Perhaps it is best to provide some examples, ones that I’m hoping never happen mind you:
Suppose Validator Bob is going on vacation, specifically a cruise. Internet is spotty at best on the open seas. Now in 99% of the time, zero action is necessary from Bob to update his Node’s software.
But he doesn’t think in terms of probabilities, rather he understands the concept of expected values. Should a black swan event happen - he will most likely be out, due to his being negligent in his duties.
Hum… What is Bob to do?
He could vote himself out…. (just let that one sink in for a bit)
Would he? Firstly there is a question of loss of reward. I’m going to ignore this - he was never in it for the money (that is a big assumption). Bob’s really concerned that his removal would be permanent.
So Bob gives his acquaintance Alice his password* to his node. Notice that I said ‘acquaintance’ and not ‘great friend’. Bob actually doesn’t have to particularly like Alice and we can actually compute the boundaries of the amount of trust Bob must have for Alice.
Scenario 1: Alice stops Bob’s node, Bob is available (he isn’t on vacation yet) and brings his node back online. He gives the reason of “hackers” and that’s that. Neither Alice or Bob would share the reality of the activity to the larger validator set, as both would be out.
Scenario 2: Alice stops Bob’s node, Bob’s cruising. Well, Bob’s SOL… But remember he was facing this scenario at the very beginning.
Scenario 3: A network issue arises, Bob’s cruising and Alice Restarts his node.
Only Scenario 2 is of concern - and this was going to happen anyways… So on the low side the level is a normalized ZERO.
Bob only needs to ascribe a value to his trust of Alice that is below the compensation that he would be out. Being removed permanently from participation - is rather high (at the moment). He just needs to trust Alice less that this BIG number.
Solution (potential - love to discuss others / expand upon…):
Having a mechanism in place that would allow a validator to gracefully exit from validation duties (perhaps keep voting duties in place - since it is easier to vote) may result in validators to more easily self disclose. There will be times that they might not be able to perform their duty and we must ask ourselves if it is wise to ignore this possibility.
Again - I would much rather void the possibility of ad hoc systems being arrived out between validators. One of the core constructs underpinning many Blockchain projects - unpacking/understanding incentivization schemas… (and being totally honest about them.)
*Please note, I’m grossly oversimplifying - as all good examples ought to for readability.