[ianferrel]

The reasonable use case for this seems to be that you'd send a request for payment as part of a payment processing system.

So, user is on your site wanting to buy something, selects "pay with coinbase", and you ask for their email, then send the payment request.

In that case, you'd want to know that the email isn't in Coinbase's system so you could tell the user that the request didn't work, and can they check their email address or try another form of payment.

A reasonable way to limit this would be % of attempts that fail. If you're using this call reasonably, then the ratio of success to fail calls should be in some reasonable range. If it's too high, either you've designed a very confusing interface for payment, or you are doing something fishy.