Technically the FIDO device ("USB key") doesn't get told the domain name. The browser throws it into a compression function with the random values and a bunch of other stuff to compute a value the server also will be able to calculate for itself. Your key has no idea what facebook.com is, doesn't care.
The FIDO device is impressively dumb on purpose, makes it hard to attack. Given an input and a hardware user interaction it responds, cheap ones aren't storing anything or doing any conditional work, and the interaction means you can't do any sort of brute force attack - if you somehow RCE the browser and prompt the user "please press the button a million times" they're going to report that as a bug and close the browser.
The FIDO device is impressively dumb on purpose, makes it hard to attack. Given an input and a hardware user interaction it responds, cheap ones aren't storing anything or doing any conditional work, and the interaction means you can't do any sort of brute force attack - if you somehow RCE the browser and prompt the user "please press the button a million times" they're going to report that as a bug and close the browser.