RFC on a new custodial signer I'm building. Highlights:

- Designed to be used with a single app rather than following the user around.

- Has email-based registration/reset workflows.

- Provides a signer/relay combo, reducing nip46 latency.

- Encourages users to "eject", which sends them an email with their ncryptsec, and deletes their account from the database.

The goal is to limit incentives for attackers to steal keys. The keys are only used for a single application, only keys for that application are stored, and the application eagerly deletes keys from the database. Keys are encrypted at rest.

Here's a demo video: