though this is not addressing the OP's question. as that seems to have been answered. i must address meuh's misconceptions of other more realistic risks that malicious users can do, not to fill mempools. but to perform chargebacks
BIP65 :
https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki#freezing-fundsFreezing Funds
In addition to using cold storage, hardware wallets, and P2SH multisig outputs to control funds, now funds can be frozen in UTXOs directly on the blockchain. With the following scriptPubKey, nobody will be able to spend the encumbered output until the provided expiry time. This ability to freeze funds reliably may be useful in scenarios where reducing duress or confiscation risk is desired.
<expiry time> CHECKLOCKTIMEVERIFY DROP DUP HASH160 <pubKeyHash> EQUALVERIFY CHECKSIG
above is how it can add the "maturity" feature to stop people spending a confirmed output until a certain time ONCHAIN (similar concept to rreward maturity)
CLTV and nlocktime are 2 separate things
nlocktime stops a tx being confirmed until a certain point(locking out). CLTV stops a confirmed output being spent until a certain point(locking in).
then added in CSV, you can add a revoke code to chargeback.
now to address the double spend offtopic part
watching out for RBF CPFP is the same as watching out for malleability.. in short wait for a confirm if unsure