Here you are ignoring/not considering this earlier reply:
[...] But in fact they can make several replays per reorg:
Suppose Alice trades 1 bitcoin with Bob for some tokens or some USD, then trades that for "another" bitcoin from Claire (meaning that Claire's ownership of the coin isn't dependent on the first transaction with Bob), then trades that bitcoin away again to Doris, then buys "another" bitcoin from Eric. And suppose that Alice is then able to rewrite this recent part of the ledger afterwards. Then Alice can keep the transactions with Claire and Eric, i.e. where a bitcoin is transferred to a wallet of Alice's, but replace the transactions with Bob and Doris with two other transactions where the bitcoins are instead transferred to two other wallets of Alice's. At the end of this, she will have 3 bitcoin in 3 separate wallets: the one she started with and the ones from Claire and Eric.
And she could in principle have kept repeating this process (before rewriting the ledger) as many times as she can find traders whose ownership over the traded bitcoin isn't dependent on earlier trades with herself (i.e. she can only replay each single bitcoin once).
Now turn this example into Alice instead being a great number of people, who are backed by billions of dollars in total to do this attack.
And furthermore consider the fact that it is typical to see around $15B being traded each day. (And again, you agreed that Ethereum investors could in theory afford an attack lasting for several months, once they've paid the CapEx.)
And like I've said: the confirmation period unfortunately cannot be changed retrospectively, at least not with pure PoW.
And you are ignoring/not considering my earlier point that when the attackers profit from (or believe that they are profiting from) a crash, they don't have an incentive to keep any other assets/products, but can keep their stolen bitcoin after the attack. (It's a win-win: Either bitcoin keeps its value, and they get rich, or it crashes, which is what their benefactors is trying to reward.)
i did address it
i already said the mitigating factors YOU missed
EG before alice trades with bob on the market, alices deposit goes into an exchange (so i presume you are calling the exchange bob) and needs X confirms (significant amount is usually 6confirms)
so the exchange(bob) would then have the coin
now alice then exchanges the usd in another exchange for more bitcoin
but that involves moving stablecoin of usd to a different exchange(claire) so that your held value is safe from not being drawn back by bob(no longer in bobs exchange database balance)
this again means waiting time for funds to clear for clair to then trade
repeat a couple times with a few more exchanges(doris, eric)
and then you want to re-org a old block where you deposited with bob(exchange) to make that A->B transaction disappear
well you are now going to have to go backward many many blocks. re-do that block. and then have to catch up with the network again and over take it and hope the other nodes accept your new list
even with a 10% advantage(55% attack) and only re-winding 6 blocks, it would take like ~50 blocks to catch up
so play out your time frame to just do a bob, claire, doris, eric trades.. and realise you would then need to go back a heck of alot more blocks and edit the block containing the alice-bob trade
so run the scenario and do the math
..
also you state the $1.5B traded each day
you can rewind a block and that makes YOUR transaction ge undone so you can re-spend YOUR funds to a different destination.. but yo dont have the keys for the other users transactions to change their destinations to you. you cant steal other peoples funds so you cant control the other $1.5b transactions
like i said if you wanted to perform an attack then you need to run the scenario out properly and consider the mitigting circumstances and whats actually going to happen based on real things, not the fantasy results you made up and hope people will agree with
if you made a transaction where you deposited $1b and traded it for USD and then withdrew it via wire transfer, you would have to wait 72 hours atleast for the banks to clear it meaning a minimum re-wind time of ~450 blocks and the a catchup and over-take time of THOUSANDS of blocks
Now turn this example into Alice instead being a great number of people, who are backed by billions of dollars in total to do this attack.
In reality, "Alice" could be a great number of people, all making these kinds of trades at once. Since the transaction volume can easily reach $15B (not just $1.5B) on a normal day, they would seemingly be able to trade a billion each day, in principle, without raising major suspicions.
Not that they need to trade that much each day, by the way: Buying and selling something like $100M worth of bitcoin would also be enough if they just reverse enough blocks, as this would make them close to $100M for each day of the ledger that they rewrite. More precisely, they would earn $100M worth of bitcoin (using the pre-attack rates, of course), minus the mining costs of the attacking miners, plus the mined bitcoin.