I’m writing this post because yesterday I realized that the private key between no2FA and the same email address but with (now mandatory) 2FA is changing.
IMHO, this makes difficult (if not impossible) the use of web3auth in any app, because the noncryptonative user will lose all their assets from one login to another.
It seems that updating to the new version is aparently fixed. I have a couple of questions regarding this past issue:
How much probably is that web3auth updates the modal-SDK and kept attraped into a old version that be mandatory use a 2FA and change the private key again?
Let’s imagine this scenario: I login sucessfully into 0xe0b270898926915Be4734daAB128008BaE935c10 and transfer 1 NFT. Then I login again and set a 2FA changing to 0x9EcE75dCBB6981853dCa168BfdbE94313328cc6a, I lost my NFT but… once the 2FA setted, is there any way to recover the first address and recover my NFT? A type of “remove/forget” 2FA?
I understand that change the pk is because oauth token changes, but… would there be any way to maintain it with and without 2FA? It’s a little dangerous IMO.