A wallet guarded by a password is a wallet guarded by a phishing page. WebAuthn moves the secret into the platform authenticator — Touch ID, Windows Hello, a security key — where it can't be typed into the wrong box.
Why WebAuthn fits a wallet
The credential is bound to the origin and lives in hardware. There's nothing to reuse, nothing to leak.
- Register the authenticator once, tied to the extension origin
- Gate every unlock behind a biometric assertion
- Derive the Protection Encryption Key only after a successful assertion
Auto-lock
The session is a short-lived grant. After inactivity the worker discards the key and the next action re-prompts the biometric.
> Convenience and safety aren't opposites here — a fingerprint is faster than a password and harder to steal.
The whole flow lives in the service worker, so there's a single choke point for auth decisions.