I guess the use case for if you leaked your nsec?

why?

I don't think it's relevant for appstores. To "delete" an account clients can just trash the nsec, to remove content we have NIP-05.

Only if I get to compute each signature by hand

I think just locally deleting the privkey is enough; that's why damus added that thing that mangles your kind:0 and other stuff iirc

now more seriously, I understand the need, I just think it's too big of a footgun and that at least it should require a lot of PoW or a NIP-70 + an OTA so the person with the privkey must be the one sending it and the event is only valid for some time; I don't know, something like that that reduces the effect of the event

You mean "it's *not* enought", right? Probably you are right.

A 24h (or more) delay in the execution and a undo event is what is needed, imo.

yes, that's what I meant -- "it's not enough"

Interesting discussion. How do you square Nostr's censorship resistance with this apparent "right" to vanish? As mentioned in the thread, there is a risk here of a malicious client nuking all your posts. But isn't a bigger danger that it could be coerced, e.g. by a state actor? View quoted note →