afaik sfinder didn't attack the network, he just ran several delegates while spreading bearish sentiment. sfinder is a case of successful identification and removal out of malicious delegates.
The fact that one individual was voted into
multiple delegate positions is a breakdown of chain security. Just because he didn't attack doesn't mean that he couldn't have or that someone in the future won't. You can't say that "sfinder is a case of successful identification and removal out of malicious delegates" because
YOU DON'T KNOW IF HE CONTROLS OTHER DELEGATES. No one can be sure how many delegates are controlled by one person because
DPOS IS FUNDAMENTALLY FLAWED.
You don't just have to lie, you have to convince stakeholders to vote for you enough times to win the majority of the delegate positions. The votes can be withdrawn and the delegates removed if an attack is made. Any attack attempt may result in making BitShares immediately stronger as devs typically have to do some work in advance to get voted in. They would have to do this 50+ times to have a chance at doing a double spend. Basic block singing delegates are voted in more easily but they can still be kicked out and they will decrease in number as time moves forward.
After an attack is made, it is too late. No one will care if the stakeholders remove their votes from the attacking delegates. People will have lost money. Who is going to be responsible for replacing investors' lost money?
Also there is an unique individual verification system being developed by
http://followmyvote.com/ who are part of BitShares which could be used to ensure delegates are unique individuals and make it even stronger in the future.
This doesn't sound very "decentralized" to me. It sounds like a system to bring about "approved validators" which is extremely similar to Ripple but
more centralized.