I imagined a bit different, app-custody account is dapp’s and created for user as a sandbox, later when I have my account, then I can move stuff from there (with authaccount capability)
Technically I can add my own key and remove dapp’s key from the account too. ( if I am adventurous )