TL;DR: the random beacon threshold should probably be set to reflect a stake larger than the maximum Byzantine stake.

We need to choose the random beacon subset size n and the corresponding threshold carefully

We can derive the probability of having $x$ or less faulty actors out of a sample $n$ drawn from a total consensus population $N$ with $N = 3f + 1$ , and $f$ the number of Byzantine actors. It is:

$P = CDF_{hg}(N, \lfloor N/3\rfloor, n, x)$

Where $CDF_{hg}$ is the CDF of the hypergeometric distribution [HMW18] [toy spreadsheet]

And we should choose $n, x$ so that this probability is higher than an acceptable failure threshold $1 - p$ on the whole process (what's reasonable for the failure probability $p$ depends on epoch length).

Notes:

• we cannot choose $x ≤ \lceil n/2\rceil$, or we would lack a proof of robustness of the initial DKG in the synchronous setting [GJK07].
• often for n sufficiently large, $x = \lfloor n/2\rfloor+1$ is often suitable (but please check the details, this is just a ballpark)
• The probabilistic ****statement is made in number of discrete nodes, not in amount of stake. How to translate one into the other is TBD.

Action Items:

• Check if we are comfortable with this analysis (see the next section).
• Choose a max failure probability $p$.
• Figure out how things map between node counts and node weights.
• Pick an $n$ and $x ≥ \lfloor n/2\rfloor +1$ such that $P > 1 - p$.

If we are in the end comfortable with this approach, whether or not we drop messages of which one out of two signatures is broken does not matter: