This exact problem has been solved by email and PGP about 30 years ago. Basically you generate a master key from which you derive service keys that you can eventually announce (using the master key signature) that they should no longer be trusted at some point. This reduces exposure since only service keys are defacto used on NOSTR applications while the master key is ever so rarely used for retiring older service keys and announce a new one for that user.