Do I understand this correctly: if Bob transfers his coin to someone else and then attempts to fraudulently exit to the root chain, anyone including the operator can challenge the exit and claim the bounty (assuming transaction data is available normally from the operator).
In the implementations I could find, only information similar to this seemed to be required to challenge an already spent exit, all of which I understand should normally be publicly available to all observers:
function challengeSpent(uint coin_id, uint blk_num, bytes tx1, bytes proof)
So as long as there is at least a single honest observer, users do not realistically have to check the root chain every week since the bounties incentivize third parties to do this monitoring. This would seem like a much more friendly situation for end-users, especially if they have only sporadic access to internet for example. Would this seem correct or am I totally on the wrong track here?