I'm testing the onboarding and the general UX and I spotted a possible problem: when the user take a position he is asked to pay a LN invoice in 15 minutes; during this time frame the position is locked and hidden, and it is not available to any other user. I suppose it's quite trivial to create a bot that randomly generates new key-pairs and take all the positions, ruining the operability of the service.
Maybe a solution could be to wait the LN payment to lock the position, or to require non-trivial PoW when signing the take event.
I'm testing the onboarding and the general UX and I spotted a possible problem: when the user take a position he is asked to pay a LN invoice in 15 minutes; during this time frame the position is locked and hidden, and it is not available to any other user. I suppose it's quite trivial to create a bot that randomly generates new key-pairs and take all the positions, ruining the operability of the service. Maybe a solution could be to wait the LN payment to lock the position, or to require non-trivial PoW when signing the take event.