One solution (not the only solution) will be web of trust.
If my WoT tells me that Alice’s nsec got compromised on such and such a date, and her new nsec is whatever, then my apps will curate content accordingly. My WoT will do a good job because she’ll tell as many of her close associates as it takes to get the word out, and my WoT will have established previously who are her close associates.
This is very doable.
The problem is in such an attack you can't also trust the other keys anymore that claim that this is new key. Plus the fact that the new key would start at zero. People actively have to connect again etc.
Why would you not be able to trust the other keys, particularly if they are keys that you know / follow / interact with?
Exactly. If we presume Alice’s nsec is the only one compromised, and if she discovers the problem quickly and if she tells her close associates of the problem, and if a handful of them get the word out quickly using their uncompromised nsecs, then we have a relatively effective solution that can be implemented rapidly. Over time the new nsec would rebuild the old connections, but there’s no need for that to happen overnight.
Because if a big client gets compromised there will be many compromised nsecs.
The WoT solution I described will be useful (once we have a healthy WoT system in nostr) in the typical scenario where an individual nsec gets compromised. If everyone’s nsec gets compromised at once, yeah, that would be a catastrophic failure. Which is why I don’t describe WoT as the one and only solution to this problem. Scenarios like yours are why we don’t hand over our nsecs directly to apps. We use various tools and strategies to minimize our exposure.
