Unfortunately the safety and liveness treshold for classical synchronous consensus is 1/3. You need 2n + 1 good nodes/stake/hashpower in order to tolerate n faulty nodes. When there is 33% malicious stake than the byzantine fault tolerance property is lost.
The Last irreversible block (LIB) as Larimer calls it is the block which has 2/3 majority consensus behind it. As long as 2/3 are behind the LIB there will be no node joining a fork which is not build on this LIB. But hey why should Sun care about this
I am not technically competent enough in the field to have been aware of that prior to your comment. I deeply appreciate learning this new information to me.
In order to clarify my understanding, 1/3 stake is capable of preventing a Hf even if 2/3 of the top 20 agree on it? AFAIK it takes 17 of the top 20 witnesses to agree on a HF, so it seems if 100% of the vested stake on Steem were voting on witnesses, 1/3 of it being hostile to a HF would prevent consensus. Correct?
Thanks!
yes you was right but it is 17 nodes to prevent a fork not 17 nodes to initiate a fork. 17 is what comes next to 2n + 1 which is basically >75%. 16 (or more correct 15,75) nodes is 75% and since there is no 1% of a node it needs 17 nodes for honest majority.
So over 1/3 is capable of initiate a majority fork. As long as it is up to 1/3 it is only a minority-fork which will die quickly.
The confusing part is that forking in dPOS is not the same as in Bitcoin. If we want to be free we could easily set up a new independent system, but as you have mentioned, this is not how things are intended. The best way realy is to re-elect. dPOS can be compromised by a 1/3 + 1 "Majority" but it will still run in a pending state, so that we only need to concentrate our stake to the running/remaining honest nodes.
Imma keep my eyes peeled @lauch3d! Thanks for the primer. I'd probably never have understood how this worked without your help.
Thanks!