Yes, a terrible decision - but still a decision left up to any developer in a similar position - which, with the trend to WASMify things may well happen again in other projects, until it's better addressed at the source.
Honestly, it's so bad it makes me wonder if a bad actor could have had influence over such a decision in this case. Reports of Trust Wallet accounts being randomly pilfered without some plausible other cause might go some way to figuring that out.
