Would be curious what @aman @scharf think happened with the Kevin Rose hack?

making data useful with AI. Previously built @stelo to keep you safe from phishing 
benscharfstein.twitter
https://nf.td/ben

co-founder stelo.com. theoretical cs phd dropout. into math, music, ml, macro, markets, surfing, writing amandhesi.net

Would be curious what @aman @scharf think happened with the Kevin Rose hack?

https://twitter.com/0xquit/status/1618335012176400384?s=46&t=EDpYmItVCL0dWiilP6A4TA

There is this process with webauthn where the keys are unique to the domain and the domain is checked by the client to confirm there is no MITM. Due to the single key, single account design of Ethereum (aware there is nuance and new developments, speaking to norms), it falls prey to these kinds of attacks.