Why would you not be able to trust the other keys, particularly if they are keys that you know / follow / interact with?
Discussion
Exactly. If we presume Alice’s nsec is the only one compromised, and if she discovers the problem quickly and if she tells her close associates of the problem, and if a handful of them get the word out quickly using their uncompromised nsecs, then we have a relatively effective solution that can be implemented rapidly. Over time the new nsec would rebuild the old connections, but there’s no need for that to happen overnight.
Because if a big client gets compromised there will be many compromised nsecs.
The WoT solution I described will be useful (once we have a healthy WoT system in nostr) in the typical scenario where an individual nsec gets compromised. If everyone’s nsec gets compromised at once, yeah, that would be a catastrophic failure. Which is why I don’t describe WoT as the one and only solution to this problem. Scenarios like yours are why we don’t hand over our nsecs directly to apps. We use various tools and strategies to minimize our exposure.