NIP-46 is the best option for delegation, in my opinion, because you can have a lot of control over exactly what event kinds the NIP-46 provider may automatically sign, automatically reject, or ask every time for, whereas an actual private key that has been authorized to sign on behalf of a mastwr key would need a note somewhere on the relays indicating not only that the delegated key can sign on behalf of the master key, but what sorts of event kinds it is permitted to sign for. That's not to mention the immense amount of complexity key delegation would add to Nostr. I provided some links to dev discussion of the issue and why it atill hasn't become a thing on Nostr here:

thanks for all the info in one place!!!

Note also that delegation and rotation are related but different issues. We can't really have rotation without being able to delegate a different key as an authorized "representative" of the master key. The master key would then be kept cold and only be used to sign for revoking previously delegated keys and delegating new ones, which would be what we mean by key rotation. However, delegation can also refer to delegating another person's key to be able to sign on behalf of a master key. In the key delegation for the purpose of rotation scenario, you don't really need to care what permissions that key has, because the owner of the master key and the delegated key are the same. However, in the situation where you want an employee's key to be able to sign on behalf of their employer, you almost certainly need to care about what specific permissions that delegated key has. Both issues add a lot of complexity to Nostr, though the latter even more than the former, and would break every client that currently exists.

thanks for the great info again. i figured they weren't precisely the same, but figured the resources you linked there would be of interest.