It's very complicated to articulate exactly who can block Bitcoin transactions. The traditional simple answer is that "a majority of mining power" can block an individual transaction by refusing to include it in blocks.
However, they have to be pretty committed to this, because if someone outside of the group does eventually mine a block that contains the censored transaction, the group members also have to be willing not to build on that block, and to trust each other not to do so. Just agreeing not to include the transaction in blocks themselves would be insufficient.
At that point there are complicated questions about how stable and credible the arrangement will be, since systematically avoiding building on certain mined blocks involves slowing down the consensus slightly, and also trusting that the eventual consensus will exclude those blocks.
If, say, 51% of mining power committed to censoring one particular transaction, that might yield an effective fork of Bitcoin for some period of time because the other 49% might gamble on their ability to get their rival blocks accepted in the long term (or, if they didn't know about the 51%'s policy, not see any reason why they shouldn't simply build on what appeared to be the longest chain!).
I think it's great to think about weaknesses and corner cases, but you're being too generous/imaginative here.
A pithier version would be: it's infeasible to censor transactions and if a nation state spent enough to try it, it would indeed be noticed and the community would fork.
I agree, but the more forks, the less value that currency has. And if a nation state actor did block, it would shake confidence in the currency and be at least temporarily disastrous.
The economics of bitcoin and all alt coins mean some company will have the most efficient solution long term and thus mine far more than 51%. And once someone can mine 80+% of a block chain they can do what they want with it.
PS: Add up the Chinese pools and one country effectively already controls bitcoin.
For those out of the loop, miners work together in pools to combine their mining power. With more mining power, the more likely it is for them to mine a block (of the blockchain) and divide its payout among members of the pool. Pools cause centralization of mining power. You can see a list of pools and the percentage of their mining power at [https://blockchain.info/pools].
Looking at the chart, you can see that the top 5 mining pools can collude in being a single entity to "control" the blockchain (I believe this is called a Sybil attack [https://en.wikipedia.org/wiki/Sybil_attack]). Now keeping incentives in mind, the idea is that people using bitcoin have faith in the system. That gives bitcoins value. Miners get paid in bitcoin. If they were to manipulate the blockchain, that would most likely cause bitcoin's userbase to lose faith in the system and thus what the miners would be stealing would suddenly have little to no value.
I'm not positive, but I recall hearing that pools have been intentionally been made smaller to keep users' faith in the system. Perhaps the goal of these majority mining power is not to steal bitcoin but censor certain users? That may be a bit more complicated depending on the users' opinions on a case-by-case basis. Fun stuff :)
A Sybil attack is unrelated to consensus, but otherwise what you said is accurate.
A Sybil attack can occur when a system designer mistakes a system identity to be exclusive with other ones. e.g. you could create a website that used a phone number as a user identifier and give every new user a $5 signup bonus. But if someone found a way to create valid phone numbers for less than $5 each, they could exploit your new user bonus system.
If it's free/cheap/easy to create new identities, you must be careful how much weight to give those identities. e.g. reddit has some problems related to how easy it is to manipulate voting. They have probably made changes to their algorithm over the years to deweight new/unverified users and likely other clever things to detect voting rings.
However, they have to be pretty committed to this, because if someone outside of the group does eventually mine a block that contains the censored transaction, the group members also have to be willing not to build on that block, and to trust each other not to do so. Just agreeing not to include the transaction in blocks themselves would be insufficient.
At that point there are complicated questions about how stable and credible the arrangement will be, since systematically avoiding building on certain mined blocks involves slowing down the consensus slightly, and also trusting that the eventual consensus will exclude those blocks.
If, say, 51% of mining power committed to censoring one particular transaction, that might yield an effective fork of Bitcoin for some period of time because the other 49% might gamble on their ability to get their rival blocks accepted in the long term (or, if they didn't know about the 51%'s policy, not see any reason why they shouldn't simply build on what appeared to be the longest chain!).