Forgot to mention that this discussion refers to mining full-nodes. With non-mining full-nodes, it’s probably better to implement a flag which – in case a valid block causes a reorg deeper than the finality window – raises an alert and halts txn acceptance by the node until its operator manually intervenes. This mechanism allows more control to the users to decide on their action in case of such a split / huge attack