Cypherdorc (blew a fuse and) locked his thread, so we must continue the discussion over here...
Edit: I can't find anything in the Blockstream whitepaper to support tvbcof's claim that one can recover their assets from an attacked chain. The closest is section 4.2 Fraudulent transfers, but the only really viable action there is to dilute everyone's BTC by the amount of the stolen coins.
Who is going to do that, some administrator? A bankruptcy trustee? No.
The best that could be achieved would be to build in some sort of rules like that into the scripts. No concrete method for doing that is proposed, but even if it were, it couldn't possibly handle all possible failures, since some if not all failures are by definition unanticipated. In the event that the state of a side chain were scrambled, there would just be no way to know who should be able to redeem.
For this reason, even the hint (or in some cases merely a rumor) of a problem on a side chain will lead to a run-on-the-bank scenario.
The movement of coin assets from one chain to other can't realistically be done piecemeal at a moment's notice via the SPV (as you point out far too much risk to allow that), instead atomic swaps should be used.
The SPV proofs should only be used for those willing to accede to very long contest period, say 30 days or so.
Speculators are not going to do this for free. Thus rapidly moving assets between side chains is going to be lossy, i.e. you won't get 1 BTC for the 1 BTC you swapped (when demand exceeds supply) but going the other direction you will get more than 1 BTC (when supply exceeds demand) unless of course you accede to the long contest period.
Side chains which enforce a longer minimum contest period will have more lossy atomic swaps, but gain confidence.
I am going to notify Adam and Gregory that they need to be more realistic and incorporate this into their whitepaper.
Edit: reorganizations can also impact atomic swaps, but the losses are localized to only the parties to the swap, thus no run on the coin in general. Swap participants should set timelocks with duration appropriate to the risks they want to take.