I agree, NIP-46 needs to be more solid. Talking about that I probably just found a bug that break the signer when only one realy is unreachable. This probably caused the bug with Coracle you are talking about.
NIP-07 offers a good experience, but unfortunately no one use extensions. NIP-55 is a really good solution, but it's not so immediate and works only for mobile apps.
If NIP-46 can be made more reliable, I am ALL FOR this onboarding flow. In fact. I would present the remote signing bunker string as, "This is how you log into Nostr apps. No email or password needed. Just keep this in a password manager and paste it into any compatible client. They will have it listed as signing in using a "bunker." Here's a list of clients:..." Then just give the nsec as a way to recover the bunker if it is compromised. Done.
This quorum of FROST signers is very interesting indeed! No single point of failure. However, it is still a relatively small group needed to collude, and I assume you need their cooperation to retire a bunker string, right? So if they DID collude, it would be no different from your nsec being compromised.
> I would present the remote signing bunker string as, ...
This is the plan!
> So if they DID collude, ...
In the future we will have a wider range of signers, and users will be able to choose their signer in an advanced wizard tab, so that risk is really minimized. A signer is a really simple and lightweight process, it can be hosted on a phone too, so maybe you can choose friend's or familiy's signers, too.
It's like Fedimint, but for your Nostr signing... Sure, it's not self-custody, but it's still a massive improvement over the status quo of a single entity owning your identity. All for it! Especially since those of us who want 100% control of our keys can still do so.
