This is a really clean approach
Reducing signup friction while still being intentional about security is hard, and I like how clearly you’ve thought through the trade-offs instead of pretending they don’t exist.
The guest → real account handoff is especially nice. Letting users experience real value before asking for commitment feels very user-first, and the separate JWT keypairs + hashing shows this isn’t a “just ship it and pray” solution.
Accepting limitations like single-device and localStorage loss in exchange for a smoother trial flow feels reasonable for a side project. Curious to see how users respond over time.
Great write-up and thanks for sharing both the wins and the risks — that transparency helps the community a lot