What happens if 2/3 of a subnet's nodes decide to fork?

I have a basic (probably naive) conceptual question:

What’s to prevent 2/3 of the nodes in a subnet from colluding to fork off their own chain (with malicious consequences for canisters)? Since subnet node provider information is public, they could probably set up a Telegram chat to coordinate.

Follow-up questions / thoughts:

  • Can the NNS “master chain” do anything about this, or would it not even be able to detect such a fork?
  • Perhaps node shuffling is one solution?
  • Is this a situation where we should let more users participate in validation (but not in consensus)?
  • Can ZK SNARKS help here?

(I thought of this when I read this post by Vitalik.)