Why would the plasma contract allow the same coin / range of coins to be successfully withdraw multiple times? The whole point of the plasma cash design is to segregate deposits in such a way that this cannot happen.
in which case challengers can run out of money fast tied up in challenges
If the plasma chain is functioning correctly (only valid and available blocks are committed), there is no need to make challenges that do not immediately succeed (proof: the only invalid exits possible are exits of spent coins, and those can be challenged and cancelled by showing the spend of the coin). Hence
- assuming the child chain mechanism does not get compromised, there are no serious attacks possible against users (the “tie money up in challenges” attack is not possible) in plasma cash; this is no worse than in gluon
- assuming the child chain mechanism does get compromised, a “tie up money in challenges” attack is possible, but this is no worse than in gluon, wherein users will lose money
If the child chain is compromised, the chain should halt immediately in a POA model
When I say the “child chain mechanism” I mean all things not enforced by the plasma contract, including the blocks committed and the outcome of the token vote. Hence the hypothesis of this case analysis is that the PoS block producers maliciously commit invalid/unavailable blocks and also that the token vote to stop them does not happen or does not pass the 10% threshold.