I like the idea of revokable subkeys. You could use a shared cloud custodial login service for the subkey but keep the root offline or backed up. That way you could get easy login without giving up control.
Potentially you could inscribe controls over what a subkey could or couldn’t do. Which would be interesting.
nostr:note1n8tslzwrwqkl3msf7d6xhkjz6ll9pxfjz4v0cmdw47w3glj2tessv4qpk0
Interesting. So I could hire someone PR to run my nostr and keep my keys?
Complexity is how the proposals so far have failed. My suggestion is to make subkeys like sessions: equivalent, but revokable. You can login to as many apps as you want, and if one of them goes sideways, you revoke its key. You never lose your identity because you only use it to make new subkeys, and the implementation of clients and relays is straightforward.
I also would like it, but:
I'm not totally against it, but its comlexity could actually kill the protocol.
Probably the solution is a NIP-46, using a FROST to create multi-signature bunkers.
