Lock to Burn flow instead of Direct Burn which has potential for Accidents

[NikitaVr]

One Vulnerability this made me think of for both burnWithMessageSignature and even our regular mint is that a malicious page could make our user Burn themselves on accident.

You could make a Scam NFT mint page that when you try to mint what you think is some NFT art project instead executes the BurnMyWallet mint, making the user accidentally destroy their account.

Need to think more about how to prevent this in general 🤔

Might have to ask Wallet Apps to show a big warning message when interacting with this contract unless we figure out some way to prevent this On Chain.

One idea: Make Burning a Wallet a 2-step process. So the first is Lock that locks the wallet down for a week or a day. And if during that lock Period you submit the Full Burn, then it actually gives you the Burn Token.

So it could first give you an expiring Lock token, and after being Locked for a time period, you have a window during which you can Burn.

This would prevent a webpage tricking you into quickly burning your wallet, since you would only lock it, and then would need to come back and confirm a day later or else it auto unlocks (or could keep locking it if you wanted to keep it locked for a while if you just suspected a hacker were not ready to Burn fully yet

[NikitaVr]

Instead of timestamp we could also look at blocks, and say you need to wait for x number of blocks after locking. X can be a parameter of the contract constructor so we can adjust it depending on what network we deploy on, since some might be faster others slower.