One more thing I would like to add to this thread: I want to make it unequivocally clear that I believe what is making double-spends easier has relatively little to do with the protocol and almost everything to do with poor software and poor security policy on the merchant end. Perhaps it isn’t prudent to push out changes to the relay policy that make these exploits even easier right now - but we NEED to be applying some kind of pressure on the merchant end to upgrade their stuff to be more resilient so that we have more room for changes on things like relay policy without significant disruption to the network.

- Eric Lombrozo