You should do a Signer app. There is no need to self-host a signer. :)
Discussion
Signer apps miss the point entirely, its team members and external services need an access controller... Large companies and brands can't bring their value to nostr otherwise
Ohhh ok, yeah that makes sense for companies but not really for regular users.
Dual use, regular users just want email/passkey auth and it can do that too
Not really. In 2 years and 200K installs no one has ever asked me for user+password logins.
Bias selection, How many didn't use it at all? or simply lose their keys eventually? not return? not use nostr cross-device?
Nostr is still irrelevant, the status quo is nothing to celebrate
How many users do you have?
Single key is always better
What's a user? A unique key? An "install"? Visitor? Payment?
The only correct answer is not enough.
The only KPI is revenue
Sure... But I am trying to understand what is making you think that users want email+password sign up. It would be nice if you have users (not companies) that are using the service with user and password to make your point.
Otherwise, it's just wishful thinking.
If I was you, I would focus entirely on corporate accounts. Those are the only people that must keep their nsecs online.
I'm focused on people that have no idea what nostr is and/or don't care, that's the 99.9% of people/companies on the internet not using it.
They don't necessarily want email/passkeys, but they expect it. They can't benefit from Nostr until they're met where they are.
The expectation makes sense and I think the product for companies also makes sense. I think it makes way less sense for single users.
But I look forward to seeing how well your thesis does with real users.