Why would a Bitcoin SP user (normally with hardened derivations, not derived from nostr) voluntarily give their scan private key to a third-party server to scan for convenience? Wouldn't that defeat the whole point of Bitcoin SP as that third-party now has full view of what I'm receiving forever?