At first glance p2pool seems like the answer to all our problems, it prevents malicious pool operators with over 50% of the hashrate from bieng able to use all the pool miners to attack the network. And it requires each miner runs a full node!
But not so fast, there seem to be some critical downsides. Unless I am mistaken:
You don’t really need to run a full node. You can just connect to another full node (as long as they have ports open). This means that worst case there could only be a single actual network node and everyone else just running p2pool nodes. P2pool server requirements? And separating P2pool + node to different VMs · Issue #65 · SChernykh/p2pool · GitHub
You aren’t actually mining your coin. You are mining a p2pool altcoin and merge mining the real coin. But you aren’t even getting the p2pool coin (not sure if this fact could be used for a malicious attack). So it is like dogecoin in that respect, everyone is mining litecoin and merge mining dogecoin. Firstly I want to mine coins I care about directly. Also there can be downsides such as the merging of the proof of work from the p2pool chain to the real chain. This process could cause node syncing issues and another potential attack vector.
Just thinking that if china or some other hostile actor wanted to destroy the whole crypto industry at once it would by somehow getting everyone to mine on your pools and then use that fact with some hidden backdoor type vulnerabilities to attack the real blockchains. And then if you could hide the fact your pool was doing it (by it seeming decentralized) so that people never wise up and stop using that pool. Anyway for me it is way too risky. Thoughts?