Nouveautés

Any contract with a document now has a "Duplicate for new signer" action in the dashboard menu. It clones the source contract, including its uploaded PDF/text pages and field placements, as a fresh draft with a new token and "(copy)" appended to the title — ready to send to the next tenant, client, or counterparty without re-uploading and re-placing signature fields. This is the path most of our recurring users were taking manually (re-upload, re-place fields each time); now it is one click.

Logged-in users had no obvious path to get in touch from inside the app — the Feedback menu item buried the contact form behind a tab. Settings now has a dedicated Help & contact section with three entries: "Send us a message" (deep-links to /feedback?tab=contact, the contact form opens immediately), a direct mailto:contact@canusign.com fallback for users who prefer their own mail client, and "Request a feature" pointing at the public feature-voting list. Fully translated in all 10 supported languages.

Once a user has placed at least one signature field, the editor now shows a one-line cost preview directly above the Continue button so the price impact is visible before the user clicks through to /payment. Logged-in users with credits see "Free — your credit covers it" (with available balance); logged-in users at zero balance see "€1.49 — one credit required"; guests see "First signature free — no subscription". The signal closes the loop on the analytics data showing 30 contract_finalized → 19 checkout_opened drop that was driven by users not realising the credit covered the cost.

Users with at least one draft contract that already has a document attached and credits in their balance now see a prominent mint/coral banner above the contract list: "You have N drafts ready to send — your credit covers it." Clicking jumps straight into the editor for the first stuck draft. Targets the cohort the analytics surfaced: 22 users (29% of accounts) who got their free signup credit, uploaded a PDF, but never finalised — the largest single activation gap in the funnel.

New hero copy in all 10 languages: "Sign PDFs. No subscription." with subtitle "Need a signature today? Pay €1.49 once — no trial, no account for your signers. eIDAS-compliant, built for the EU." Replaces the previous neutral "Sign PDFs Online / Upload any PDF, add signatures..." framing. The new copy explicitly targets the real competitive set — free-tier tools that pressure users into subscriptions after the trial — rather than enterprise e-signature players that share none of our pay-per-use audience.

The landing page advertised "from $0.49 per credit", which was the cheapest-per-credit price floor when buying the largest bulk pack — and in the wrong currency. First-time visitors then hit the Single pack at €1.49 at checkout and felt baited. The label now anchors to the actual single-signature price they will see at checkout (€1.49 in EUR; geo-currency adapted), and the wording shifted from "per credit" to "per signature" across all 10 locales so the same noun is used end-to-end from landing → editor → checkout.

Email field on /login carries autocomplete="username webauthn" so browsers surface saved passkeys directly in the autofill dropdown. An explicit "Sign in with Passkey" button handles the fallback. Per-user passkey management at /settings/security (add, rename, delete) lists every credential with the device type and registration date.

Continue-with-Google button on /login wired to Google Cloud OAuth. Gated by NEXT_PUBLIC_GOOGLE_LOGIN_ENABLED so previews without credentials still build cleanly.

/settings/security lists every active session with the browser/OS guess, IP, and sign-in date. "Current" badge on the active session, per-row revoke, plus "Sign out other devices" when more than one session exists.

Paginated user list (email, role, plan, status, joined) with email search. Per-user actions: toggle admin role, impersonate, ban with reason, unban, hard delete. Server-side guard rechecks role against the DB on every request so a fresh promote takes effect immediately.

Pack selector, promo banner, trust badges, comparison hint, and Sign-up-free CTA all collapse once payment succeeds. Only the magic-link confirmation card stays visible — guests see one obvious next step instead of a scroll of unrelated UI.

Better Auth signups (databaseHooks.user.create.after), guest-pays-then-enters-email (/api/checkout/auto-login), and Stripe webhook auto-create (handlePaymentIntentSucceeded + handleCheckoutCompleted) all emit account_created with the provider label. The post-payment funnel finally attributes signups to the path that produced them.

next-auth and @auth/prisma-adapter uninstalled. User.emailVerified migrated from DateTime to Boolean (timestamp preserved in emailVerifiedAt). Session, Account, and Verification tables recreated with Better Auth's shape. New Passkey table for WebAuthn credentials. All 45 useSession / signIn / signOut / auth() callsites migrated to authClient + getSession. See docs/BETTER_AUTH_MIGRATION.md.

editor_opened (with template/draft/from-landing breakdown), document_added, field_placed, editor_continue_clicked (with docCount and types), contract_finalized, and editor_continue_failed for backend errors. Each fires once per editor session so counts are comparable to upload and payment events.

