Moore's law is already cracking, from the perspective that IPC increases out of AMD and INTEL have been strictly nominal for the past few years. So from that narrative, which I think also holds strong (looking at the supercomputer list when you normalize some combination of flops/kw or cores/kw) in the proprietary chip market also (e.g. IBM).
So what's going to likely happen moving forward is that sha256 gets slowly eroded, which is basically what has happened to every other industry standard cryptographic algorithm.
In the ASIC chip industry, people are already down to 28 and 20nm. Soon enough (e/g 1 year) when everyone in the industry has reached down to 20nm you'll see a plateau in computing power between chips. The competitive advantage will dissipate between manufacturers as everyone optimizes their chips at 20nm.
So the point is that there is basically no likelihood of a zeroday event where someoen ramps up enough computing power to brute force out sha256 tomorrow.
Again, isn't this just addressing the "front-door" approach, that everyone seems to stare themselves blind at?
Let's try this differently, how centralized are these pools?
Discus Fish
GHash.IO
KnCMiner
AntPool
(
https://blockchain.info/pools)
What will it take to take them out, and if done, how long will they be down for?
Another scenario - how elaborate a hack will it take to link them together to do a 51% attack to empty some big wallets?
How many layers of security would you need to get through? How many stolen ssh keys will it take?