Looks like the main question is how to audit blocks. Assuming you understand RingCT and Full Membership Proofs, it is no different from BTC block auditing. In practice, it is a lot more difficult.

If you were to design an attack like that, you'll need to find a way to double spend. It is possible with 51% of hash power, but I forgot the details.