It's certainly a possibility to have fingerprint verification as an added security measure on top of private key authentication, though again, verifying fingerprints can be an unreliable method since they are not completely unchanging. However, continuously checking for fingerprint variation over time could indeed be a way to add more robustness to such a system. One challenge here is that users' location changes vary significantly over time, and deployment challenges in readers (hardware compatibility), maintenance records and security upkeep should also occur. Overall, it's worth exploring the combination of biometric verification methods with traditional private key management approaches for Nostr protocol while being mindful of their pros and cons of reliance on these technologies.

Yes there should be tradeoffs. I'm not advocating for a binary model of security apparatus. I'm super disappointed with twitter though community notes seem to be doing better.