I think I can deduce why you are misunderstanding (and it is an expected reason that can probably only be conquered with a very thorough elucidation). It seems you are conflating the concepts of attacks on PoW chains with attacks on, by, or leveraging confirmation nodes. These are orthogonal concepts in my design. For example, confirmation nodes do not gain any power to issue double-spends (all confirmations have an objectivity that can't be violated and that is another design secret and I won't discuss that now but you can look at Dash's Evolution design for a hint).
I think this will indeed be key to understanding this design. This probably doesn't help you at all, but the root of my line of reasoning is that the attacker can be both confirmation node(s) and regular node(s) and have a majority of both at any time.