teatwo on Nostr: How about this one? ...
How about this one?
It's outside your original question as it assumes it will be stolen, and also it's "long-term" vision, and also i think the applications should mainly do it to ensure the variety of recovery method, remote agency service, etc.
quoting note1wwf…fx4kIDEAL
- ONE npub with TWO nsec
- As usual by "1 of 2", you sign with one nsec
- another nsec is for recovery, in case you need to revoke the usual nesc
- replace the revoked key to new key keeping1 of 2
- you will sign with new one nec and others keep to verify with the same npub
So you get the key rotation without monitoring revoke list.
It's outside your original question as it assumes it will be stolen, and also it's "long-term" vision, and also i think the applications should mainly do it to ensure the variety of recovery method, remote agency service, etc.