Content pfp
Content
@
0 reply
0 recast
0 reaction

will pfp
will
@w
out of curiosity, why is user verification not required for webauthn? https://github.com/daimo-eth/daimo/blob/master/packages/contract/src/DaimoVerifier.sol#L66
1 reply
0 recast
2 reactions

✳️ nibnalin on daimo pfp
✳️ nibnalin on daimo
@nibnalin.eth
The flag is poorly named in the WebAuthn spec — it means Daimo accounts allow for whatever policy the Webauthn authenticator enforces (your password manager like iCloud or GPM) instead of its own. This lets the user pick their own password manager (which may choose to enforce security as it prefers). See the UV webauthn flag — https://github.com/daimo-eth/p256-verifier/blob/master/src/WebAuthn.sol#L53
1 reply
0 recast
10 reactions

will pfp
will
@w
makes sense, thank you
0 reply
0 recast
0 reaction