* Custodial stake
Exchanges and other large services which store user funds in their own wallets gather a very large stake, which often would give them majority power of POS block generation if they were to abuse it.
PoS must avoid stake centralization via decentralized exchanges and other infrastructure services. Aside of that, I see no way how to resolve this technically. It's the same as economy of scale working against PoW(a guys with special hardware is getting better $$/computation rate than an ordinary user).
* Chain freeze
Once a majority stake holder becomes the dominant block producer, they can withhold all blocks forever, bringing the entire chain to a permanent halt, correctable only with a hard fork.
In IPoS even small part of the network can generate tickets successfully. However, a party holding critical part of online stake will freeze a network by generating a better chain of empty blocks. It's the same as empty blocks generating with 50+% hashing power in PoW.
* Shorting attack
A whale takes out a large short of a POS coin at the same time he buys an equal portion of stake, such that his overall position is neutral.
He then uses his stake to double spend by creating blocks continuously (whenever he is permitted to do so) thereby driving the price of the currency down until he is ready to close his short in profit.
Any idea how to model and study this? I don't have, to say honestly.
* As you mention in the paper, if you require multiple accounts to generate one block, the optimal strategy for a stakeholder is to split their stake between multiple accounts. For this idea to be optimal, they should have less probability of generating a block under this new scheme than they would have had under a single account model. Can you prove it?
* You state that this protocol is immune up to a 28% attack. How does that compare with Nxt?
Nxt has similar resistance against naive private forks, simulation is also published:
https://github.com/kushti/common-pos/blob/master/src/main/scala/cpos/simulation/NxtSimulator.scala . But in Nxt it is possible to amplify attack with time drifting increasing cumulative difficulty of a chain.
I don't know how to precisely model this.
Please note, IPoS doesn't resolve main concerns of PoS.
A random number to choose a miner(s) still depends on miner(s)(the possible negative effects are reduced with multiple generators though). And still there's no chain enforcement. Nevertheless, IPoS could be useless for a private chains(where majority of nodes using canonical implementation could be assumed, see "Security Through Default Implementation"), and also it could be used in hybrid protocols(again, imagine Bitcoin-NG with thousands of nodes working on microblocks instead of a single miner).
