We are interested in trustless, decentralized crypto currency. That is what Satoshi pitched to us in his white paper. Satoshi's design is also flawed though.
Besides this does nothing to stop the attack monsterer outlined. Whose stake is valid? Whose is current, the reorganized block chain or the reorganized one? Which one was the reorganized one? You see proof-of-shit is self-referential and thus can't prove anything about itself.
Trustless decentralized crypto-currency is probably impossible.* (
http://www.links.org/files/decentralised-currencies.pdf)
No matter what the design, in the end you have to trust human beings at some level. Satoshi's design provided strong incentives for human behavior via costs of physical resources consumption. The miners have the most skin-in-the-game and can therefore be trusted to behave in the best interests of the system. The flaw in the design is more apparent than ever right now with the blocksize debate. Essentially we have non-miners who also have skin-in-the-game in the form of STAKE in the system (e.g. Coinbase, Blockstream, BitPay, users wanting "cheap" transactions, etc.) that are at odds with the incentives of miners. All want Bitcoin to succeed in different ways, and there is no clear path for miners to decide which is better for them to profit because it is an economic uncertainty that falls outside of the bounds of technical knowledge.
Proof-of-stake consensus gives us a similar situation, but it does so with far less centralization than proof-of-work. A participant in a proof-of-stake system like Nxt has direct representation and never has their voting rights diluted, and therefore the system can maintain a higher level of decentralization than proof-of-work, where it is inevitable. Mining today is effectively a barrier-to-entry for anyone who wants to participate in consensus, which is good for some attack vectors (expensive) but bad for others - Bitcoin stakeholders/companies/users have no choice but to lobby centralized miner overlords, which results in social & economic attacks like BitcoinXT/Classic/etc. If the threat of a fork by a majority of users exists, is there any justification in burning energy?
In my opinion the security trade-offs in proof-of-stake favor decentralization. The active research in consensus protocols may give us new tools and techniques to sufficiently increase the security of PoS to practical levels of "trustlessness". The energy efficiency of proof-of-stake consensus as well as the low barrier-to-entry for participants make it a worthwhile pursuit in my opinion, and in the long run Bitcoin itself will benefit from proof-of-stake experimentation.