The thread you linked does not provide a way to prove that the private key has not been revealed from a Casascius coin. It only allows you to prove that the coin existed at a certain date, which is to stop counterfeits in the future. The relevant quote:
However assume it's the year 2023 and you decide to sell your precious 0.5 BTC coins back from 2013 when the first batch of these was made and the potential buyer is sceptical because there are now counterfeits around. Wouldn't it be great if you could proove that this coin has actually existed back in May 2013? It probably would increase the buyers confidence quite a bit. Well: you can.
It obviously does not offer security from fraud before the photo. You will have to trust the seller of the coin who took the photo. In the case of casascius coins, you would have to trust the chain of both casascius and the coin photographer.
If casascius adopted that practice of taking pictures, you would be left with only a one-man-chain of trust.
And your "piece of paper" that shines through the hologram can also easily be bypassed. These hologram stickers are not unique, and you can easily order identical ones from any number of custom-security-sticker companies on the internet. What's to stop someone from just putting a brand new hologram sticker with a brand new piece of solvent-reactive paper? Or some regular paper that just looks like the untampered solvent-reactive paper?
Well, holograms are more or less hard to copy, depending very much on the quality of the hologram and the quality of the copy you want.
The same goes for paper, as long as you just use the right one (think of fluorescent paint, watermarks, etc.)
For any given "attack", one has to weigh the cost of counterfeiting against the potential benefit of the counterfeiter.
As soon as a large scale attack like this actually takes place, Casascius coins will be no more than collectors items. They'll still have their BTC value, but nobody will accept the coin itself as a means of payment without immediately sweeping the funds. And it's really only a matter of time until someone performs this attack, and a bunch of people get totally screwed.
Casascius coins, as you already pointed out, are collectors' items. It is highly unlikely that they may ever become a common method of payment. With collectors' items, the number of potential attacks a single counterfeiter may launch is severely limited. Therefore, it is also highly unlikely that it may be worth the effort. Collectors' items are usually not passed through so many hands, so, for any given coin, there will likely be a traceable chain of former owners. It is even likely that coins with such a chain will have a much higher value than those without.
In conclusion, I don't really consider this kind of attack profitable. Security as a trade-off between cost and effort for an attacker is doable for physical bitcoins.
I'd rather counterfeit rare stamps, they are cheaper to produce and probably easier to sell
And just to counter an argument you might bring up: no, I don't think any physical bitcoin will ever be used as a regular method of payment. In the end, it just doesn't make sense. Bitcoin is digital, the world is moving away from cash and towards digital payments. Why would you carry around a bunch of coins when you have a mobile phone? Also, the cost of any bitcoin-"loaded" coin will always be higher than the value it carries. That's a very bad premise for cash.
Having said that, I
do like physical bitcoins and I think they may be a good storage of value for some. In the case of all the implementations so far, I don't consider them "safe", since you always have to trust the producer. I can think of ways to work around that, but they are extremely costly and may just not be worth the effort.