Yes I had a similar idea along time ago / a bit after i join nostr, but what i was trying to achieve the past week was, from the looks of it, was an impossibility (until i or someone else figures out a workaround solution somehow). What can be done: Parent npub > hardened(child-0) Parent npub says to the world 'I authorize this random npub to represent me' The parent knows that the child actually came (derived) from them, but because it is hardened, the public can never confirm this, as such, to the public, they view this as a 'random npub'. Can the public verify that a child came from a parent? Yes, if the child isn't hardened, however, as a result, if the child private key leaks, then the parent private key also leaks, defeating point of this whole thing. The problem that I couldn't solve: Can the public verify that a child came from a parent, without risking the parent private key? Unfortunately the answer after trying was: no. I've hit the wall same as everyone else and couldn't figure out a workaround.

Why is it necessary to prove that a child comes from a parent? What are the benefits?