> The chains share state right up until the fork point.
I’m not talking about forks. I’m talking about completely different, but valid, chains.
> A staker/miner can chose to not include proof of his own wrongdoing, but that will not prevent others from creating an alternative fork which does have that proof.
This brings us back to the initial problem: how do we agree on which chain is the canonical one?
Also, what’s the timeout on this event happening? Unless there’s a timeout — at which point a fork changing history is ignored — some transactions in the chain remain unsettled because a fork might appear which invalidates them (because they originated from coins that were staked by a now-proven-fraudulent staker).
> I’m not talking about forks. I’m talking about completely different, but valid, chains.
Typically block zero is signed by the developer of the client, so there is no such thing as completely different, but valid, chains, as there is always a fork point.
I’m not talking about forks. I’m talking about completely different, but valid, chains.
> A staker/miner can chose to not include proof of his own wrongdoing, but that will not prevent others from creating an alternative fork which does have that proof.
This brings us back to the initial problem: how do we agree on which chain is the canonical one?
Also, what’s the timeout on this event happening? Unless there’s a timeout — at which point a fork changing history is ignored — some transactions in the chain remain unsettled because a fork might appear which invalidates them (because they originated from coins that were staked by a now-proven-fraudulent staker).