Move docs to spec

2025-12-09 04:39:24 +00:00 · 2024-03-11 17:55:05 -04:00
parent 0889627e60
commit a3a009a7e9
20 changed files with 0 additions and 0 deletions
--- a/Exclusions.md
+++ b/Exclusions.md
@@ -0,0 +1,23 @@
+Upon an issue with the DKG, the honest validators must remove the malicious
+validators. Ideally, a threshold signature would be used, yet that would require
+a threshold key (which would require authentication by a MuSig signature). A
+MuSig signature which specifies the signing set (or rather, the excluded
+signers) achieves the most efficiency.
+
+While that resolves the on-chain behavior, the Tributary also has to perform
+exclusion. This has the following forms:
+
+1) Rejecting further transactions (required)
+2) Rejecting further participation in Tendermint
+
+With regards to rejecting further participation in Tendermint, it's *ideal* to
+remove the validator from the list of validators. Each validator removed from
+participation, yet not from the list of validators, increases the likelihood of
+the network failing to form consensus.
+
+With regards to the economic security, an honest 67% may remove a faulty
+(explicitly or simply offline) 33%, letting 67% of the remaining 67% (4/9ths)
+take control of the associated private keys. In such a case, the malicious
+parties are defined as the 4/9ths of validators with access to the private key
+and the 33% removed (who together form >67% of the originally intended
+validator set and have presumably provided enough stake to cover losses).