How easy is it to attack this by cutting the specific part of the note that releases the key but making it look like it's whole? Couldn't I cut the note in half and tape it together again and fool someone who doesn't know much about it? Or couldn't I cut the specific bit with an Xacto knife, take the funds and still circulate the bill?
But then that kind of invalidates the "offline" claim, I don't think they'd make it if they needed the app? Then again, maybe you need the app but it doesn't need network access.
I'm also unclear whether being cut is truly the only way to trigger the release. Could the note be damaged in other ways to get it to think it's been cut? The website is extremely light on details.
