Happy to be in a meritocracy. Since you’re into name calling, muting you.

Watching this while having morning coffee.

Good morning.

nostr:note1jrt4jj3z9ualzyhmg7p86yc8eq87ka94heekmlrm7qn3g35pwf4sznws2g

The first mistake is thinking this is essential.

I agree that delegation to other generic entities is not crucial, but a way to rotate/invalidate keys seems essential, isn't?

What I worry is that when onboarding will increase, malware and scammers will follow: and a compromised key entails the loss of considerable value, and can also bring damage if the attacker uses it for malicious purposes. Such a situation would immediately drive the user away and create bad publicity for Nostr.

The only mitigating alternative I see, without touching the protocol, is for NIP-46 to impose itself and become the recognised standard, and *all* clients to use it by eliminating login via nsec.