nice job.
In a previous thread a requirement was mentioned for each representative having to put up some coin in holding to be eligible for this task? did you determine that this was no longer necessary?
in section "Keeping Representatives Honest", your explanation states that it would be up to the wallet software to prevent new transactions tagged with an invalid-signing-representative id. why wouldn't the network itself prevent these new transactions? Or the network could allow these transactions but overwrite with null for a representative id. if some popular wallet software had a default representative id, and this representative was coerced or somehow turned malicious, the wallet might not prevent new transactions and thus the users could all still vote for the problematic representative. I think the network itself needs to prevent this case I'm not rely on the wallet software.