How exactly did Stephen Watt break trust? He didn't steal any credit cards, he didn't profit from other people stealing credit cards, and he allegedly was not aware of the purpose for that sniffer program. He's an old-school black hat who broke into systems for the lulz, not for financial gain. (Ever heard of ~el8?). His mistake was believing his associates shared his priorities.
Not only that, but when he was being pressured and threatened by the government, he refused to cooperate. I think that's commendable and demonstrates real integrity.
Do you really believe he didn't know what it was being used for? He acknowledged it was using to sniff traffic, if not for credit-cards? What? Account details?
Unless there were logs or talks of them doing it for purely academic/educational purposes, which as we know Gonzalez isn't that "sort" of person, it would be unacceptable to think someone of Watt's intellect wouldn't be able to put 2-and-2 together.
He's been around the scene. He knows the scene. He's been a part of the scene.
I agree in terms of law, this all goes into a very grey and fuzzy area - if he had a better lawyer he may have came out in a different situation. Looking at the recent backlash for hackers, he may be looking at an apology (or even a payout) in the future.
While it's true that softwares are rarely audited, protocols are much more analyzed because they are expected to be read by humans. Fortunately, the DarkMail authors want to create a new protocol and have it interoperable, so there should be an open protocol; that's the most important thing, and we must keep our focus on it.
