If an attacker simulated an Ethereum network, with 1 million validators in it. He has keys to all validators, because the entire thing is his simulation. He simulates several decades, which in real time is probably several hours.
Then he broadcasts his simulated network to the real Ethereum network, and claim his is the real one. All his 1 million validators start communicate with the real validators. Since his network history has more “total attestations”, his network should be the real one according to the chain selection rule.
This is impossible in PoW, because he would need more hash power than all the other miners combined to simulate a “heavier” history. But that is not the case in PoS. I am curious, how does PoS solve this?
How is he creating 1 million valid validators?
The validators at time = 1 decide the validators for time = 2. He needs to somehow control the keys for 1 million validators at some point in time for this to be possible.
It is possible if they are buying the old keys from people who have stopped validating (although still difficult). To protect against this Ethereum uses weak subjectivity. https://notes.ethereum.org/@adiasg/weak-subjectvity-eth2