That’s a good point! Yes, as we mentioned in our paper, strictly speaking p(\tau) and q(\tau) are not independent. For example, if some factor reduces the user probability, it could either increase or decrease the attacker probability. More fundamentally, both probabilities are defined over the same underlying threshold system, so they are naturally linked even in the absence of attacker knowledge. For simplicity, however, we assume these probabilities are independent in this work. We acknowledge the fact that taking into account the correlation between these probabilities would provide a more realistic model and we view it as an important future direction.
Several studies have explored threshold signature schemes, focusing on their design and security analysis. To the best of our knowledge, none of these works focuses on statistically determining the optimal threshold for an existing threshold signature scheme to improve both security and usability for the user.