Nested encryption doesn't change anything. The nested encryption scheme would have to be perfect as well, which is also a bad assumption.
Even if you assume your crypto scheme is perfect you are still giving adversaries unlimited access to brute force your key.
For security conscious parties (corp, gov, mostly) encryption is a failsafe when other layers of physical security fail. No one is trusting encryption to be their sole means of securing their data.
Not to mention that if you put data on an untrusted system you lose the ability to track break attempts and detect breaches if they do occur.
> The nested encryption scheme would have to be perfect as well, which is also a bad assumption.
If that is true for your security model, then encryption is always pointless for you[1]. Later on, you mention "security conscious" parties, which means you understand that security is a cost gradient, meaning one size doesn't fit all, and less-than-perfect assurance has value in some contexts.
Do I think the DoD is going to move all their storage to this? That would be idiotic. Do I think there is an achievable scheme like this that is "good enough" for a variety of use cases? I think the answer is pretty clearly yes; the difficulties of actually realizing it are elsewhere.
> If that is true for your security model, then encryption is always pointless for you
I don't think that is true.
If your first line of defense is physical security that doesn't mean you don't use crypto. The person who can break your physical security can't necessarily break your crypto. Even if the crypto isn't perfect it may be good enough.
The point is that no one in the real world relies on crypto only. Everyone has a physical security layer and then crypto. That is just a fact of how corp, gov, and concerned individuals manage their data.
A distributed network with untrusted peers would radically change the accepted security model and in a way that I don't think any qualified decision maker would accept.
So maybe you can get consumers to use the network for the same thing they use Backblaze for, but Backblaze is already hella cheap, and I am pretty sure the distributed network will be more expensive, so where is the value prop to the people who don't care or aren't knowledgable about security?
I think we have some conversational difficulties (using words differently, perhaps different understandings of what's going on) that is making it hard to have a decent discussion, so I'm going to conclude with where I think we agree.
Some system roughly like this has potential use cases, even if it may be unsuitable for others. While I wouldn't expect a public company to store their financials in it, there is a lot of data that is held less tightly out there.
And more speculatively, "The street finds its own uses for things." Who knows what obvious-in-restrospect thing emerges. Maybe after 10 years and some evolution, commercial software and data systems live in a system like this and purchases are ledger operations, so the user-base of a given product becomes the distribution platform.
For (2), there's nothing preventing nested encryption, if your threat model dictates.