On Fri, Jun 19, 2015 at 6:44 AM, Peter Todd <pete@petertodd.org> wrote:

Having said that... honestly, zeroconf is pretty broken already. Only
with pretty heroic measures like connecting to a significant fraction of
the Bitcoin network at once, as well as connecting to getblocktemplate
supporting miners to figure out what transactions are being mined, are
services having any hope of avoiding getting ripped off. For the average
user their wallets do a terrible job of showing whether or not an

This is no excuse for further degrading the overall network security.

There are many issues to address in the bitcoin ecosystem. It negatively impacts users to roll out "scorched earth" replace-by-fee given today's ecosystem.

Yes, zero conf security is poor. An outright attack on zero conf degrades user security even more.

Jeff Garzik
Bitcoin core developer and open source evangelist
BitPay, Inc. https://bitpay.com/