Pro Subscription (CTA on landing → Stripe-hosted Checkout) and Sublease Document Payment (sublease form → Stripe-hosted Checkout) now fire checkout_opened before redirecting and payment_succeeded on their success pages. Real Stripe charges that previously didn't appear in the funnel are now attributed to a product.

Inline credit-pack purchases (checkout-form.tsx) now include product, packId, and flow on every event. Funnel-snapshot script splits per-product CTR (credit-pack vs. pro-subscription vs. sublease-document) so we can see which path converts best at every step.

When the create-checkout API call fails (network error, 500 response, missing URL), checkout_failed fires with the error type. We see hangs at 'opened but no Stripe' before users do.

scripts/funnel-snapshot.ts now reports the complete page_view → upload_completed → editor_opened → document_added → field_placed → editor_continue_clicked → contract_finalized → checkout_opened → payment_submitted → payment_succeeded order with drop-off rates, plus per-product breakdown and per-flow split (inline vs. redirect).

Articles for non-English locales now reference the actual local legal framework (eIDAS, RGPD, BGB, Codice Civile, KEP, 電子署名法) instead of US-only terms. Geo-locked topics (HIPAA, IRS Form 8879, ABA Model Rules) are blocked from generating in non-US locales.

Posts that were just translations of US-specific topics into FR/IT/PT/NL/PL/TR/JA were deleted. The 6 posts with organic traffic now permanently redirect to the locale blog index so search-engine visitors land on something useful.

Stripe Node SDK bumped from v21 to v22, plus 23 other dependency updates including Next 16.2.4, React 19.2.5, Prisma 7.8, lucide-react 1.14, next-intl 4.11, zod 4.4 — keeps payment processing on the latest secure baseline.

Custom events now fire across the upload → editor → payment → sign funnel so we can see where users drop off. Wired into Vercel Analytics and Microsoft Clarity for session replay.

Proper PWA manifest, theme color tokens for browser chrome, and Apple-specific metadata so the site behaves like a native install on iOS Safari "Add to Home Screen".

Hitting the browser back button after a Stripe redirect used to throw users into a broken state. Now it properly returns to the editor with the document still loaded.

Removed legacy "€1/document" claims from marketing pages — pricing now matches the actual credit-pack tiers (Single €1.49, Starter €4.90, Popular €9.90, Business €24.90, Pro €15/mo).

Buy credits in bundles: Single (€1.49), Starter (€4.90 with +1 bonus), Popular (€9.90 with +5 bonus), Business (€24.90 with +15 bonus), or Pro at €15/month for unlimited use. Bonus credits highlighted in green throughout the UI.

Magic-link login via email (no passwords). Personal dashboard shows your documents, credit balance, and credit history. Guest documents created before signup get migrated to your account on first login.

No more redirect to Stripe Checkout. Card form is embedded directly on the payment page so you stay in context. Single pack pre-selected for one-click purchases.

Each account has a 6-character referral code. Invite a friend and you both get a free credit when they sign up. Email notification when someone redeems your link.

Disposable email domains blocked at signup (~100 domains covered). IP rate limit: max 3 bonus-credit signups per IP per 24h. Browser fingerprint plus signup-fingerprint persistence prevent bonus farming via account deletion + re-registration.

New header with avatar dropdown (Settings / Feedback / Logout) and a credit badge that turns mint when you have credits, gray when at zero. Click the badge to jump straight to your settings.

Trust badges (SSL, eIDAS, GDPR), social proof on the homepage, exit-intent popup with discount, and a sticky blog CTA bar that follows you while reading articles.

Status, page counter, page tabs and the action button are now combined into one header on top of the document. Page tabs are numbered and show a pen icon for unsigned pages, a check for signed ones — colored to match each signer.

Native pinch gesture support plus dedicated zoom controls underneath the document. Touch targets for navigation arrows enlarged for fingers.

Same navigation pattern whether the document is a contract, uploaded PDF, text, or image. Reduces cognitive load and code surface.

Visible loading state during the signing API call — no more wondering if the click was registered.

Documents with at least one signature but not all show as "Partially signed" in the dashboard, with a clear count of remaining signers.