We discussed this in several topics including this last weekend:
https://forum.autonomi.community/t/blockchain-jaded/6698/4?u=janitor
I don’t know if it’s fair to call it a flaw. Maybe “weakness” is better, just is it is a weakness of Bitcoin to be unable to ensure proper validation if a malicious mining pool gets a 66% plus share.