Yes this is right. The trustless system we talk here has nothing to do with two-generals problem. Communications have no problem, the problem is that how to prevent any node from doing bad things (i.e. steal coins).
Actually no, the "guarantor" is only involved in the act of sending coins, which is a "communication" in the context of the Two General's problem.
The "guarantor" is being trusted to do arbitration between the sender and the mixer. Therefore, given the nature of 2-of-3 multisig transactions, the guarantor and the mixer can sign the transaction, and then refuse to sign the cancellation transaction, leaving the sender out of luck and out of funds.
Even worse - the workflow is based on the txid and verifying the txid. Have we not learnt by now that the txid can change? How do you people not understand that this was the very thing that mtgox blamed for their destruction?
In fact, if there was ever a clearer indication that the
idiot "developer" that designed this system should stick to something less complicated,
Satoshi Nakamoto himself wrote a seminal post in December 2010 explaining why this is a bad idea, so it's not like this is a novel and unknown thing:
Transactions are dynamic. Past transactions can become unconfirmed, go away and come back, become invalid and disappear, or be replaced by a different double-spend. Their date can change, their order can change.
Programmers are naturally inclined to want to use listtransactions like this: feed me the new transactions since I last asked, and I'll keep my own tally or static record of them. This will seem to work in all regular use, but if you use the amounts for anything, it is highly exploitable:
1) How do you know if a past transaction becomes invalid and disappears?
2) When there's a block-chain reorg, it would be easy to double-count transactions when they get confirmed again.
3) A transaction can be replaced by a double-spend with a different txid. You would count both spends.
This is not a trustless system, this is a trivially broken, fundamentally flawed system. Praising it as anything but an idiotic idea merely reduces your own credibility.
Again, the guarantor is not a communicator in the two general's problem.
1. All communications are signed and verified. There's no fake messages there. Also all messages are point-to-point.
2. All related deposits etc are independently verified by all parties. Posting a fake one does not go anywhere.
I don't think you understand the system at all. What you described is a coordinated attack. If 2 out of 3 are cheaters, then you have no way to prevent the cheating. Like in coin system, is you have 51%, you do whatever you want.
You verify the past transaction by its confirmations. Of course if the whole network is bad, you can't do anything. This is the same that BTC transaction confirmed 6 times, but can still go bad.
Please don't mix the problems here. The blockchain re-org is a normal problem, even a transaction in btc confirmed 100 times can still go wrong. The trustless system is not trying to solve this issue. The trustless system is not for everything you want to mix here. It is a clearly defined one. If you don't understand what it is, then read it again.