You say “Corda has shifted the responsibilities of knowing the world state and seeing all transactions from the entire network onto a special notary service.”. This is actually optional. Notaries can be either validating or non-validating. A non-validating notary sees only the transaction hashes, which reveal no information about the transactions’ contents.
Additionally, notaries can either be single nodes or clusters. If they’re clusters (the preferred approach), they can run a byzantine-fault tolerant algorithm, so that some percentage of the notary nodes can be malicious without it preventing the cluster from achieving a valid consensus result.