That doesn't give safety in the situation of a complete internet connection being compromised. An attacker may be able to intercept traffic with certai...
I was assuming that there was no attacker at first. That means the first public keys you got would not be fake ones from an attacker, but real ones the attacker would be unable to communicate by.
There is a problem. You need to make sure all transactions are verified. A single person could hide a double spend in a block from the network and release it later causing either a fork or a major block-chain reorganisation.
That would require vast computing power or your block would not be the longest chain and thus ignored.
Remember a block is only accepted if its hash fits the hash of the last block on the longest blockchain.
Unless you have 51% you can't do the attack you mention and even if you do have 51% people will soon start to block you out of the system if you keep reversing the chain or any BTC you hold will become worthless.
Both things would be bad. So you need a way to ensure all transactions are validated which belong to a block. Will you get all the transaction hashes and do the hashing operations for all transactions up to the root?
In my solution you would get one or a few branch roots while cutting the others. (search "pruning merkle tree")
This means you can tell that the transactions you verify indeed belong to the block hash even without having all the transactions of that block.
How can you verify that all nodes are doing the same work?
You cannot. For all you know your BTC client is the only one in the world doing any verification and by chance everyone else is honest.
The longest
valid chain is what is being worked on.
You could theoretically do my solution, but without a reporting system; the invalid chain would loose more and more computing power as individual swarm clients got an invalid block branch.
The wasted computing power would lead to the development of a reporting system rather quickly though.
With my second solution, nodes would validate parts of the block and produce Merkle roots for those regions.
The normal client already splits up the transactions into branches and branch headers.
All you need to do to create a swarm client is to modify the code to ignore some of those branches while keeping the branch header(s) you need to re-create the block hash.
But this means some mechanism is still needed to check for double spends.
An individual swarm client will ignore the longest chain if it contains an invalid transaction and start to mine on a different chain (longest valid one).
Each invalid block will make more swarm clients break away (or ALL with a simple reporting system) and eventually the longest, but invalid, chain will become shorter again.
This will lead to a minimum of transaction reversals as all valid transactions will have been carried out on the new valid chain as well.
I should perhaps stop putting time to thinking about this anymore and work on cbitcoin and my bitcoin client software.
I am myself procrastinating somewhat