Viewstamp replication is vulnerable to hostile actors. It is intended primarily for trusted distributed systems, (like file servers) where unlikely out-of-sync errors need to be resolved.

In something like bitcoin, there is nothing stopping an actor from lighting up 10000 Amazon spot instances, so you are limited to proof of work or proof of stake.

Everything you said is true of Paxos and Raft which are the "better known" replication services.