A wallet guarded by a password is a wallet guarded by a phishing page. WebAuthn moves the secret into the platform authenticator — Touch ID, Windows Hello, a security key — where it can't be typed into the wrong box.

Why WebAuthn fits a wallet

The credential is bound to the origin and lives in hardware. There's nothing to reuse, nothing to leak.

  1. Register the authenticator once, tied to the extension origin
  2. Gate every unlock behind a biometric assertion
  3. Derive the Protection Encryption Key only after a successful assertion

Auto-lock

The session is a short-lived grant. After inactivity the worker discards the key and the next action re-prompts the biometric.

> Convenience and safety aren't opposites here — a fingerprint is faster than a password and harder to steal.

The whole flow lives in the service worker, so there's a single choke point for auth decisions.