Yes, it is one of the biggest weaknesses in Casa's design: too much trust is required for the Casa app, particularly the mobile key generated by the Casa app.

What's ironic is that they've somehow turned this weakness into a feature: leveraging the mobile key for an "easy-to-use" inheritance protocol. An aspect that used to require trust, now would require even more trust. What Casa should have done, is to address the weakness of the mobile key head-on, instead of building more features on top of it.

IMO the design is not safe for long-term savings.

I wrote a full review of Casa's inheritance protocol here: https://nunchuk.io/blog/casa