Tony D’Addeo
@deodad
this is right and will add some more color: - warplet isn't directly recoverable via email, it's recoverable with a proof from the custody account of an FID - Farcaster accounts have their own recovery mechanism built that lets you designate another Ethereum account that can recover the FID - if you sign up via Warpcast the default recovery address for your Farcaster account is one controlled by Warpcast - Warpcast will approve a recovery of your Farcaster account if can you prove control of the email you signed up with - since email compromise happens, we have an Advanced Protection mode that let's you setup MFA so that in order to recover your account you need to prove both control of email + code from an authenticator app - we recommend everyone, especially those holding lots of funds in their warplet, to turn on Advanced Protection in settings https://x.com/bleuonbase/status/1895474554233036981?s=46
2 replies
4 recasts
17 reactions
Tony D’Addeo
@deodad
to summarize: - Warplet recoverable by Farcaster account - Farcaster account recoverable by Warpcast (you are also free to setup an alternative recovery address, for instance, another EOA you have or some other hosted service) - Warpcast uses email and optionally MFA to approve recovery - thus Warplet is recoverable via email
0 reply
0 recast
7 reactions
Mikado
@mikadoe.eth
Don't authenticator apps use email as well? if someone's email is compromised don't they have access to the authenticator app as well?
1 reply
0 recast
1 reaction
