Safety of insta_finalization when deposit doesn't exist

[lounlee]

Though this might be 'too much worrying', I'm wondering about safety before deposit is deposited.

According to simple_casper code, it seems deposit_exists() is False at least 3 epochs from the initialization(2 epochs for start_dynasty in deposit, 1 epoch for the change in total_prevdyn_deposit), and the epochs are insta_finalize()d.

I understood this as it would be finalized even if some attack happens to PoW chain within the epochs without any verification by validators.

I think this risk could be solved in some way, like initializing casper contract with initial validator node run by core team, which works only for a while(until it has enough number of validators). Or we could postpone the finalization until we have enough validators.

[djrtwo]

Clients will set a NON_REVERT_MIN_DEPOSIT locally that decides the amount of ether that must be deposited for them to consider a checkpoint actually finalized. The contract state might be finalized, but the local fork choice rule will see these were trivially finalized with little or no deposits and will not write the checkpoint as finalized to their local database.

[lounlee]

Oh, I see. I missed that point. Thanks for the clarification and sorry for bothering you!

[djrtwo]

It is discussed in the Implementation Guide and will be in the upcoming EIP.

Thanks for the code review! We appreciate any review/questions :)