How are passkeys actually working? I vaguely understand that your device has a private key that never leaves the device and it generates one time token for access to websites. Does it need verification with centralized server? Would it work for generating npubs and/or signing events?

https://youtu.be/SSbShKDvwUM?si=xHquikUXcTnDsgRk #passkey