Can anyone link me to some criticism of these claims by qualified people? I'm especially interested in a rebuttal to the claim that long range NaS attacks are not possible in the system that kushti has defined in his and his group's research.
I think long range is not possible because rolling checkpoints. Also when downloading a new chain there is a trust system so you download from a trusted source. Rolling checkpoints are nice but create the risk of dividing the network. A fork larger than the largest allowed reorganization would not be resolved and the network would split.
I remember Bitcoin itself was using checkpoints at one time, not too long ago too. Haven't heard much about that in a while. Do you or anyone else know if they are still in use at all?
. Last at 295K.
Long range isn't possible not because of rolling checkpoints only(max reorg depth in Nxt is 1440 blocks and you can't generate private branch of such length better than network's not having majority of online stake before splitting).