Cool, you guys already implemented it!

It's a proof-of-concept, not a proper implementation. But it's pushing things in the right direction, as opposed to on-chain zaps.

So as far as I understand this. "Nostr" protocol aside. The secret key holder (as usual) is the one that must derive the receiving address correct? So the receiver must have some service "online" for the sender to request like we do with LNUL. The rest is communication ceremony. We should be able to keep it away from the nsec even further though right? I don't see any reason to have it constantly local to the nsec (part of the bunker). Could we consider a system that offers a simple http endpoint that responds with a fresh address. We already have lnurl servers running we could make this work also. Has a different surface area but needs no access to any secret keys, no encryption no leakage etc.