If you want a service that allows the sender to verify name before sending, make it a feature that both:
(1) is opt-in on the recipient's side and fails with something like "that recipient email address doesn't have an account, the name doesn't match, or they haven't decided to allow name verification"
AND
(2) is only available on payments above your highest guess at the expected value of matching an account-email-name triple for spearphishing, and the error messages (and timings) are identical if the name doesn't match or the given email address doesn't have an account.
I imagine there are few profitable attacks where an answer "yes, email_address with name has a Coinbase account" costs a minimum of 100 USD to an attacker and getting an answer "Either email_address doesn't have an account, that name doesn't match our records, or they've chosen not to share their name" costs 0 USD. However, I'd have to think a bit more about that 100 USD minimum.
(1) is opt-in on the recipient's side and fails with something like "that recipient email address doesn't have an account, the name doesn't match, or they haven't decided to allow name verification"
AND
(2) is only available on payments above your highest guess at the expected value of matching an account-email-name triple for spearphishing, and the error messages (and timings) are identical if the name doesn't match or the given email address doesn't have an account.
I imagine there are few profitable attacks where an answer "yes, email_address with name has a Coinbase account" costs a minimum of 100 USD to an attacker and getting an answer "Either email_address doesn't have an account, that name doesn't match our records, or they've chosen not to share their name" costs 0 USD. However, I'd have to think a bit more about that 100 USD minimum.