I was just thinking about how NIP-05 is largely useless for most people, but then was thinking about how that is largely because people don't do anything with it other than stick it in the KIND-0 profile.
In the event of an nsec compromise, it would be useful *prior* to that happening to sign a KIND-1 note stating what your NIP-05 identifier/domain is. That way if/when your nsec is compromised, you can successfully migrate to a new nsec/npub and refer to that note stating what your true NIP-05 identifier is that can't be forged because if was signed with your old nsec.
If your nsec is compromised, the attacker can overwrite what your NIP-05 is in your profile, since relays generally only keep the latest KIND-0 event. But you'll still always be able to refer to that note you signed prior to your nsec compromised since it can't be forged.
So yes, NIP-05 can be very valuable in this instance. I urge you all to pre-emptively publish a note stating what your NIP-05 indentifier is so that you can refer to its immutability should you ever need to in the future.
View quoted note β