I agree that delegation to other generic entities is not crucial, but a way to rotate/invalidate keys seems essential, isn't?
What I worry is that when onboarding will increase, malware and scammers will follow: and a compromised key entails the loss of considerable value, and can also bring damage if the attacker uses it for malicious purposes. Such a situation would immediately drive the user away and create bad publicity for Nostr.
The only mitigating alternative I see, without touching the protocol, is for NIP-46 to impose itself and become the recognised standard, and *all* clients to use it by eliminating login via nsec.