eNuts
eNuts copied to clipboard
cashubtc
Transaction confirmation using pin auth
Provide the possibility to activate a security setting that enables this feature: requires pin auth for confirming an outgoing transaction
- [ ] Hide setting if no pin has been stored
- [ ] create the pin modal screen and associated logic
- [ ] implement the new auth screen in the confirming process
- [ ] implement auth screen also for displaying sensitive information (nsec)
I'd like to provide some insights and thoughts on this. If we want to make eNuts a highly intuitive and user-centric eCash app, enabling certain settings by default might introduce unnecessary friction. The current setup prompts users to establish a PIN during onboarding. Most mobile bitcoin wallets don't require a PIN or faceID authentication for transactions or initial setup. I think there is value in these added security settings but perhaps they can be optionally setup in the settings page?
This brings me to another point: the friction introduced by requiring a PIN upon download/onboarding. I recently had an experience in Riga where individuals had an "lightbulb" moment when they could easily receive eCash via a cashu.me link. This is reminiscent of the Wallet of Satoshi (WOS) experience, one of the most (if not the most) popular lightning wallet. WOS's strength lies in its simple onboarding, where users can receive a lightning payment in just two taps post-download. Could we consider mirroring this streamlined approach to minimize the steps users take to receive eCash?
The most simple user flow I think of will result in 3 taps post download.
- Launch: Upon opening the app, a the onboarding / introduction screens appear with a 'skip' option at the top right.
- Receive eCash: From the home screen, users tap 'receive' to generate a QR code.
- Trust Prompt: Before receipt, the user is informed of the mint's control over funds and the necessity to trust it.
- Confirmation: User taps 'confirm' to finalize.
- Completion: Funds received.
This flow allows users to receive funds in just three taps post-download (Steps 1, 2, and 4), aligning with the goal of simplicity.
WDYT?
@swedishfrenchpress I can add a skip option for the onboarding screens
The PIN setup afterwards is already Optional, user can skip it and setup later under Settings
The PIN feature in this issue is meant to be only for outgoing TXs (as confirmation for outgoing payments which is an additional small security upgrade) and would be Optional (disabled by default)
Currently, you already can redeem ecash from your clipboard once the app comes to the foreground (will ask for permission if mint is unkown, else will redeem it immediatly after coming to foreground)
Also possible currently to press a link "cashu://token" which opens enuts and redeems the token as well.
However, these features have not been tested aggresively enough :)
Good that the pin is optional and this feature would be disabled by default. WDYT about removing it from the onboarding process?
Good that the pin is optional and this feature would be disabled by default. WDYT about removing it from the onboarding process?
Not sure I would prefer to have it in the onboarding process.
The Benefit of having it in the onboarding process is that the user directly knows that a pin feature is available but that is just my Personal taste and we should wait for tester feedback after release.
The Benefit of removing it from there is a faster onboarding (few seconds in case of setting up, else less than 1s.) And i think it dies not improve the process significantly
Sounds good to me, let's trust the instinct and leave it. How does the user skip it? I don't seem to recall the skip ability, is it a skip button or does the user just press the "check" mark at the bottom?
Sounds good to me, let's trust the instinct and leave it. How does the user skip it? I don't seem to recall the skip ability, is it a skip button or does the user just press the "check" mark at the bottom?
At the bottom under the number "0"