Mathematically proving delegates are different people isn't necessary.
You realize by saying this you are no longer a "cryptocurrency" and are now akin to Ripple which makes you trust that nodes (aka delegates) won't collude against you.
Incentives work strongly against any attacker. They would have to spend months developing (via subcontracting or doing it themselves) a bunch of features for BitShares to win voter approval to take multiple positions or they would have to buy a massive amount of BTS to be able to vote themselves in, only to then attack themselves by attacking the network. The cost of attack is already very high.
The cost of attacking Bitshares' is extremely low.
It has already been done once. How much did it cost "sfinder" to attack? What makes you think it won't happen again? What makes you think others delegates aren't currently deceiving people? How much does it cost to mislead people through deception?
There is nothing necessarily wrong with having a social construct be part of the mix. Lets compare it to massive warehouses filled with asics run by a handful of mining pools. Both methods are worthy experiments and no one knows what POW or DPOS will lead to in the future.
There is absolutely something wrong with introducing a social construct into chain security and then misleading people to think the system is "decentralized" and "Safer than a Swiss bank account." Imo, PoW is evolving into a centralized system but it is still more decentralized than DPoS because it is mathematically provable through PoW that the chain is secured by a verifiable amount of hashpower.
If I want to attack Bitcoin's PoW algo, I have to acquire 51% of the hashpower.
If I want to attack NXT's PoS algo, I have to acquire 51% of the stake.
If I want to attack Bitshare's DPoS algo,
ALL I have to do is
LIE.
afaik sfinder didn't attack the network, he just ran several delegates while spreading bearish sentiment. sfinder is a case of successful identification and removal out of malicious delegates.
You don't just have to lie, you have to convince stakeholders to vote for you enough times to win the majority of the delegate positions. The votes can be withdrawn and the delegates removed if an attack is made. Any attack attempt may result in making BitShares immediately stronger as devs typically have to do some work in advance to get voted in. They would have to do this 50+ times to have a chance at doing a double spend. Basic block singing delegates are voted in more easily but they can still be kicked out and they will decrease in number as time moves forward.
Also there is an unique individual verification system being developed by
http://followmyvote.com/ who are part of BitShares which could be used to ensure delegates are unique individuals and make it even stronger in the future.