Explain why we're more confident in Crosslink security vs the other hybrid construction candidates

[nathan-at-least]

Suggested Improvement

Some of this text may already be covered in the Crosslink docs, so this would be resolved by #85.

[nathan-at-least]

The Zcon4 presentation hybrid construction was hand-wavy, but I believe it's useful to define it more clearly and compare it.

My attempted distillation is:

Add a BFT protocol which finalizes only PoW block headers, ensuring that each finalized block is a direct descendent of the prior finalized block. Additionally, full nodes must reject any rollback that rolls back a finalized block in their fork-choice rule.

This is hopefully fairly straightforward to describe and fairly simple, and then we can describe some security flaws that motivate Crosslink.

[daira]

Why a direct descendant? Or do you just mean "descendant"?

[daira]

BTW, I think that directly copying Ethereum's Gasper is also a plausible option. In any case we may want to take some ideas from Gasper.

[nathan-at-least]

Why a direct descendant? Or do you just mean "descendant"?

I didn't think about it much, but just assumed gaps may be dangerous because they present more PoW rollback branch points… It might be fine.

I propose we see if we can analyze security in broad strokes glossing over whether or not finality descendants are restricted to direct or not, because if broad-strokes security flaws don't depend on that distinction we can save time by not sorting it out. OTOH, if we find that it could matter (in so far as motivating Crosslink), then we should dig deeper to ensure the motivation for Crosslink holds.