Incorrect. Bitcoin isn't "backed by electricity". You can't turn Bitcoin back into energy. The energy is used to secure a distributed ledger to prevent double spend attacks on ongoing transactions, in a really inefficient way, but don't call it "backing".

PoS will succeed. It already has, we've set all the pieces. The thing is, you don't want to live in a world where Bitcoin and PoW dominate our financial transactions. That world is not livable.

Bitcoin transactions are secured by spent electricity. PoS transactions are secured by cryptographic signature schemes and reputation of operational security. It's how the world already functions, just more replicated.

It takes a cryptographically provable amount of energy to reverse a Bitcoin transaction, and that amount is equal to the money spent on electricity mining blocks that confirm a transaction.

Proof of Stake systems have no equivalent. They operate by trusting the staking parties are not colluding to create an alternate history. But if they do decide to collude, there is little thermodynamic cost to rewriting history.

It's a fundamentally weaker system, and one that depends on trust. The whole value of proof of work is that it allows you to escape trust.

PoS as well as PoW depend on the assumption that a majority (either in terms of value invested in hashing power or invested in tokens) of the network is following the rules. If you try to double spend in a PoW system you are betting your current electricity usage on a new block becoming the longest chain and in a PoS system you are betting the tokens themselves - from an economic point of view those two systems are indifferent (if your attempt doesn't succeed you have wasted either electricity or tokens). Collusion can happen in both cases. PoS systems introduce new (probably yet unsolved) problems but they aren't inferior from an economical point of view imho.

No, in a proof of stake system collusion to rewrite history is essentially free.

In a proof of work system, even if you collude you still have to spend a non-trivial sum of electricity to create that alternate history. Electricity that would be making you money via the block reward if you were using it honestly.

It is provably more expensive to reconstruct history in a PoW setting, even when everyone is happily colluding.

Whether it is more expensive or not is irrelevant. If a majority of the network (either in hashing power or number of tokens) decides to collude and start modifying network states for their own benefit then they will ultimately succeed. You argue that in a PoW system rewriting older blocks is more difficult than in a PoS system but that doesn't matter, because when a majority of the network becomes hostile and starts blocking all of your transaction attempts then the value of your coins immediately goes to zero. In a PoW system the records of your older transactions might be around forever but that's little more than damage control.

In such an adversarial environment proof of stake even has advantages over proof of work. If in a proof of work system a majority of the network starts to double spend or censor transactions, what can you do? You are essentially powerless because any fork (that tries to fix their malicious blocks) can be quickly taken over by the colluding miners. However in a proof of stake system you could simply fork once and destroy/invalidate all the tokens of the malicious miners.

If you are resorting to a hardfork to manage malicious actors, you can always change the proof of work algorithm, which would damage the malicious miners to a tune of billions of dollars in bitcoin.

Rewriting a year of history in a proof of stake system takes a couple days on consumer hardware. Rewriting a year of history in Bitcoin is going to require burning a literal hundred million dollars of electricity, if not an order of magnitude more.

In a proof of stake system, typically less than 30% of participants by coin amount actually do the proof of stake. And that's for systems that don't require you to bond coins for months. Exchanges frequently control that many coins. And if an exchange abuses their power, are you going to burn the coins of every single person using the exchange?

It gets worse than that though. You don't need current coins to attack the system. You only need old keys of coins that you sold. After you sell your coins, why wouldn't you sell your keys to an attacker too? If the attacker is paying for the keys, and you sold the coins anyway, there's nothing to lose for you.

Or an exchange can rotate their coins to new addresses and use the old coins to attack the system.

How is it more difficult to rewrite history in pow? Maybe only if you want to stick to the same exact algorithm going forward. But a modified node can do whatever it wants, including rewriting the blockchain from the beginning to use a different hashing scheme, making custom exceptions for individual block numbers, etc. It all depends on how the modifications align with the incentives of the coalition and user base.

51% coalitions can also create alternate histories in PoW by agreeing to run a modified version of the client. There is negligible thermodynamic cost to rewriting history when you control a majority of the nodes.

Pow is really an incentive system to keep selfish miners flocking to one chain, by making betting on one chain more profitable than betting on lots of chains at the same time.

The PoS challenge is to do the same without the egregious amounts of wasted energy, by making miners bet their money directly, instead of indirectly through their computers and electricity.

Running a majority of the nodes does not give you the ability to arbitrarily decide to accept an alternate history. One of the big value adds of bitcoin is that every node can decide on its own, without consulting other nodes, whether a transaction is valid or not.

There is absolutely a thermodynamic cost to reversing a transaction in bitcoin. Having the miners run an alternate client doesn't change that.