How secure is a MonetaryPolicy that is parameterized by a PubKeyHash

AFAIU, a PubKeyHash is the hash of a public key, which a public address is derived from.

When I have a policy like this …

I wonder what level of security that would provide. For example, is it possible for an adversary who knows a plausible set of public addresses to derive a set of corresponding PubKeyHash? Would it therefore be possible for this adversary to mint tokens based on the PubKeyHash? I guess not, because mkPolicy requires the minting Tx to be signed by the owner of the PubKeyHash.

In Cardano, how does a PubKeyHash relate to an ADA address?

The PubKeyHash is only an identifier. Anyone can know you PubKeyHash as soon as you publish the transaction. What matters is txSignedBy, only you have the key to sign the transaction, that is why others cannot mint token.

The security of this monetary policy depends on the person, not on Cardano. If you just like to print money, is not secure for anyone to hold funds in your currency, as you just dilute the funds. If you don’t secure your key and others get access to it, same fate.

To the second question. It is probably like in bitcoin(copy the good). The hash is embbeded in a set of instructions that tell the validator node to check the signature given the public key and its hash, then you make a checksum to validate integrity and encode it. Maybe as in segwit it is just the hash and a version number. As the paytopublickey is a very common operation and saving some space in the blockchain pay over the long term.