Really cool!

Feature request, rather than decrypting the key with the password, it should be like a seed passphrase. It would allow you to have deniability, with a decoy profile in case authorities force you to decrypt that NFC tag.

With NIP-49 it is possible for authorities to know you gave them a wrong password (or the data on the NFC tag is corrupted). But a wrong passphrase will just lead you to a another nsec, where you can put some decoy notes.