What people truly don't understand about confirmations is this:
Double-Spend is hard
It is truly an extremely difficult thing to accomplish – Nobody would ever attempt a double spend on something as inexpensive as a domain name.
Not only that, but Namecheap could easily revoke the domain as a result of an attempted double-spend.
Double-Spend is hard
It is truly an extremely difficult thing to accomplish – Nobody would ever attempt a double spend on something as inexpensive as a domain name.
Not only that, but Namecheap could easily revoke the domain as a result of an attempted double-spend.
Double-spending is actually really easy - here's a nice tool to do it: https://blockchain.info/create-double-spend
For instance with that tool I get a roughly 50:50 chance of ripping off Namecheap by sending simultaneous transactions. Similarly I could just send a transaction that some % of mining power ignores, and then double-spend the first transaction with one that the hashing power does accept. There's lots of ways of pulling off that trick, because what transactions what miners accept varies greatly. But it doesn't matter, because as others have noted canceling the domain registration after the fact if the payment doesn't go through in the end is perfectly reasonable.
Having said that, we can make zero-conf transactions significantly more secure, ironically by making double-spending easier: https://bitcointalksearch.org/topic/m.2669189 It's still not as secure as an actual confirmation, but it's pretty good and relies on economic incentives rather than people being "honest". This also will let you get stuck transactions unstuck by increasing the fee after they have been broadcast; currently if your initial guess for the fee is wrong a transaction can easily become stuck for hours with not much you can do about it.
