Lane A (attestation-based, permissionless) slashing can only expel committee members down to M+1 active members, not M. This is a mathematical constraint: to slash the (M+1)-th member, you need M non-accused active voters, but once that member is expelled, only M remain, which is fine. However, to slash when exactly M members are active, you need M non-accused voters but only M-1 are available (since the accused is excluded).
This means Lane A alone cannot trigger E3 failure. The final slash that would bring active members below M must come via Lane B (evidence-based, SLASHER_ROLE).
| Active members |
Non-accused voters available |
Votes needed (M) |
Can slash via Lane A? |
| N |
N-1 |
M |
Yes (if N-1 ≥ M) |
| M+1 |
M |
M |
Yes (barely) |
| M |
M-1 |
M |
No |
If there are exactly M active committee members and one is malicious:
- Decryption will fail (M honest shares required, only M-1 available)
- The malicious node cannot be slashed via Lane A (not enough honest voters)
- The E3 should be failed, but Lane A can't trigger it
- Without Lane B, the malicious node gets away without penalty
Lane A (attestation-based, permissionless) slashing can only expel committee members down to M+1 active members, not M. This is a mathematical constraint: to slash the (M+1)-th member, you need M non-accused active voters, but once that member is expelled, only M remain, which is fine. However, to slash when exactly M members are active, you need M non-accused voters but only M-1 are available (since the accused is excluded).
This means Lane A alone cannot trigger E3 failure. The final slash that would bring active members below M must come via Lane B (evidence-based,
SLASHER_ROLE).If there are exactly M active committee members and one is malicious: