Typically, users running a 3 node replica set with one arbiter will use w:1 writes instead of w:majority writes, since the cluster loses quorum after one node fails. Any writes taking place on a degraded cluster with only one data-bearing node carry the risk of losing those writes.
In particular, rollback can occur after the cluster is healed, by returning the second data-bearing node to the cluster. At this point, under pv1, priority takeover can roll back all writes done during the degraded state. Protocol version 0 priority takeover, however, can roll back up to 10 seconds of writes.

Due to the potential size of the rollback, and the unexpectedness of the behavior, we propose to prohibit the configuration of 3 nodes, 1 arbiter, priorities higher than 1, and protocol version 1. Upon parsing of such a configuration, we should degrade to protocol version 0, and add a warning to the system log.