sinahab
commented
6 years ago More context on the attack: the attacker knows the total amount of deposits the altruistic verifiers have available. Therefore, it creates enough claims to bond all these deposits, and then some more. These extra claims will go through unchallenged.
The solution to this is to limit the number of parallel claims.
This solves the attack below: Our default client verifiers will have limited and known deposits available. An attacker could submit many claims, so many that all verifier deposits are locked up, and their other claims go unchallenged.