The force behind this patch is that zero-conf transactions have never, ever, ever, ever, ever been safe in any way, shape or form. Now everyone has to accept reality.
Have you ever tried to double spend? It is more or less impossible if you are not a very very big miner. People claiming that this is easy have no f'ing clue how the Bitcoin network operates. So yes zero-conf would be a perfect fit for your $3 Latte.
Except... this patch exists. Which means it is quite possible for people to do it.
I write a patch to send me all your coins and still as long as you don't install it this patch will do nothing.
Huh? In that case, the victim would have to install that patch in order to be victimized. In this case with the 0-conf security hole, no one has to install a patch to be victimized, but an attacker could certainly install the patch to make it easier for him to make people victims. Those are polar opposites.
Better to have the benefit of such a patch for the whole populace than have the benefit only for the thieves who know how to integrate such a patch, preying on unsuspecting victims who think 0-conf transactions are safe.
The "benefit" is that it disables possible use cases. The victims would be be merchant like Starbucks that get robbed $3 that way, while millions of ppl could regular pay with Bitcoins at the same time. You are one of those guys that try to outlaw cash, because it can be used for illegal thing. Once everything works electronically it can be traced and monitored and everyone is safe. Except now no one is. Same benefit as from this patch.
It disables possible use cases that shouldn't have been use cases at all. Starbucks shouldn't be getting robbed of $3 this way, because they shouldn't be accepting 0-conf transactions anyway. They are inherently unsafe. Gavin's patch shows exactly why they are inherently unsafe - anyone could code such a patch and use it in their client.
Saying that 0-conf transactions can be secure is like not having locks on your house and pretending that it is perfectly safe to leave for the weekend. "Well, as long as someone doesn't spend the time to figure out my house is unlocked, it'll be fine - nothing will be stolen." While that may be true, more and more criminals will decide to check houses to see if they are locked if they know that people are leaving their houses unlocked. Similarly, while 0-conf transactions may be mostly safe today, you can guarantee that patches to double-spend coins would be very prevalent in the future, just like aimbots are prevalent in FPS games. Gavin is preventing a big problem before it starts by making it a really bad idea to accept 0-conf transactions and prevent merchants from relying on 0-conf transactions.
I am bullish on this news. It kills another potential attack vector / security hole that was present by making sure everyone is well aware of the possibility of this happening.
I repeat, have you ever tried this? Basically impossible. So bullish on making Bitcoin worse? Permabull in denial
Not impossible at all. All I would have to do is patch Gavin's pull request into my own Bitcoin-QT, and viola! Double-spending powers! You can say that he shouldn't have done that, but then, what would stop anyone else from making a similar patch and only sharing it among the criminal underground?
