I am not really sure about building inbuilt authentication because it defeats the purpose.

I think we need a overall better authentication mechanism on nostr. You should be able to create secondary keys with limited permissions.