Does all that mean, the dream of 100% uncompromisable P2P transfer is over? Does it mean an additional check by a quasi central authority is needed to augment security? I would appreciate an answer in layman terms.
There is a bug found/known where transaction hash can change. Attacker cannot change the transaction only the hash. This way transaction goes trough and to sender it seems it didn't.
There is workaround where you simply look at transaction with same inputs and outputs in block-chain (ignoring hash)
Truth seems to be that Bitcoin protocol is simply flawed ... thankfully only in very non critical way (you cannot alter transaction only fool sender for some time and only if he doesn't implement additional checks).
proof issue is known:
https://en.bitcoin.it/wiki/Transaction_Malleability