Offline key signs messages about what other keys can represent it

Those other keys go in your clients

If one gets compromised, master key signs a revocation and merkle tree of pre-revocation signatures