> Not really-- or, rather, the security provided by proof of work is only proportional to the part of the cost above the fair value of the useful work.
This is only partially true for a number of reasons.
> Now imagine a POW that costs $5 in energy and does $5 in "useful work" --- well in that system you can now attack for 'free'. Or say it costs $6 in energy to mine plus due $5 in "useful work". There your security is related to the $1, the $5 is mostly coming along for a ride.
This is one aspect however you make assumptions about the rewards that are not necessarily true. If rewards only payout on a cycle or if the rewards have a locking/"vesting" schedule before they become accessible. There's a lot of ways to make attacks more expensive/nonviable but without the "useful work" aspect, they've not provided meaningful benefits to the protocol and therefore haven't been integrated.
> There are other problems with "useful" proof of work: e.g. A POW function should ideally be approximation free and optimization free... if an attacker invents a better version they gain an advantage. So e.g. if the miner detects that this particular work instance is 'hard' they can just discard it and try another. This makes it really hard to do much of anything 'useful' except the most contrived kinds of 'useful' without creating vulnerabilities.
Now with this you'd see that the research papers explicitly were tackling this problem. The one is implementing an SMT solver/optimizer for large, expensive problems. It uses random walks (forcing the miner to bias their choices in specific random ways) based on a VRF or their results are invalid. The efficiency is only 50% of course however that doesn't mean the price is 50%, just that the energy efficiency is 50%. The market on problems to be solved of course will still be priced on supply/demand (give or take parameters) and if there is insufficient utilization, mining falls back to a traditional PoW algorithm.
So in a sense what PoUW is attempting to do is to supplement the valuation of the underlying tokens via production/cash inflow rather than purely relying on demand for tokens to pay the transaction fees.
Also I do want to point out that those papers aren't just making claims, they include a lot of verification and proofs to demonstrate the functionality of the systems in question.
> But difficulties aside, the fact that outside benefits don't contribute to security (or at least don't contribute much) makes the whole idea space kind of unexciting.
The interest is in being able to produce a digital resource (that can be used for consensus) from a physically hard task while actually producing something of value as a side effect.
Gold and other metals were valuable as currency because they were difficult to mine however their value increased because practical uses for the metals increased demand beyond the synthetic demand as a currency. That increased incentives for mining which led to more mining. Eventually it reached equilibrium.
Also notably outside of a given PoUW algorithm's viability as a PoW, it's still important research because every PoUW algorithm that is game theoretically sound is viable as a decentralised market for computation/work where cheating is effectively non-viable.
