In a double spend attack (including a "51% attack) the attacker would be the one generating the sequence of blocks.  That means each block relies on the prior block also made by the attacker.  The attacker signs a block and if it doesn't allow him to forge the next block, just keeps resigning it until it does (as pointed out a single digest can have an infinite number of unique signatures by changing the k value). The attacker attempts signatures until he produces a one which allows him to sign the next block as well.  The attacker then moves on to the next block.  If this seems kind of like a PoW it is.


The attacker won't be publishing his chain until it is longer. As long as one of his accounts is valid for signing the next block (and thus somewhere in the queue even last) there will be nobody ahead of him in the queue that knows about the block.  The network doesn't require a specific signer from the queue be used, it just favors a higher signer over a lower one but all signers are equally valid.  If the attacker had* >51% of the network stake e will produce the longest/best chain.  Note: it isn't actually a "queue" but this doesn't materially change the scenario.

As a side note: deterministic (or quasi deterministic) signing/minting/forging is an interesting idea.  It has some advantages but it isn't some magical 51% proof shield and the "nothing at risk" issue around PoW remains unchanged when compared to other PoS systems.

* It is "had" not "has" because in PoS the critical resource is not a physical item, it is a record in the blockchain. A miner who no longer has any hashpower can no longer mine but a forger who had but no longer has a stake can forge a parallel chain starting from where he had the stake and double spending the tx resulting in him losing the stake. An attacker with 51% of the stake as of block X can sell that stake and still perform a 51% attack starting from block X using the stake he had but no longer has on the main chain.