Then that would mean Whirlpool has zero "Boltzmann score" since the coordinator is trusted to choose every participant for the round.
If the coordinator is malicious and launches Sybil attacks, ordinary blockchain observers will see a positive Boltzmann score. For any coinjoin participant, the score will be better approximated (it will be lower). In the event of a successful Sybil attack where every coin in a coinjoin is compromised (with, for example, n coins, of which n-1 belong to the attacker), the Boltzmann score becomes meaningless. The score is designed to approximate scenarios with slight uncertainty, whereas in this case, there is none.
No you don't, Alice could have any combination of coins. "partnering with blockchain analysis" doesn't penetrate the anonymity of her open source client.
Before joining her first round, Alice is expected to only have non-private coins, and if these coins are de-anonymized by the chain analysis company, then her "open source client" provides her with no anonymity.
You don't need a friend, as I mentioned before, you can singlehandedly test for a Sybil attack by registering 2 inputs yourself.
By registering 2 inputs which are tagged from blockchain analysis as belonging to the same person, it tests absolutely nothing. The coordinator can still attack.