About 0-conf: for small, day by day payments they were absolutely safe. The cost to perform a double spend was simply not worth the cost of a coffee. Now, that changes, 0-conf are not safe even if the buyer is 100% honest and the cost of the product is negligible: again we cannot downplay the effect of that, it's quite serious.
It is important now with mass mutation attack going on to distinguish between
0 confirm tx where all inputs are confirmed
vs
0 confirm tx where one or more inputs are also 0 confirm.
Distinguishing between those two types of transactions is fine from a technical point of view but we'd never be able to explain that difference to a customer. I'm mostly concerned about the customer service problems this will create. Alice gets her donut because she spent confirmed inputs. Bob doesn't get his donut because he spent unconfirmed change. Neither Alice nor Bob have clue what any of that means. How do we explain to Bob that he doesn't get his donut without resulting in a fist fight, a discrimination lawsuit, an all day seminar on the technical workings of the blockchain, giving away a free donut, and/or potentially losing Bob as a regular customer?
Are there any ideas on whether a technical solution to this problem will be forthcoming or any suggested workarounds?