Key delegation: the ability to allow subkeys to speak on behalf of the main key with flexible revocation controls to protect the main key when subkeys leak.
Discussion
That would be a token system like oauth2 - but who's the central auth provider in a decentralized system. Could extend the relays to act as witnesses.
Exactly, there is no central auth. We don't even have a time chain to verify that some things came after other things which oauth just assumes it exists.