At least we know an upper limit on how many coins can be used to attack. 2^32.
But of course the real number will be a lot less and estimating this would be at this stage is in the realm of back of the envelope maths. For example if done early on and one could argue this is the most vulnerable time while the network is smallest, the number of coins maximum available will be on the order of 30 million since that is/was the largest single holding of MAID. Then we could work from there.
But at this stage we have no good metrics of consensus speeds and even less knowledge of coin transaction speed.
We do know that if you try to spend the same coin too fast then different sections will be trying to operate the one coin and at some point consensus will not be reached and the coin unmoved or lost depending on exactly what David was thinking of. So any attacker would have to wait for confirmation of the coin transfer before trying to operate that particular coin again.
That attacker would have to be extremely lucky to have “sequential” (XOR wise) coin addresses, so we can assume a certain amount of randomness as to sections being called upon to handle the 30 million coins. And randomness as to how many coins are handled by each section. I’d expect some sections are handling many times what some others are handling. Then if the attacker is so “lucky” to have coins handled by one or two sections then they should give up the idea and buy a lottery ticket. Of course if that were the case then the rate limiter would kick in too which is not dependent on the number of people attacking since the section is inherently limited by the number of transactions they can do anyhow and the coins are just queued up with requests being rejected before even tried if too many.
I do have some ideas to help with this but would love to get some time to talk with David about them. Some of the ideas others have had would go a long way to help, but might go against the grain of the design goals that David had or just not work with the current design.
And last but not least any such attacker has to be “wealthy” to be able to have any chance of a coin transaction attack. Which is why division cannot be done some ways because of the spam attack potential.