This looks good for the edge case of a tangle degenerated to a chain. It should be the same for a tangle with arbitrary topology for transactions that have already been considered confirmed, but intuition says that it's incorrect for transactions that haven't passed their adaptation period (i.e. there are a lot of tips not referencing them) yet.
OK, guess the transactions will get entangled fast enough. Let's and do a quick calc considering they do:
- Let J be the average Joe hash rate
- You cannot ask Joe to wait more than 60 sec to issue a single transaction, so the minimal PoW cannot be more than 60 * J
- Let E be the attacker's hash rate
The minimal number of transactions per second that you need in order to keep the system secure is N = E / (60 * J)
So for SHA-256 (in fact, what hashing do you consider?):
- Let's take the Core 2 Duo hash rate for Joe
J = 2.5 MH/s
- Today's hash rate of the Bitcoin network is around 430 PH/s. It is plausible to assume that a single entity owns 1% of that hash power
E = 4.3 PH/s = 4 300 000 000 MH/s
=> The minimal number of transactions per second is the astonishing N = 28 666 666
Did I misunderstand something?