pull down to refresh

which shouldn't even be required when one has the admin_key, right??
Yes, but we store the admin key in your browser and the invoice key on the server since that's where we coordinate autowithdrawals and p2p zaps. We don't want to store spending permissions on the server so we need something restricted to receives for the server.