My design doesn't (and afaics shouldn't need to) prove to a syncing node anything about propagation that occurred while that node wasn't listening live. Remember that the 49 - 99% attack must be sustained otherwise it can't maintain the blacklist on the minority PoW. The minority PoW will have identified the dishonest chain and be humming along (at a reduced level of PoW difficulty, yet still including the attacker's nominations so as to prove to syncing nodes which chain is refusing to include the other's nominations). So the syncing node will have ample opportunities while live to objectively determine which chain is dishonest.
Why isn't it the case that the majority POW also has a monopoly on the set of nodes which can be nominated, thereby dominating the choices for the honest nodes?
In the honest scenario, the 49 - 99% attacker can nominate 49 - 99% of the confirmation nodes, but the crucial distinction from the security of Satoshi's design is the attacker can't dominate ALL the confirmation nodes and thus can't destroy the permissionless quality of decentralized cryptocurrency. Nor afaics can this preponderance of confirmation nodes gain the attacker any advantage in terms of double-spending or abusing the protocol.
In the dishonest attack scenario where attacker wants to own ALL the confirmation nodes, I already explained that:
---8<---
Thus the only way for the 50+% adversary to blacklist minority PoW that nominates its nodes is for that adversary to win all the blocks and always announce the blocks as soon as they are found (otherwise the adversary is required to include the nominations from minority announcements if the adversary pursues the selfish strategy mentioned above which defeats the blacklisting). But if the adversary announces block solutions as soon they are found, then the adversary can't statistically win all the block announcements unless it has 100% of the PoW.Okay the adversary must shift his strategy to fooling the payers (non-full nodes) into believing that the minority did not propagate first (or within for example 6 seconds if we choose 6 seconds as the rule), thus convincing the payers that the minority announcements were not required to be included in the longest chain. If the payers are not listening to the network, they have to trust some full nodes to tell them what happened. If the adversary violates the protocol and doesn't include the minority nominations (because the adversary can fool the payers), then the adversary can own all the nominations and thus report what ever it wants to report to the payers. The typical Bitcoin security argument is the community will call out such an adversary and take action. But I was never satisfied with that reasoning, because the masses are easy to manipulate because they are preoccupied.
So to make my design really robust, the payers need to be listening so they can enforce the protocol. Remember I am making a micro-transaction coin, so the payers will be online often. And often is good enough. Because if the payers clients blacklist the 50+% adversary's chain for violating the protocol, then the adversary could have 99% of the PoW resources, but if they constantly lose a larger and larger share of the payers, then they honest network has forked away from the adversary and filtered it out. This is what I mean by inertia. And also this inertia will become entangled (DAG-like) such that it is impossible to undo this filtering and the 50+% attacker racks up huge losses (in transaction fee revenue and uncompensated PoW). In my design the block announcements don't include any transaction nor PoW share data, so they are very lightweight to propagate.
---8<---
You'll need to prove that the type A miner (with say 1M x the hashing power), cannot have 1M x the influence over the chain selection rule (by, say, impersonating 1M type B miners), otherwise this will collapse to being equivalent to regular longest chain selection rule.
I explained above that yes the entity that controls 50+% of the PoW could monopolize the nominated confirmation nodes by lying to non-full nodes (using that monopoly on nodes) about the propagation events that occurs when the non-full node wasn't listening. But by having non-full nodes listen (only when they are online doing micro-transactions and remember most people these days are online most of the day and if micro-transactions become integrated into everything we do on the internet!), then I explained the 50% adversary can't violate the rule and monopolize.
---8<---
Also include the following snippet in the above context:
But anyone today could create a fork of Bitcoin and use it for paying from themselves to themselves, but no one does that because it is pointless.
So the 49 - 99% attacker could nominate ALL the confirmation nodes in his private chain, but attacker can't convince the rest of the network that his chain is valid, due to my rule that attacker must include all the nominations from propagated block announcements (which attacker didn't refute within the 6 second window...because as I explained, the attacker can't refute because the rule requires him to restart his computation of next block after each block announcement).
I told you (and all readers) for many months to expect a "Bitcoin killer" algorithmic twist that no one else had apparently thought of.
It is time for everyone to start realizing that I am not a bullshitter and I am legit.