If your threat model assumes an attacker can promptly recover the private key from the public key then once the user broadcasts his transaction spending both the old output and his own QR output the attacker could simply create his own QR output and RBF the honest transaction.

correct.   this doesn't provide protection.   and any such rule about "spent along with" would be a hard fork.   which is fine if qr ever matters (there's still not a lot of evidence that it will).


--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/94689568-7ec5-4f19-b626-c9bdab57f5d8n%40googlegroups.com.