> Are trivially cloned keys a risk we're willing to take?
The point is that for my passkey stored on my device, I should be the one who gets to answer those questions.