[wmf]

I think you're assuming some kind of broken strawman version of Filecoin. (Edit: This wasn't really justified, see below.) The price of retrieving data needs to be agreed ahead of time and nodes that refuse to provide data need to lose collateral. Ultimately there's also replication/erasure coding so that one node can't hold your data hostage (but it would be worrying if evil was a dominant strategy because then all the nodes might hold your data hostage at the same time).

(Also, for step 3 I think proofs of storage are supposed to be calculated continuously, not once. So you'd be constantly reading data from S3.)

[hathathat]

I'm not sure why you say it's a strawman? The whitepaper[1] says that an ask order on the storage market is just (space, price) -- no mention of the cost to retrieve the data. Similarly, the storage market protocol (Figure 11) doesn't mention losing stake for failing to provide the data on demand (it only mentions losing stake for failing to post proofs).

[1] https://filecoin.io/filecoin.pdf

[wmf]

I admit that the concept of retrieval miners makes no sense to me since it seems like they would have to be the same as the storage miners. It is worrying that the whitepaper says "we must assume that there is always one honest Retrieval Miner"; you can't assume honesty without incentives.

In general, I don't take the Filecoin whitepaper too literally. There are a lot of aspects of it that will probably have to be changed. I think the Filecoin ICO (which I didn't participate in BTW) is more of a vote of confidence on the team, not any specific protocol.

[xorcist]

Collaterals can be tricky. For how long is this collateral held? It could potentially be years until the data is retrieved.