We’re not sitting on any secret method of detection. The time for secrets is over, thank god. Now we can go back to being fully transparent and being able to focus fully on new improvements instead of opsec, mitigation, remediation, and disclosure!
A perfectly-executed counterfeiting attack would be undetectable by any cryptographic means. The “footprints” mentioned in the blog post are about evidence that would be left if an attacker made mistakes. They might take an existing proof from the blockchain and use that as the base to generate their forgery, or they might generate multiple forgeries, and if so they might not hide all of the evidence connecting the various proofs. @arielgabizon wrote a script that scanned the blockchain for such evidence and did not find any.
There’s no way to detect counterfeiting unless the attacker makes this mistake, or of course if the Sprout pool value goes negative. As we’ve seen in Bytecoin’s counterfeiting exploitation and other exploits in the wild, attackers sometimes make mistakes that leave behind evidence.