I mean yeah, if you use 2FA and both phone and computer are just one factor on their own, then a compromised phone does not matter. So my question is, how about the mentioned scenario - to me it seems that just compromising the phone would compromise the whole, but maybe I misunderstood.