Revokable subkeys will be a need for sure. It’s a matter of time until a bad client (intentionally or not) leaks a bunch of nsecs.

The dual stack approach sounds reasonable, but could also demand a lot from devs, when there are still few clients that reached maturity.

I think the path forward would be to have a prototype client with this dual stack approach, to learn how to do it as painlessly as possible. It would also give time for more clients to stabilize before they need to think about this.

But obviously, that will require someone’s time.

Focusing too much on which breaking changes to adopt would make it a harder and longer discussion than what the upgrade approach should be, assuming people agree that breaking changes will at some point be required. nostr:note1ms89ppa3pmtk9atl8zfrt5ejjnnhd79ydzaydjrmwfpzqz4umfvsf2xadr