Where did I say "this is not part of the fundamental analysis you should do"?
My only point is that >50% attacks by the people involved are purely theoretical. Attacks by almost any state are the end of your project. A billion dollars is enough to DDoS pretty much everything.
My point was that we need to analyze consensus models (and new protocols), and that is very complex (and few people in the world have the skills needed). I gave the example of Bitcoin where the cryptography is perfect but the model has some security bounds.
Then you argued about the bounds and if they were theoretical or not which was not the central point of the argument and we can choose another issue to illustrate our central point. I think we can argue if it is theoretical or not ad infinitum.
So, to push forward my central argument I will again say: we need to check beyond the cryptography. Not only that, I will tell you: stay tuned because a new security finding with Bitcoin will be published soon.
My only point is that >50% attacks by the people involved are purely theoretical. Attacks by almost any state are the end of your project. A billion dollars is enough to DDoS pretty much everything.