i think i have come up with a way to prevent dos attacks on a fawkescoin network. the private key in the txout being spent must consist of two components which are then hashed separately and concatenated. then one of these can be revealed when broadcasting the transaction hash to the network, while keeping the other secret for the transaction validation after the safe number of blocks.
so the new steps are:
1) i generate some private keys (just large random alphanumeric strings)
2) each address is derived from two private keys, like so: addr = base58(hash(pk1) + hash(pk2)) where "+" is just concatenation.
3) i create a transaction string (tx1) which has:
- input scripts consisting of private keys (pk1 only) which evaluates to the first half of the previous transaction's output addresses
- hashes and indexes for each txin to locate the previous txouts
- output elements containing bitcoin values and recipient addresses
4) i hash tx1 to get tx1hash. now create tx2 = tx1. replace all private keys (pk1) in the input scripts of tx2 with pk2, place tx1hash at some known location in tx2 - probably using opcodes to specify it within the first input script.
5) i broadcast tx2 to the network. miners confirm that it is valid because the now fully visible private keys (pk2) in the input scripts of this transaction each reveal half of every output address in the specified txouts from past transactions. so this transaction gets added to the blockchain.
6) i wait for a safe number of blocks to be confirmed on top of tx2 then broadcast tx1 with the private keys (pk1) fully visible to all.
7) miners confirm that the hash of tx1 indeed evaluates to the input script of the first input of tx2 and so they include tx1 in the blockchain aswell
as per standard bitcoin procedure, the recipient(s) of the funds from this transaction should wait a safe number of blocks before spending to ensure their received funds exist on the main blockchain