I am thinking about creating the concept of a “cpub” or child public key of a root npub. The idea is that the cpub can be provably traced back to a npub. I can have as many cpubs as I want, that map back to the same ‘identity’. If a cpub keypair gets compromised, I can publish an event that invalidates that cpub.

As for clients, when they see what is a cpub, they can resolve back to the root npub and present that identity instead.

The driving requirement is to have a protected root npub that corresponds to my identity; it is high-value so I only want to sign with it when absolutely necessary - keeping it on a hardware signer device.

Any comments on this approach?