The Problem:
Many users (myself included, despite being fully aware of the procedure) occasionally lose their fidelity bonds because they fail or forget to properly copy the ephemeral token before proceeding or accidentally closing the tab. I have also won bonds from counterparties who likely made this exact same mistake.
While the ephemeral nature of the token is a core privacy feature, the current UX makes human error too easy, leading to unnecessary loss of satoshis and significant user frustration.
Proposed Solutions:
I suggest implementing one (or a combination) of the following UI/UX tweaks to ensure the user has secured their token before locking funds:
-
Mandatory Backup Proof (Paste-to-verify): Implement a validation step where the user must paste the copied token into an empty input field before the "Continue" or "Fund Bond" button becomes active. This guarantees the token is, at the very least, successfully captured in their clipboard.
-
Explicit "Download as .txt" Button: Add a prominent, manual download button. This gives the user the choice to save it as a file while allowing them to select a secure destination path.
-
QR Code Display: Render a QR code alongside the token string. This allows users to quickly and securely scan the token using an offline device, a secure notes app, or a password manager on their smartphone as an immediate physical backup.
Conclusion:
Adding some friction to the token generation step to verify it has been backed up will drastically reduce the rate of accidentally lost bonds and improve the overall experience, without compromising RoboSats' core privacy principles.
The Problem:
Many users (myself included, despite being fully aware of the procedure) occasionally lose their fidelity bonds because they fail or forget to properly copy the ephemeral token before proceeding or accidentally closing the tab. I have also won bonds from counterparties who likely made this exact same mistake.
While the ephemeral nature of the token is a core privacy feature, the current UX makes human error too easy, leading to unnecessary loss of satoshis and significant user frustration.
Proposed Solutions:
I suggest implementing one (or a combination) of the following UI/UX tweaks to ensure the user has secured their token before locking funds:
Mandatory Backup Proof (Paste-to-verify): Implement a validation step where the user must paste the copied token into an empty input field before the "Continue" or "Fund Bond" button becomes active. This guarantees the token is, at the very least, successfully captured in their clipboard.
Explicit "Download as .txt" Button: Add a prominent, manual download button. This gives the user the choice to save it as a file while allowing them to select a secure destination path.
QR Code Display: Render a QR code alongside the token string. This allows users to quickly and securely scan the token using an offline device, a secure notes app, or a password manager on their smartphone as an immediate physical backup.
Conclusion:
Adding some friction to the token generation step to verify it has been backed up will drastically reduce the rate of accidentally lost bonds and improve the overall experience, without compromising RoboSats' core privacy principles.