he thinks there's a good chance he will tip the scale to passing the threshold. Which means the network will always walk on the edge in which there's a chance for everything to crumble.
Also, as Mike and others have commented, game theory is just a model of real people's behavior, and is often very very wrong, as numerous studies have shown.
Game theory isn't a model of what people do. It's a model of what people should do. Even if 99% of people do "better" than what game theory prescribes, there can still be 1% who are selfish and rational and exploit the system. Having a system that is secure in theory can go a long way to preventing unpleasant surprises in practice.
By the way, "failures of game theory predictions" are commonly not problems with the theory, but with the game that was chosen to model the specific real-world situation.
I am still of the opinion that all the ideas proposed could account for some level of hashing, but not enough for proof-of-work to completely secure the network. Which is why proof-of-stake will need to augment it to pick up the slack.