However, it is my contention (actually the contention of many security experts) that one cannot assure security, but that rather it must be proven over time.
It's not cryptographical security, so "security thru obscurity" argument is not applicable here.
Is there no 3rd option?
It could be cryptographically secure but not scale, for example? Or a problem with the implementation?
The cost of attacking/spamming an IOTA network is virtually $zero, and even f you cant change the past you could perhaps delay the future, indefinitely? Or am I mistaken?