I didn't refer to the process of the priority list creation as the phase where the sybil attack would occur. From my interpretation of your protocol, it would be a P2P network like Bitcoin. Thus the priority list creation is something every user can control at his own will because it happens at his own node's mempool -- and that includes attackers.

The attacker can decide at will to include or exclude transactions made by other users. Because nobody can check that the user already "saw" a transaction and discarded it (in this case he could decide to ban the node for foul play). Maybe the attacker should include at least some "external" transactions to be able to fool other nodes easier, but if the number of own addresses is high enough he will with almost 100% probability find a configuration where he's his own co-signer.

The sybil attack referred to a later step of the attack: when the attacker has already submitted the double spend transaction and cosigned it. He must then lure the other nodes into accepting that transaction and discard the previous transaction where he paid the merchant/exchange. For this step, the sybil attack would be handy: he can spawn hundreds or thousands of nodes (for example with a botnet), "infecting" the network with the double spend transaction.

The nodes are presented with two different histories at that point, which both look legitimate from their point of view. And some "voting" would probably go on in this phase for the nodes to select one. If a node connects to lots of other nodes and they're transmitting them the double spend history, then they eventually would "reorganize" their database.

Indeed one could describe such a system as an "obfuscated proof of work", but it's much less formalized than Bitcoin's PoW, so it will be probably always unstable. There may be periods with few active connected nodes, and these would create opportunities for attackers.