Currently it looks like the model of privacy has been focused on pre-payment flows and have done a good job of avoiding the Web monetization API from leaking browsing history. However, in the event that a payment is made via a more public system (thinking a publicly readable blockchain - although this may be out of scope) there's an opportunity for browsing history to be correlated to completed payments. Is this something that is considered within the scope of the threat model here or is there a way that it's being avoided currently?