Your other points are good, but this one is wrong. Bitmessage is currently bundled with a client because that makes adoption easier, but ultimately, Bitmessage is first and foremost a protocol. POW increases the cost of flooding attacks on the network. Clients like Thunderbird (it was easier for me to integrate Bitmessage with Thunderbird than my regular email provider) stop spam.
The scaling is a rather hard problem, since, for anonymity, "everyone gets everything." If you have any ideas about how to scale a network like that, OR have any comparable methods for hindering traffic analysis, you should publicize them.
The timing attack mitigation via sleeps /is/ a rather ineffective substitute for constant-time decryption.
In summary:
1. POW is a non-issue, and part of the design at least the way you've put it.
2. Scaling is inevitable given the tradeoffs being made, unless you have a better idea, for which I will pay money
3. Timing attacks are a temporary problem, but they can certainly be "flushed out."
Your other points are good, but this one is wrong. Bitmessage is currently bundled with a client because that makes adoption easier, but ultimately, Bitmessage is first and foremost a protocol. POW increases the cost of flooding attacks on the network. Clients like Thunderbird (it was easier for me to integrate Bitmessage with Thunderbird than my regular email provider) stop spam.
The scaling is a rather hard problem, since, for anonymity, "everyone gets everything." If you have any ideas about how to scale a network like that, OR have any comparable methods for hindering traffic analysis, you should publicize them.
The timing attack mitigation via sleeps /is/ a rather ineffective substitute for constant-time decryption.
In summary:
1. POW is a non-issue, and part of the design at least the way you've put it.
2. Scaling is inevitable given the tradeoffs being made, unless you have a better idea, for which I will pay money
3. Timing attacks are a temporary problem, but they can certainly be "flushed out."