Sooo not sure if this input helps but I've always wondered why we can't create revocation keys or add expirations to the nsec for this exact reason. I like the notify of new key proposal but if we already have a workflow that works for gpg keys, then why not adopt it?