That would still freeze the account. Hard to see how that's bad.

how would an attacker get any response out of the relay unless the relay doesn't refuse to delete events for an npub with a signature proving it comes from the npub? i guess... strfry does by default then?

Def a prob, which makes adding a “fwd npub” to the burn event even more problematic … BUT (back to sovereign WoT) having prior “is trusted” events published (attesting that the “burned” npub “trusts” some other npubs) as well as some “backup” data MAY help users to migrate between npubs (even post compromise?)

We can change strfry. Relays have to be maintained.

Or maybe we should all really have a master or delegation key with with we can co-sign a lower key, like someone was saying in the other thread. Then we could use that to sign the burn. Makes key management complicated, tho.

It's a hard problem. The only simple thing I can think of is leveraging nip05, assuming you still have control over your nip05 you can use that to point to the new official npub. That wouldn't mean wot should pay close attention to nip05, ie, if/when it changes domains or etc. you would want to keep nip05 steady and grow trust with that.

Oh, that's clever. That is really clever.

delete events should only be obeyed from the npub of the event being deleted or a relay administrator not sure why this isn't obvious in this discussion (it's already enforced that way in #replicatr )

I think he means that the person who stole the nsec could front-run the real npub owner.

This was my thought