If a user copies a cryptocurrency address from a site using HTTP we should: 1. Clear the clipboard 2. Present a warning (mockup attached) 3. Give them the option to reload the page over a new circuit + HTTPS, or perform the copy anyway  Maybe in the future we could also have some sort of reporting mechanism? This is basically a partial implementation of https://gitweb.torproject.org/tor-browser-spec.git/tree/proposals/ideas/xxx-cryptocurrency-user-safety.txt