You are correct in pointing out an issue here which must be solved. I'd describe the issue slightly differently even without any single party holding a quorum stake.
An adversary buys empty private keys (with zero current stake) that once upon a time did hold a quorum stake in the blockchain. That adversary can start rewriting blocks from the time the keys did hold the quorum stake to the present - completely rewriting all the transactions.
I do need to think about this problem. Thanks for pointing it out.
Regards,
Shunsai
Hi Shunsai,
The standard response that most PoS developers have given in the past is that only bootstrapping nodes would be vulnerable to such an attack because all online nodes would reject the fork because they have knowledge and timestamps for the canon chain.
However, this concession is a loss of objectivity compared to PoW, and a loss of security because of that. I see no real way to avoid Nothing at Stake in a system with no PoW - you could try something like punishment of locked up funds (ala Etherum), but that's a real mess to analyse and may be less efficient overall than PoW as well as being inelegant.
Cheers, Paul.