...the actual cost of disagreeing is zero...
Agreed in nearly all cases, but this is mitigated somewhat in the eMunie BA model.
Its not free for a node to disagree, as that node has to be present in the current set of network agreed "voting" nodes. To be in that set, you have to be online and perform work, either by way of real work requests, or challenges to prove you are doing work.
In most cases it "should" discourage all but the most well financed Sybil attackers, and any cost to disagree, is better than no cost at all like most.
Also after some revision of the trust based model we have, we may actually be able to improve the resilience further, but I'll post about that more once the investigations and testing is done.
For those not in the know:
Ripples consensus can only guard against (n/5)-1 failures (20%), which is quite low considering the importance of the data its protecting.
Stellar's FBA can guard against (n/4)-1 (IIRC) (25%)
Modified RAFT to be BA tolerant can in some cases guard against (n/3)-1 (33%) but has a lot of limitations to achieve it
POW is claimed to have a tolerance of (n/2)-1 (50%). But there is disagreement on whether this is true or not, with some believing that POW isn't BA tolerant in the true sense.
One concern I had with Ripples model is these UNLs. Users are free to change them, but most don't, so nearly all client nodes in the network have the same list of UNLs. This means that an attacker knows exactly who to hit to cause the most disruption.
Your proposal does sound very much like POW, but then that puts Ripple into the "not true BA" camp, because the ledger can be changed by an attacker some time in the future (just as with BTC).
True BA does not allow this, there is (or should be) no way to change history and the data being protected should be append only.