Sure, but unless the 1000 nodes the attacker owns do something useful for actually routing data, you only need to route to one non-censorious node with the same capabilities who, despite being only one node, will have the greater ability to get that transaction into a block by simply not Sybilling it or Sybilling it less. If the Sybil and honest node truly are otherwise equal, the non-Sybil always gets the transaction into a block first.

Stepping back: you don't even need to trust initial hops based on their identity - they can offer proof of how many hops their routing chains accumulate by showing users those transactions, linked to historical blocks, which are expensive to fabricate.

You can use a succinct commitment scheme to prevent would-be Sybils from only sharing their 'well-routed' transactions: A node commits to a Merkle Tree header hash, and the user is allowed to randomly sample from branches in the tree.

A user expects to be provided with their random sample and see that:

1) The transactions are from a sufficiently 'worked' on chain which is prohibitively expensive to fabricate.

2) The transactions involve the router committing to the Merkle Tree.

3) The transactions involve less hops than other routers the user is sampling transactions from.

The Sybil you are describing now must divide the size of their Merkle Tree sampling for every new identity they wish to inhabit - and if they are in fact consistently Sybilling users, will be forced (statistically) to reveal their excess hops.

What you describe is still very inconvenient for users - to have to sort through all these nodes and compare their samplings, but it is at least a demonstration that this Sybilling behavior is not sustainable. I tried to assume the worst case scenario (related to your concern) when devising the above scheme.

The attack vector you are describing doesn't work. If an attacker owns 1010 nodes and collects inbound transactions on 1010 nodes, then they have to relay those transactions to a second-hop block producer, which halves the value of those transactions for creating blocks.

And even then they could not orphan the work produced by other nodes profitably, which would be possible in POW and POS. So at best you have an inefficient strategy for maximizing routing work, but no profitable attack based on it and a strong incentive to behave honestly even if you have a majority of work.

> However depending on the architecture that is the only motivation needed and depriving others of rewards; in the long term this could result in centralization of routing nodes (by control) and finally censorship.

Highly recommend reading the original paper (!!) as the "depriving others of reward" concern you have is exactly what is solved through sybil-proofing. So the solution addresses your concern directly -- nodes share because it is profitable for them to do so, and it is profitable for them to do so because others cannot deprive them of their due reward without losing money. If we are both nodes then I'll give you my TX flow because the only way it has value to you is if you figure out a way to get it confirmed faster than I can.

> how does the entire network agree on the minimal routing when there are many routes with the same 'depth'

A good technical analogy is to think about how POW works, but have users attach a difficulty-hash to their TXS instead of a fee. Have nodes "collect" those hashes to meet aggregate difficulty requirements. And now have consensus halve the "measured value" of the tx-embedded hash for each hop in its routing path. Early-hop nodes in this system will have a similar statistical advantage producing blocks.

The POW analogy suffers from attack vectors that are not possible in the sybil-proof mechanism, but it should give you a sense of what is happening. An attacker can create 1-hop routing work using their own money, but in that case they are making blocks with only their own wallets and pay the costs of hashing/burning to release payments entirely out of their own pockets.