The main design weakness that I perceive in Bitcoin is its reliance on the hardness of SHA-256 for the entire accumulated Proof-of-Work. If someone were to break SHA-256, the entire 14 years of Proof-of-Work would become invalid all at once. And that PoW is what protects the entire ledger, so to avoid having the whole ledger rewritten, Bitcoin would probably have to use a kind of "official snapshot" to preserve the original transaction history, which seems awful.

In my opinion, there should be multiple hashing algorithms interleaved, so that if one is broken, the Proof-of-Work chain largely remains standing while replacement algos are added.

The responses that I've received to this, is that I don't know how the cryptography field works (which is true) and that SHA-256 can't be broken just like that - that "we would know" because such hash functions don't get broken in one step, but weaknesses are revealed over time. I doubt this - we would know if an *academic* finds weaknesses because they would publish to get famous, but if a government breaks it, how would we get advance knowledge of it?