This is an optimization to reduce the IO to the session store. A large number of the attributes in the $USER object are just junk that are very rarely used. Fields like icq, skype, yahoo are almost never filled out and constantly get loaded, not used, and resaved, back and forth on every request. This tracker is similar in aim to MDL-69747 but should be much easier to implement.
There is also a large number of fields which are critical and do get used, but are almost always some known common value, eg deleted, confirmed, suspended, policyagreed, emailstop
1) We expand user::get_dummy_user_record() to include more of the defaults fields and their most common values
2) When we load from the session store we create a fresh dummy record and then restore $USER over the top
3) When we save to the session store we remove any attributes which are the same as the defaults
4) To ensure extra safety emit some debugging if the first save of $USER in a session ends up adding extra fields, ie this ensures the dummy record never contains cruft either
I think for a typical site around 30 default fields might get dropped, and might reduce session IO by 10 - 15%