Here's a breakdown of how it works from a user perspective:

1. The user creates a username (within the unique domain) and sends a transaction to create their Keychain account. This also creates a single verified "key" linked to the wallet that signed the transaction.

2. Using the same wallet, the user inputs another wallet address (wallet#2) to be added to the Keychain. This sends a transaction which adds an unverified key to the Keychain.

3. The user then switches to their second wallet (wallet#2) and sends a transaction to the Keychain, verifying ownership of the second key. At this point, it is safe for anyone to assume that the owner of key#1 (wallet#1) is also the owner of key#2.