You are asking for a smart contract to be created.
And we don't have the structure built for it. Not that we couldn't.
So, how would you do the logic?
If the person receives the paper, and starts their account, everything is fine.
(except for the when. When does the money leave the donating account?)
If the person doesn't start an account (for whatever reason, like the paper being lost, eatten by a dog, forgotten...) then what do you do with the money? When do you decide that the number is no longer valid? If you took the money out of the account, the money then has to be returned, once and only once. (which is a programming pain in the ass)
If someone steals the nonce, what do you do?
The same as, if someone tries to use the nonce twice?
There are just a lot of places where they hand over fails. And every potential break in the logic has to be taken care of in code. Remember, there is nobody at 1-800-steemit that can help you get your nonce / steem back.
I guess it kind of depends on the definition of smart contracts. I'd say the Steem platform could possibly be viewed as a collection of smart contracts already, so this would be an addition to them.
When the existing Steem account holder buys the token, their Steem is transferred to the holding account, and when the token is redeemed the logic looks up token a hash of the token in the blockchain, debits the holding account, and credits the new account with the same amount. If I knew C++, I'd have a go at implementation, but having looked at the steemd code, it'd take me too long to figure out.
As I say, if after 28 days the token isn't redeemed, the funds are returned to the account that purchased the token. Yes, if it's stolen, it's no better than cash.
I say 3 months. Some people are slow. Think of it as a regular gift card. Sometimes we just don't get around to using it.