I still think Nostr will eventually be the go-to.
isn't it exclusively inhabited by bitcoiners? and relies on never leaking your private key, with no recourse for key rotation? or am I out of date
We had NIP-26 Delegated Event Signing, so you could set up multiple private keys with short expiration times delegated from a root key, then if one of the delegated keys was leaked you could just wait for it to expire.
This ended up being considered a bad idea as clients that supported it would have to display any notes as if they were sent from the root key, and clients that didn't support it wouldn't be able to keep track of anyone using delegation.