Regarding this POW problem, instead of replacing the SHA-256 POW by something else, we could change Bitcoin so it accepts two POW algorithms at a time, lets say a CPU one and we keep SHA256 also, each algo having its own difficulty, a block being valid if signed by either algo.
This way ASICs would have to compete with CPUs with a fair ratio, and probably disappear after some time because of the costs.
Maybe one could even use PoS to vote on the ratio...
If you want an ASIC block every T1 minutes and a CPU block every T2 minutes, the ratio between the two is k=T1/T2
That ratio "k" may be chosen by the community or computed another way.
One k is chosen, this can be proven true :
T1 = 10mn*((1+k)/k) and T2=10mn*(1+k)
with k=1 (as many ASIC blocks than CPU blocks) that gives the obvious result : T1=T2=20mn
with k=2 (twice more CPUs than ASIC) T1=15mn and T2=30mn
Technically no problem.
Yes, I meant to use PoS to vote on the value of k. But setting it to a fixed value could be enough already.