Yes, for sure. It's the only way to really do it.
Discussion
Could it be as simple as a key recovery event where the current nsec signs a recovery npub and the recovery nsec countersigns the current npub. The general idea is to show that the user had control of both keys. If the current nsec is compromised a recovery event is published by the recovery nsec which then makes it the current npub.
Yes, that works
Then just traverse the events for the latest and greatest key. It means that you need to be super-careful about your recovery key because then you are really screwed.
Yes, but in such a framework, where you can traverse the events, there can be more than one recovery strategy. The important thing is the open framework that lets you verify and prove a chain of events. The mechanism (which is what people are focusing on right now) of recovery key does not need to be set in stone. For example master key and subkeys like GPG uses, can fit in the same framework. The harder part is getting people to agree.
Agree. It’s all about a verifiable chain of events. I am also wondering if you could put in the event a nip05 name that could serve as a recovery service?