In another topic we had a discussion about proving that the client is correct, and in Bruce Wagner's interview the question of tamper proofing was raised, but I think both miss the point since the client is replaceable, we are not putting our trust in the client but in the protocol. Should the client be vulnerable to attacks (buffer overflows, ...), if we can prove that the protocol underneath is correct it won't matter since we'll just create new clients (as some already are) and we'll pick up from where it all went wrong.
So let's start a community effort to put under the microscope the protocol, and let's find possible flaws. Let's make it a scientific one by clearly stating assumptions and consequences and not put statements into the empty room.
Anyone interested? Once we got enough material I'm sure we can whip up a nice Wiki article that might be able to convince the critical, but open minded people, about the stability of our system