Let's say a user logs in using a 1/1 flow (say Google login via Auth Network).
Once the user is logged in, is the private key stored in the session?
If not, what allows signatures to be performed?
If so, what are the possible attack vectors and how best to protect users?
Originally posted by: RonanKMcGovern
Check the discussion at: https://github.com/orgs/Web3Auth/discussions/1295