Hi,
It prevents misuse of shared purchase keys. Without that, anyone could use a single key on unlimited sites, as well as pirated copies to be obtained via API calls from our servers. While it is not hard to obtain a pirated copy of any software these days, there is no guarantee that those copies does not contain any malicious code (which they usually do). Without this limitation, direct links could be shared for download to the update servers.
I understand that this can be very inconvenient, but it rarely causes any problems, as most staging environments are directly pushed to the live environments.
You can also download the latest copy from codecanyon anytime, it is exactly the same copy as on our servers. Actually, the codecanyon copy is always approved first, before we push the updates to the update servers.
Updating the plugin manually is not different from the WordPress auto-update method, it is essentially the same. WordPress uninstalls, deletes then installs the new version. The same method is used when installed/updated manually, although it is more convinient using the auto updater of course.
Also, you don’t have to have the plugin automatic updates activated at all, it does not lock any other features. In your case, I would recommend using the automatic updates on staging, and using the manual update method on the live environment, once it is surely working.
I am sorry for the bad experience, I hope I can improve this somehow in the future.