I see no new ground here except "decentralized exchanges are good" (and "forks are bad").
And checkpoints can't substitute for being resistant to forks in every case.
Any the increased use on chain mixing with large anonymity sets increases the risk of not being able to abandon a sustained bad fork, thus making the threat of forks that much more serious.
And centralized mining is very bad.
I agree except that doesn't really solve the problem, not even in the future, since exchanges are just one example of a good being delivered rapidly (other coins in this case). With any other commerce transaction where the goods or services have been delivered double spending leaves someone holding the bag with no recourse. It doesn't really matter if the blockchain is traceable or not.
Mixing whether it be done by centralized exchanges or by large anonymity sets increase the threat of domino cascade.
Also, the blacklist issue is greatly reduced because a blacklist as you propose would only be effective if put into place before mixing occurs. Once the mixing occurs, you can't undo it, and you can't effectively blacklist the root coins because far enough back you are essentially blacklisting all coins. Not that far even, given the exponential spread of mixing.
Disagree. Blacklisting entire anonymity sets is legally and politically plausible (but I don't know how realistic any delisting is, certainly if mining is centralized it is much more realistic), and the anonymity set can't increase once blacklisted without culpability on the part of the users.
Well at least for ring signatures. Thanks for helping me (re-)discover a key qualitative distinction which is very negative on ring signatures.
EDIT: Also, there is still no credible basis for a private key attack due to either de-anonymizing (traceability) or double spending. It hasn't been be disproven (indeed most of practical crypto is strictly speaking unproven), but continuing to repeat it as pure "there might be a flaw" is just uncertainty and doubt with no analysis backing it up and is not credible.
Why are you bringing that up? I hadn't mentioned that in our recent exchange and when I did mention it, I said the same as what you just wrote above.
Edit: I guess you are responding to my list of concerns about ring signatures. Btw, I contemplating that certain hash functions (e.g. SHA256) are much more vetted with cryptanalysis than the simultaneous equations in different number fields that I showed.