The paper defines a supermajority link as a link which 2/3 of validators voted on. Then it proves safety under the assumption that less than 1 / 3 of validators violate a slashing condition. I was wondering if these numbers are arbitrary, so I did a little handwavy calculation:
Let’s define the supermajority as M and the fraction of honest validators h. For a given M we want to find the smallest h that is necessary to justify two supermajority links with, e.g., the same target number. In the worst case, the honest validators distribute their vote 50/50 on both links. 1 - h are dishonest and vote on both links. So the total vote on each link is h/2 + (1 - h) = 1 - h/2. We’re looking for the security bound, so we set M = 1 - h/2 and solve for h = 2 (1 - M).
Some example cases to consider:
- If M = 2/3 then h = 2/3 (that’s the case that is used in the paper)
- If M = 1/2 then h = 1 (so all validators have to be honest)
- If M = 1 then h = 0 (almost no one has to be honest if we require all to agree)
- If M = 60\% (some random number), then h = 80%
So if I’m not missing something (which is entirely possible) the chosen M and h really seem to be arbitrary. I’d change that or at least mention it in the paper as
- having another security parameter to tune is nice
- the relationship between h and M is not immediately obvious (it is not M + h = 1 as one might think if one sees the numbers 2/3 and 1/3), so readers might misunderstand the proofs