Usually the proposers of a system define some security/consistency garuntees that they think their system meets, followed by some arguments why that is true. Users can then decide if these properties meet their needs.
"51% attack" is an attack. The corresponding security property would be something along the lines of "A malicious party that controls < 50% of the network hash power can make a transaction that is confirmed by the network n times and then make another conflicting transaction on an alternative chain, and have that chain eventually become the canonical chain, with probability negligible in n" (i probably messed up details but that is the gist).
A consistency garuntee isn't a specific attack, but the general properties of the system, what it can do and what it cannot do. The fact that nobody has done a double spend is pretty meaningless. We don't know if that's because nobody has tried/cared or if that's because its really hard.
To put it another way: say there were two engineers who designed two bridges. Someone asks the engineers, is your bridge safe? Engineer 1 says: we made a careful design and extensive testing, as long as no more than 100 tons is on the bridge, it won't collapse. Engineer 2 says: the bridge has been there for 5 years. In that time not a single person has died from the bridge collapsing on them. Which bridge would you trust more?
I think you're fixating a bit too much on the medium rather than the content. It could be a whitepaper, it could be a forum post, it could be a message written in the sand at the beach.
That said, the whitepaper does contain arguments in that direction. It would be nice to see more in depth formal arguments though, as well as some independent analysis.
"51% attack" is an attack. The corresponding security property would be something along the lines of "A malicious party that controls < 50% of the network hash power can make a transaction that is confirmed by the network n times and then make another conflicting transaction on an alternative chain, and have that chain eventually become the canonical chain, with probability negligible in n" (i probably messed up details but that is the gist).
A consistency garuntee isn't a specific attack, but the general properties of the system, what it can do and what it cannot do. The fact that nobody has done a double spend is pretty meaningless. We don't know if that's because nobody has tried/cared or if that's because its really hard.
To put it another way: say there were two engineers who designed two bridges. Someone asks the engineers, is your bridge safe? Engineer 1 says: we made a careful design and extensive testing, as long as no more than 100 tons is on the bridge, it won't collapse. Engineer 2 says: the bridge has been there for 5 years. In that time not a single person has died from the bridge collapsing on them. Which bridge would you trust more?