Corner case for last irreversible block

[theoreticalbts]

EOS describes an issue where different sides of a (highly unlikely) network split can put LIB on different branches. (Basically the scenario here is that 2/3+1 are honest, but switch sides in a network split.)

There are a few different possible solutions here:

Witness reporting

One solution proposed in the EOS ticket is to require witnesses to report when they produce on a fork. Which means a lot of new plumbing (adding a header extension and implementing for witnesses some extra-consensus data store of which forks they've seen), and imposes IT burdens on witnesses (the witness must ensure this data store migrates whenever they switch nodes, which is difficult to do reliably if the migration is e.g. an automatic failover from a dead node.)

This is not really feasible.

Double irreversibility

EOS independently re-invented the concept of double irreversibility described here and suggests renaming the thing Steem calls "double irreversibility" to simply "irreversibility," and using it to set the undo threshold.

Discount missing witnesses

For the purposes of computing irreversibility, don't count witnesses that haven't produced at least N blocks in a row without missing.

[abitmore]

There are still corner cases that 2 consecutive productions can't guarantee no future switches, mostly due to shuffling at the start of a round. Perhaps 3 blocks would be enough? But if there are missing blocks, one witness can produce more than one block in a round.

Another thing is witness list can change due to voting.