Hey! There has also been some previous discussion of this in the thread linked below. Part of the original design of Boulder (the Let's Encrypt backend service) was to use multiple Validation Authorities (the servers that preform challenge validation) that must agree about the status of a challenges outcome. The design work for this is still ongoing as it presents a somewhat complex engineering problem within the current implementation.
Continuing the discussion from How do you confirm the person asking for the certificate actually owns the domain?: