This is the point I was trying to make. One single point of reking is my problem. You're essentially describing a multisig type scenario or 2FA. I'm not sure exactly what to compare it to because it seems somewhat novel to me.

Maybe have a recovery key that never goes online that generates a private signing key that is used in a hot way, but that can be used to generate an entirely new signing key while simultaneously invalidating the other.

Removing the damage caused during the reking is an entirely different issue, but at least people won't just have entire identies rugged for services with no ability to recover.

Imagine the fallout of never being able to regain access at all. Much more damage could be done (scams, reputational damage, trolling, etc).

Of course, this still requires absolute offline security of the recovery seed or whatever, but that is more inline with the training and systems we already have in place for Bitcoin. We could simply extend functionality of hardware wallets to Nostr.