1/ 🚀 By popular demand, here's the getting started guide on passkeys! Learn what they are, their benefits, and usage—including their relation to web3 and embedded wallets. 🧵👇

Building dynamic.xyz | @dynamic | Craft magical onchain sign up experiences  - embedded wallets, login, user mgnt, authz and more | Demo: demo.dynamic.xyz

Good stuff! One part that’s worth mentioning is that wallets that rely in the API/Server model to authenticate wallets via Passkeys might be at risk of being “denied” access, even if only them can access the wallet.

EIP-7212 is promising but there are already implementations that could use it, just not with AA

True to some extent. If I use the P256 verifier contract built by the @daimo team as means to control a wallet, there’s no way to “deny” signatures for that wallet. Also, Lit Protocol supposedly will be decentralized and thus can be used as a “permission-less” KMS.

But yes, most MPC solutions have this flaw.

True, but I would argue that is true for pretty much any embedded wallet approach. That is, in a 2:2 MPC approach (Fireblocks, Coinbase WaaS etc) a share is held on a server, and technically the server can "deny" access to the share, and hence signing.