That is a valid trade-off, though if that occurs someone could just as easily snipe it first. 

To avoid accidental capture over Zoom etc, perhaps before rendering the user should click a warning or choose a voucher vs. persistence.

Once Lightning Pub is stable I hope to displace LNURL with Nostr methods so that everything can use keys. 

0330830bf9

What are you working on this week?

IIRC My concern with replayable challenges was that they're ... replayable access to the funds of the wallet, e.g. I scan a QR over someone's shoulder. 

It seems like there should be additional authentication around such a thing.