Red Alert: Network will get hacked if bad actor count is more than 2/3 of total validator set size

[ghost]

In this method/line, if the majority of malicious nodes in the network is more than 2/3, I don’t see any mechanism which will prevent the network from being controlled by malicious actors.

The protocol seems to have a massive flaw at this stage where bad actors can take control of the network anytime and good users will lose control of their funds as a consequence.

How did the Hacken audit go through with such existing flaws? I have not seen any report regarding this anywhere. Clearly the library is not ready for production yet. It’s a scam at this stage.

[lyulka]

State machine replication algorithms guarantee safety as long as the number of byzantine adversaries is under some threshold (e.g., Bitcoin's threshold is 50%). HotStuff and similar algorithms (e.g., PBFT) have a threshold of 1/3rd. If the number of byzantine adversaries is more than 1/3rds, the algorithm no longer guarantees liveness and/or safety. This is just a fundamental limitation of state machine replication algorithms generally.

There are plenty of resources online that you can read to understand state machine replication better. Decentralized Thoughts has a very complete collection of articles on consensus algorithm-related topics.

[ghost]

These limitations exist in theoretical SMR algorithms. For a production ready system, the library by design is expected to protect users from malicious adversaries. Every other consensus algorithm implementation provides solutions to secure users in case adversary count is in majority. At least slash them? Perform network partitioning? None of these techniques are defined here.

Rather than accepting and adding ways to address a "theoretical" limitation, you are clearly trying to avoid protecting users of this library. Your action to change such an issue to closed and your comment is not acceptable.