Comment by basilikum

I'm not commenting on the Bitcoin economics, but on the specific problem of a partial hash inversion which Bitcoin uses. If any amount of compute you can bring up would grant you any significant amount of information about the likelihood of a (partial) hash inversion for an untested input in your search space by means of having searched a significant amount of the search space, SHA256 would be broken.

In hopefully simpler words; You want to find a hash with all zeroes. So you start trying inputs from your search space and hash them to see if they match that criterion. Every single input you try has the same probability of matching. After trying a lot of inputs you have exhausted a part of the search space. You have already tried many incorrect inputs. At some point if you keep only trying incorrect inputs you should have exhausted the whole search space and the last remaining possible input has to be the correct one resulting in an all zeroes hash. So the probability of the next hash being the correct one should go up during your search as you learn information about the remaining candidates in the search space. If this information is in any way significant in practice with any feasible amount of computing power, the cryptographic hash function is insecure. Of course with Bitcoin you aren't searching for a full hash inversion with all zeroes but only for a partial one starting with some zeroes, but that does not change the fundamentals. It should be infeasible to learn any significant information about the output of untried inputs by trying other inputs.

If SHA256 was to be broken in that way, we'd be in big trouble and Bitcoin would be the least of our worries.