I'm implementing the actual nip05 verification (it's not really verifying currently), and there's two ways to deal with "root" domain users. this is what my follows with nip05 have: 
Discussion
some are not using the _@, and just expect the client to interpret what they mean because branle does that
branle also uses _@ for NIP05 (it just obscures the _@ when displaying the name to the user). for example the astral.ninja account uses _@astral.ninja
I'm leaning towards requiring "_@"